This interview is part of an ongoing series VDC conducts with leading IoT and embedded technology providers to share views on their company, products, and state of the market.
Majid Bemanian, Director of Segment Marketing, Imagination Technologies
Majid Bemanian is Director of Segment Marketing for Imagination Technologies, responsible for driving the company’s strategic security initiatives and leading its market strategy for the networking and storage segments. He also co-chairs the prpl Foundation’s security working group, focused on developing open standards and APIs around next-generation embedded security solutions. He has more than 30 years of high-tech industry experience.
VDC: Embedded security is a critical issue today in preserving the (data) integrity of newly connected IoT devices, systems, and infrastructure. What new types of threats do OEMs and systems integrators need to account for while developing connected embedded solutions?
MB: Prior to the dawn of the IoT, many proprietary solutions operated in closed environments focused on specific sets of issues. Now just about every embedded product is becoming connected and able to download code and data, which in some cases, will be malicious or compromised.
OEMs and system integrators must consider the environment in which their products will operate and based on that, highlight the threat model and recommended measures against it. If we look at a connected lightbulb versus a heart monitor or pacemaker, we can see that they need different levels of protection given their relative criticality.
There are also differences between the likelihood of certain types of attacks depending on the type of product. In a smart home, a connected light bulb with motion sensors may not require protection against ‘physical attacks’ in comparison to a connected front door-lock system. However, the connected lightbulb may be susceptible to a cyber/network or side-channel attack. As a result, each product has a different attack profile, although there are common denominators of cryptography requirements.
Designing for specific threat models and potential attack vectors is an important system design consideration since each comes at a different implementation cost.
VDC: How is Imagination Technologies preparing itself to help its licensees face upcoming or future security threats?
MB: Security is the key to a successful IoT and smart society. Every day we hear about new, more sophisticated attacks perpetrated by a growing number of players. At the same time, we see an ever increasing number of connected things, so the attack surface area of each system continues to increase.
At Imagination we are focused on intersecting the consumers’ and operators’ security needs and helping drive the SoC requirements to address them. We are continuing to grow our portfolio of security offerings through continued technology development, and also in collaboration with our partners and customers. Collaboration among all players is a must to assure security continuity for these devices.
VDC: How are open-source, community-driven foundations such as prpl helping promote secure embedded systems engineering?
MB: With an eye on the IoT and smart society of the future, Imagination works in collaboration with industry leaders through the open source prpl Foundation (prplfoundation.org), to promote development of a comprehensive collection of open source APIs providing hardware-level security controls such as root of trust, secure boot, secure hypervisor and secure inter-VM communications, as well as end-to-end solution in enrollment, registration, Life-Cycle-Management (LCM) and End-of-Life (EOL.)
We believe that openness is key to securing embedded platforms. By open-sourcing the key APIs used to communicate among many components of the embedded system (both on-chip and off-chip), a more robust and expanded validation can be performed to help hash out critical areas where macro-blocks within the embedded platform communicate. An open approach to security offers the widest possible exposure across the IoT ecosystem to minimize security risks.
In addition to working with the prpl Foundation, we are also working with partners and other groups such as the IOTSF, Global Platform, and others to tackle the many critical facets of embedded security.
In part two of this blog, Majid will delve into the importance of hardware-based security and how security by separation is a critical first step to protecting IoT devices.