Continuing from our last discussion, I will delve deeper into design methodologies for IoT devices.
To meet the growing demand for lower power consumption and smaller IoT devices, we’ve previously discussed the necessity of a low-power MCU and cellular modem in our 7th blog post. In our 8th blog, we explored using MCU-equipped security IP to enhance and accelerate TLS-encrypted communication.
When you’re aiming for mass production and widespread deployment of these systems, in quantities ranging from thousands to millions of units, it becomes essential to store data that can uniquely identify each unit. This could be in the MCU’s built-in flash memory or in external memory such as EEPROMs connected to the I2C bus.
However, inputting these data into each product individually, especially during large-scale production, would significantly increase factory operational costs. This presents a significant challenge. To tackle this, AWS has introduced ‘fleet provisioning’ as a feature of the MCU-installed OS (FreeRTOS), and Renesas has developed a reference implementation integrating this function.
Fleet Provisioning: https://www.freertos.org/iot-fleet-provisioning/index.html
Explanation Blog (Only Japanese available): https://aws.amazon.com/jp/blogs/news/manage-credential-with-fleet-provisioning-in-mass-production/
Renesas Reference Implementation: https://github.com/renesas/iot-reference-rx
We’re currently in the final phase of development, collaborating with AWS to collectively organize the code on GitHub, ensuring it’s user-friendly upon distribution.
The reference implementation functions seamlessly on standard Renesas boards like the RX72N Envision Kit and the CK-RX65N. Moreover, with the Smart Configurator, it can also operate on partner-manufactured boards or customer-developed boards.
The Fleet Provisioning function, which we’re introducing today, can greatly enhance production efficiency. The following figure illustrates these significant improvements.
Without Fleet Provisioning
The process of 「key injection to N individual」 is necessary.
This process involves injecting the unique key data or certificate data created for each MCU and is carried out on one MCU at a time. This adds a substantial load to the production process. While we can boost production efficiency using a specialized writing process, the design and operation of this unique procedure would still escalate the overall costs.
With Fleet Provisioning
The process of 「key injection to N individually」 is unnecessary.
As an alternative, post-product assembly, after the “assemble * M” process, the products can utilize their internet connection to communicate with AWS. The automated upload of key data, generated from random numbers inside the MCU, and the download of certificate data, followed by self-injection, can all be accomplished automatically. This process can be effortlessly integrated into the traditional firmware writing and product assembly processes, greatly lessening the burden on production and design costs.
We understand that factory production efficiency is a major concern for our customers. Fleet provisioning not only enhances production efficiency but also improves security by eliminating the need to send unique key/certificate information for each device to the factory. We, as developers, see this elevation in security as the prime benefit of fleet provisioning.
When scrutinizing the mechanisms we’ve introduced, a vulnerability arises in the “assemble * M” process. Here, the device communicates with AWS and receives keys/certificates. The internally generated keys are stored in readable flash memory, presenting a security risk. However, we plan to address this by utilizing the Trusted Secure IP (a security IP integrated into the RX family). This will allow us to generate the key pair within the security IP, minimizing the risk of key exposure outside the MCU. This solution will enable the private key to function solely within the security IP throughout the product lifecycle.
Furthermore, claim keys/certificates embedded in firmware pose potential risks, but they too can be safeguarded with the security IP. In this manner, the RX family can effectively secure confidential information. Our goal is to provide solutions that boost production efficiency while ensuring complete data protection. As we advocate this approach, we aim to foster an environment where end users can trust and confidently use IoT devices.
Lastly, we’d like to share links to the RX family’s cloud solution, offering you a first-hand experience of these features and a suite of security solutions. We hope you find them valuable.
RX Cloud Connectivity Solutions
RX Security Solutions