Original Title：IoT security update: The FDO standard scores an early design win

　　The FIDO Device Onboard (FDO) specification—which defines how the Internet of Things (IoT) devices are connected to the cloud simply and securely—is starting to get some traction. PUFsecurity, a supplier of physical unclonable function (PUF)-based security solutions, claims to offer a device ID that enables IoT developers to comply with the FDO standard.

　　The firm’s PUFiot technology, built around a NIST-certified hardware crypto accelerator, facilitates features such as device initialization and transfer ownership; these security features have been demonstrated and verified on FPGA. IoT developers can customize the algorithm to support security functions such as authentication, data encryption, integrity check, and more specific features required by the FDO process.

　　Inside PUFiot, the quantum-tunneling PUF called NeoPUF provides the foundation of trust for deriving the ID and public/private keys required for device authentication without external key injection. Moreover, PUFiot provides secure OTP for storing device credentials instead of storing device credentials in external non-secure flash memory.

　　Currently, the IoT device deployment encompasses the installation of the physical device and the setup of credentials or passwords for secure communication with a cloud or server platform. A technician usually performs the onboarding process manually, and it’s slow, expensive and insecure. The FDO specification automates the onboarding process for IoT devices while leveraging the public and private key encryption technologies.

　　The Fast Identity Online (FIDO) Alliance proposed the FDO specification in April this year to collaboratively solve the issue of IoT security in onboarding. PUFsecurity’s support for the FDO standard is likely to boost security offerings for chips to be used in IoT devices.

　　Majeed Ahmad, Editor-in-Chief of EDN and Planet Analog, has covered the electronics design industry for more than two decades.