{"id":78809,"date":"2024-09-06T04:27:33","date_gmt":"2024-09-06T04:27:33","guid":{"rendered":"https:\/\/electronicsmaker.com\/?p=78809"},"modified":"2024-09-06T04:27:36","modified_gmt":"2024-09-06T04:27:36","slug":"commscope-pki-center-an-ally-on-the-path-to-the-iot-device-security-certification-and-production-for-matter-products","status":"publish","type":"post","link":"https:\/\/electronicsmaker.com\/commscope-pki-center-an-ally-on-the-path-to-the-iot-device-security-certification-and-production-for-matter-products","title":{"rendered":"CommScope PKI Center™: An ally on the path to the IoT Device Security certification and production for Matter products"},"content":{"rendered":"
\n
\"\"<\/figure><\/div>\n\n\n

One of Matter development\u2019s biggest issues is a potentially false sense of security resulting from improperly implementing specifications. According to CommScope, a member of the ST Partner Program, failing to manage certificates or device attestation credentials (DACs) correctly can lead to security vulnerabilities, as DACs are the most sensitive parameters for establishing device authentication and trust within the Matter ecosystem. It can also mean a company can fail to meet the IoT Device Security Specification from the CSA, the consortium behind Matter.<\/p>\n\n\n\n

Launched in March 2024, the specification establishes unique Critical Security Parameters (CSPs) and follows best practices on secure storage and management processes. Once device manufacturers meet the certification criteria, they obtain Product Security Verified Marks. Hence, the IoT Device Security Specification represents a significant milestone toward what some are calling a \u201cglobal cybersecurity standard for smart home devices\u201d1, by ensuring a more secure ecosystem that\u2019s capable of meeting today\u2019s growing threats. CommScope and ST are, therefore, collaborating to ensure STM32 developers can rapidly meet these requirements.<\/p>\n\n\n\n

Security no longer optional<\/h4>\n\n\n\n

The entire industry has high hopes for Matter, which explains why so many are adopting it, from Apple to Samsung, Amazon, and Google, among many others, and why ST is a promoter member of the CSA. We even released an X-CUBE-MATTER software package to help developers rapidly release their products to market thanks to pre-certified code and demo applications. Moreover, we have already shown demos of a certified Matter system running on STM32 MCUs. The CSA explains that it created Matter \u201cwith security and privacy as key design tenets.2\u201d Consequently, as a promoter member, ST ensured our customers have all the tools and hardware needed to meet the latest security requirements.<\/p>\n\n\n\n

Sleeping on the job<\/strong><\/p>\n\n\n\n

The reason behind this new security push is simple. Until 2010, many developers didn\u2019t even think the vast majority of IoT devices warranted security safeguards. This led to severe issues like the Mirai Botnet, which exploited IoT devices to launch massive DDoS attacks. Similarly, when researchers showed how they could remotely take control of a car by exploiting inherent vulnerabilities3 or that hackers spied on children\u2019s bedrooms by breaching popular home security cameras4, people started to take notice. The CSA\u2019s emphasis on security and privacy recognizes the critical importance of safeguarding users and devices in a world where threats are increasingly complex.<\/p>\n\n\n\n

Rude awakening<\/strong><\/p>\n\n\n\n

The problem is that few device manufacturers have the expertise to properly design and implement security measures. What\u2019s even worse is that many developers vastly underestimate what it takes to implement security in a Matter system. For instance, the IoT Device Security Specification requires that the private key never leave its origin device. As a result, many companies only discover their non-compliance when they enter the certification program to obtain the Product Security Verified Mark. This often leads to significant delays and expenses when teams must revisit their initial designs and implementations and address the security issues preventing them from obtaining the IoT Device Security certification.<\/p>\n\n\n\n

Intentionally secure<\/h4>\n\n\n\n

STM32 and security<\/strong><\/p>\n\n\n

\n
\"\"
Matter devices will end up everywhere. That\u2019s why the ST and CommScope partnership is so important.<\/em><\/figcaption><\/figure><\/div>\n\n\n

Any security implementation starts at the hardware level. No amount of software can save a device that doesn\u2019t offer strict physical and logical safeguards. Hence, the STM32WB55, which many use to run their Matter application, offers tamper protection mechanisms. It also has multiple crypto cores accelerating AES symmetric and RSA\/ECC asymmetric cryptography. Moreover, it supports secure firmware installations and provides key storage and management services. Furthermore, the STM32WBA5x devices, like the newly launched STM32WBA54 and STM32WBA55, which can work as a radio co-processor in a Thread border router in a Matter ecosystem, can target a SESIP3 and PSA Certified Level 3 certification. Accordingly, developers know that these devices can help them meet modern specifications.<\/p>\n\n\n\n

CommScope security solutions<\/strong><\/p>\n\n\n\n

To allow developers to gain firsthand experience with Matter Device Attestation Credential provisioning without requiring software development, CommScope provides a video showcasing the process with a test DAC on an STM32WB5MMG evaluation board, the STM32WB5MM-DK. The CommScope solution provides services that handle certificate authority, provisioning services, certificate lifecycle management services, boot loaders, and app code signing. The services predate Matter and work in a wide range of IoT applications. In fact, their expertise has helped them anticipate the needs of developers, which is why ST featured CommScope Security Solution during Embedded World 2024.<\/p>\n\n\n\n

In the video, CommScope shows a demonstration software package, which includes:<\/p>\n\n\n\n

\n