Key Facts:
  • Easily create secure connected devices with new development kit for Microsoft Azure
  • Simple and reliable DICE is implemented in security hardware during manufacture
  • DICE architecture automatically re-keys and protects unique secrets if malware is present
  • Enables manufacturers to create a chain of trust for multiple firmware loads
 
As the Internet of Things (IoT) accelerates and internet connectivity is deployed into virtually every industrial segment, security threats are escalating in quantity and scale. These threats can ruin the reputation of those attacked, impact company financials and allow intellectual property to be stolen or destroyed. While cryptography can be used to secure these connected nodes and the basis of the practice is understood, designers often do not know how to approach the implementation of such security. Microchip Technology Inc. today announced that its CEC1702 hardware cryptography-enabled microcontroller (MCU) now supports the Device Identity Composition Engine (DICE) security standard, providing a simple way to add fundamental security to embedded products. A new CEC1702 IoT development kit for Microsoft Azure IoT is also available, offering designers everything needed to easily incorporate the DICE security standard in their products.
 
Hackers have become increasingly sophisticated, making it imperative that system designers apply sound security principles in the development of their product. Developed and backed by industry experts from the Trusted Computing Group (TCG), DICE is a simple and reliable method that can be implemented in the hardware of security products during manufacturing. The architecture breaks up the boot process into layers and creates unique secrets along with a measure of integrity for each layer, automatically re-keying and protecting secrets if malware is present. One of the key benefits of using the secure boot features of the CEC1702 with the DICE standard is that it enables equipment manufacturers to create a chain of trust for multiple loads of firmware, which is especially important for customers concerned with authenticating system-critical commands, such as in applications like power plants or online server databases.