Helping Smart Home Manufacturers Meet IoT Security Regulations

A fragmented security landscape is making it harder for smart home device manufacturers to comply with various national certifications, each with its own unique requirements and constantly evolving regulations. This challenge is compounded by consumers' demand for trust in the ever-growing number of connected devices they integrate into their lives. Amidst this complexity, how can device makers, decision-makers, and solution providers ensure adequate security and foster a global IoT market built on confidence?

Achieve Compliance with Global IoT Security Standards Through the IoT Device Security Specification 1.0

Recognizing the need for a simplified, unified approach, the Connectivity Standard Alliance is creating a unified IoT cybersecurity standard and certification program to bridge the gap between disparate cybersecurity standards through the IoT Device Security Specification 1.0. Built on 20 years of experience in consumer product validation and certification, the Product Security Working Group’s (PSWG) IoT Device Security Specification 1.0 will incorporate existing product security regulations in the US, EU, and Singapore to streamline the process for manufacturers, allowing them to achieve compliance with these regional standards through a single certification.

Consumers can identify certified products that meet a baseline security threshold by looking for the Product Security Verified Mark on the product packaging, in-store signage, or online platforms. This mark includes a URL, hyperlink, QR code, or a combination of these, which allows consumers to learn more about the device's security features. The Verified Mark serves as a reliable indicator of a secure IoT device, providing consumers with peace of mind./p>

Silicon Labs is proud to be a leader in the Alliance’s PSWG alongside more than 200 industry leaders working to ease manufacturers’ challenge of complying with global product security requirements. At Silicon Labs, we recognize that security is key to accelerating the adoption of the IoT. Silicon Labs is the world's first silicon innovator to achieve PSA Certified Level 3 certification. Secure Vault™, our industry-leading security suite, defends against both widespread software attacks and emerging hardware threats, thoroughly passing independent lab tests simulating real-world assaults.

Key attributes of our IoT security portfolio that comply with the PSWG’s IoT Device Security Specification 1.0 include:

• Secure Attestation: One of the biggest challenges for connected devices is post-deployment authentication. With Secure Attestation, devices create a device-unique private key and a secure device identity certificate, analogous to a birth certificate, during integrated circuit (IC) manufacturing. This enables post-deployment security and attestation-based health checks and guarantees the authenticity of the device before it onboards your smart-home network.
• Secure Key Storage: Secure Vault™ leverages Physically Unclonable Functions (PUFs) to create a unique, unclonable private key to wrap other private keys and store them securely in on-chip or off-chip memory. These keys are protected from both logical and physical attacks.
• Secure Boot: Our Root-of-Trust technology is used to authenticate the signature of firmware images during the booting sequence, guaranteeing only authorized and trusted software runs at startup. This eliminates the risk of malicious code infiltrating the system and ensures the device starts in a known, secure state.
• Secure Debug: This feature offers users the ability to lock access to the debug ports for operational security and to securely unlock them when access is required by an authorized entity, thereby protecting the device from illegal operations like interrogating the device, interfering with the operation of the device, or reprogramming the device.
• Secure Over-the-Air (OTA) Updates: To keep your devices protected after development, Secure Vault™ enables secure and reliable OTA updates. Updates are encrypted using a secure OTA key to ensure that the firmware upgrade image remains encrypted through the transit.
• TrustZone Technology: ARM TrustZone® technology TrustZone creates a layered, secure environment within the device, isolating critical, sensitive data and processes from the main operating system. Users can use this technology to add security by making it possible to store keys in secure memory or an encrypted form in non-secure memory.
• Dedicated PSIRT: Silicon Labs has a Product Security Incident Response Team (PSIRT) that proactively monitors for emerging threats and security vulnerabilities and promptly investigates, develops patches, and communicates necessary updates to ensure devices remain protected.
• Custom Part Manufacturing Service (CPMS): Securing an IoT device is a highly complicated and costly process. You must generate public and private keys for secure boot and secure debug, sign code with a private key, store all the private keys in a Hardware Security Module (HSM), place the public keys for secure boot and secure debug in one-time-programmable (OTP) memory, flip OTP bits for secure boot and secure debug, and flash the encrypted code and identity certificates within the hardware. CPMS streamlines the programming part of this process for you. Even the most advanced security features, certificates, and identities can be programmed in a secure, fast, and cost-efficient way at the Silicon Labs factories.

The latest announcements from the Connectivity Standard Alliance highlight the commitment of industry leaders to create effective regulations that protect consumers against emerging threats as technology advances. As technology evolves, the PSWG is also dedicated to continually improving the IoT Security Device Specification and its associated certification program. To learn more about joining the Alliance and obtaining certification, please visit the Connectivity Standards Alliance website.

Silicon Labs is committed to leading the way in IoT security. Our silicon, software, and solutions are integrated with the best-in-class security features from the very beginning so that our customers can have peace of mind knowing that their products are protected. Stay up to date with the latest in our IoT product security offerings here.