Infineon introduces updatable security for longer life of ICT systems and Industry 4.0

ICT systems and connected machines need special security measures that are robust in nature and stay in the same state for long and healthy life. Such systems also need to be strong enough for attacks for a longer period of time maintaining its worth through regular updates.

The joint ALESSIO project by Infineon aimed at assessment and researching of such updatable protection measures. The results of this project are soon to be presented at the VDMA Forum at SPS. SPS is one of the most known and leading trade fairs of the automation industry.

Infineon Technologies AG has led the research with various leading technical institutes like the Fraunhofer Institute for Applied and Integrated Security AISEC, the Technical University of Munich, WIBU-SYSTEMS AG, Siemens AG, and Giesecke⁺Devrient Mobile Security (GmbH). Together, they are all developing chip-based solutions as well as prototypes for embedded systems and connected computers.

The project is on-going from last three years and it received a funding of 3.9 million Euros from Germany’s Federal Ministry of Education and Research. It is slated to conclude on 31st December 2019.

Why is this needed?

New connectivities come with their own pros and cons. It is well known that every newly connected device can be an entryway for powerful cyberattacks. It can easily lead to leakage of sensitive information and data and misused for more attacks.

Such challenges mandate availability and inculcation of reliable security measures that cover both hardware and software. Softwares can be rectified or modified post-installation, it is not easy to manipulate security chips integrated with hardware. However, such security chips may get outdated with the passage of time. Specific arrangements need to be made to update these from time to time and keep things safe and secure from new attack methods.

The ALESSIO project partners were able to finally build updatable security solutions. This can be achieved from two different technical perspectives. One, the designers and users may either use chip-based secure elements with software capable of updates. Second, they can use an updatable secure element applied in programmable logic devices called Field-Programmable Gate Array (FPGAs). Hardware components can easily be updated securely during runtime under both these approaches.

Both of these approaches allow ICT networks and data related to security and efficient management over a long period of time.