Swiss company U-Blox has announced the commercial launch of its IoT security-as-a-service offering on its Sara-R4 and Sara-R5 LTE-M cellular IoT modules.

This should make it easier to protect data from malicious third parties, both on the device and during transmission from the device to the cloud. Its out-of-the box, secure and cost effective onboarding process to leading cloud IoT platforms speeds up development, shortening time-to-market.

The offering is managed via the U-Blox Thingstream service delivery platform, optimised for low power wide area (LPWA) deployments that use resource-constrained IoT devices. By reducing data overhead and keeping the number of handshakes low, the service improves power consumption and extends the battery life, a critical metric for most IoT devices.

Central to the effectiveness is a symmetric key management system (KMS). Through it, a large number of crypto keys can be generated on the fly for each device, rather than having to rely on the storage and management of pre-shared keys, which can add to overall operational complexity and the power budget. Keys are tied to the hardware and can be triggered from either the module or from the server or cloud, eliminating the need to create, deliver and renew certificates, and bringing savings in terms of system cost, operational complexity and power consumption.

This also leverages the company’s Foundation security offering, which comprises elements that make Sara-R4 and Sara-R5 modules secure by design. These include a unique and immutable device identity that is tied to its root of trust (RoT), which forms the basis for a trusted set of security functionality, including a secure boot mechanism that ensures that the module can only run trusted software. In addition, the proprietary uFOTA feature enables authentication of over-the-air firmware updates.

Relevant use cases include:

• Asset tracking: Data authenticity is essential in such scenarios, as well as secure local storage of collected data and easy secure cloud onboarding. Because tracking devices are usually battery powered, they require extremely energy-efficient secure data transmission.
• Connected health: In this use case, patient confidentiality is paramount, with only authorised medical staff permitted to access sensitive data. This necessitates a high degree of protection against malware and data tampering.
• Industrial monitoring: These need to guarantee the integrity of real-time operational data to increase productivity, avoid downtime and assure the safety of the workforce.
• Building and home automation: Data confidentiality and authenticity need to be maintained, while allowing for data to be shared with trusted stakeholders without compromising customer privacy.
• Telematics: In this scenario, the main security risks include denial-of-service attacks, device cloning, jamming and so on.
• Smart metering: Here, the authenticity of data logged by remote metering units needs to be confirmed to protect billing and, once trusted communication is established, data transmission needs to be restricted to authorised servers.

“We implemented a true end-to-end concept that protects data from the device to the end user without making it visible to intermediate nodes or platforms, or to service providers,” said Giovanni Solito, senior product manager at U-Blox. “The modules’ symmetric KMS offers engineers a streamlined and scalable alternative to conventional public key infrastructure or pre-shared key arrangements. And with straightforward onboarding to all the popular cloud IoT platforms, efforts are not taken up by security concerns and operational complexities, but can be focused on speeding up time to market and growing business.”

U-Blox is headquartered in Thalwil, Switzerland, and has offices in Europe, Asia and the USA.