Fido Alliance standard tackles IoT onboarding

  • May 5, 2021
  • Steve Rogerson

The Fido Alliance has launched an open IoT standard that enables devices to onboard simply and securely to cloud and on-premise management platforms.

The Fido Device Onboard (FDO) protocol addresses challenges of security, cost and complexity tied to IoT device deployment at scale.

The FDO specification for IoT was collaboratively developed to solve the problem of IoT security in onboarding. The specification has reached proposed standard status and is open and free to implement. Initially, the specification is targeted at industrial and commercial applications.

“The FDO standard builds on the alliance’s ongoing efforts to help close the security gaps that currently exist on the web, by expanding this work into IoT applications,” said Andrew Shikiar, executive director of the Fido Alliance. “Businesses recognise the huge potential of the IoT and the enormous benefits it can bring to manufacturing, retail, healthcare, transportation, logistics and more. The paradigm needs to shift immediately so we can move IoT technologies ahead with safer, stronger and more secure means of authentication for these important uses in industrial and commercial environments.”

FDO is an automated onboarding protocol for IoT devices, leveraging asymmetric public key cryptography to provide the IoT industry with a fast and secure way to onboard any device to any device management system.

Potential benefits from the FDO standard include:

  • Simplicity – Businesses no longer have to pay more for the lengthy and highly technical installation process than they do for the devices themselves. The automated FDO process can be carried out by people of any level of experience quickly and efficiently.
  • Flexibility – Businesses can decide which cloud platforms they want to onboard devices to at the point of installation, as opposed to manufacture. A single device SKU can be onboarded to any platform, thereby simplifying the device supply chain.
  • Security – FDO leverages an untrusted installer approach, which means the installer no longer needs – nor do they have access to – any sensitive infrastructure and access control information to add a device to a network.

“This is a major milestone that aims to solve one of today’s critical challenges with deploying IoT systems,” said Christine Boles, vice president of Intel’s IoT group. “The new FDO standard will help reduce cost, save time and improve security, all helping the IoT industry to expand rapidly. Implementation of the FDO standard will enable businesses to truly take advantage of the full IoT opportunity by replacing the current manual onboarding process with an automated, highly secure industry solution.”

FDO was developed through the work of the alliance’s IoT technical working group, led by co-chairs Richard Kerslake from Intel and Giridhar Mandyam of Qualcomm and vice chair Geof Cooper from Intel. Additional companies with specification editors including Arm, Amazon Web Services (AWS), Google and Microsoft.

“We are thrilled to see the Fido Alliance address such a critical piece of the IoT device lifecycle,” said Sam George, VP of IoT at Microsoft Azure. “Device onboarding through a standardised protocol like FDO simplifies device set-up by abstracting the underlying complexities of the hardware, which will accelerate the adoption of IoT in industry.”

Mohamed Awad, vice president at Arm, added: “As the IoT rapidly expands, the security of devices cannot be optional and a strong foundational root of trust is essential. The FDO specification will enable device makers to deploy, onboard and manage secure IoT devices faster at a lower cost, helping scale IoT across both industrial and consumer use cases.”

And Dave Kleidermacher, vice president at Google, said: “The work the Fido Alliance is doing to address phishing by closing security gaps on the web would not be possible without industry collaboration and standardisation. It’s a natural fit for the Fido Alliance to use these same tools to address the threats against IoT infrastructure. As a board member of the Fido Alliance since its earliest days, Google is proud to have contributed to this new standardisation effort to better secure IoT.”