Microsoft Azure Smart Secured Nodes

We’ve removed the complexity from adding authentication and encryption capabilities with our CEC1702 IoT Development Kit which includes support for both DICE and Azure IoT Hub Device Provisioning Service (DPS). The architecture breaks up the boot process into layers and creates unique secrets along with a measure of integrity for each layer, automatically re-keying and protecting secrets if malware is present. One of the key benefits of using the secure boot features of the CEC1702 microcontroller (MCU) with the DICE standard is that it enables equipment manufacturers to create a chain of trust for multiple loads of firmware, which is especially important for customers concerned with authenticating system-critical commands, such as in applications like power plants or online server databases.

Easily incorporate security into designs with the CEC1702 IoT Development Kit, a Microsoft certified Azure IoT Starter Kit for fast development. The kit features:

• CEC1x02 development board with a Plug-in Module (PIM) that contains the CEC1702 MCU with integrated cryptography accelerators, saving code space and decreasing time to market
• Two headers compatible with Mikroelektronika’s extensive library of click boards™, allowing for flexible design requirements

• MikroElektronika Wi-Fi^® 7 click board, equipped with Microchip’s ATWINC1510-MR210PB IEEE 802.11 b/g/n/ module, optimized for low-power IoT applications
• Mikroelektronika THERMO 5 click board, which can measure temperatures across four channels with ranges from 0 to 127 degrees Celsius and an extended range of -64 to 191 degrees Celsius

The DICE standard enables manufacturers to use silicon gates to create device identification based in hardware, making security hardware part of the DNA of new devices from the ground up. Hardware Security Modules (HSMs) are the core security technology used to secure device identities and provide advanced functionality such as hardware-based device attestation and zero-touch provisioning.

The IoT Hub Device Provisioning Service (DPS) is a service for Azure IoT Hub that enables zero-touch, just-in-time provisioning to the IoT Hub without requiring human intervention.This allows customers to provision devices in a secure and scalable manner.

There are many provisioning scenarios in which the DPS is an excellent choice for getting devices connected and configured to Microsoft Azure IoT Hub, such as:

• Zero-touch provisioning to a single IoT solution at the factory (initial setup)
• Load balancing devices across multiple hubs
• Connecting devices to their owner’s IoT solution based on sales transaction data
• Connecting devices to a particular IoT solution depending on use-case (solution isolation)
• Connecting a device to the IoT hub with the lowest latency
• Re-provisioning based on a change in the device