As a leader in the IoT sector, global IoT development platform service provider Tuya Smart showcased new security-related products and solutions during the recent CES 2022 in Las Vegas. The offerings aim to help developers launch products with high efficiency and reduce their worries about product safety.
One of the major impacts of the pandemic on IoT and smart devices has been the rise of global network security issues that have been amplified by consumer needs and behaviors during this time.
According to a 2021 report from IoT Analytics, the number of connected IoT devices were expected to hit 12.3 billion active endpoints globally by the end of last year and grow to more than 27 billion IoT connections by 2025.
Coupled with increased remote work after the onset of the COVID-19 pandemic, consumers are more exposed to online attacks. According to Akamai’s annual state of the internet security report, remote work and increased connectivity contributed to a spike in cyber-attacks, while web application attacks tripled in 2021, from what was already a record year in 2020.
Network security has become a topic of concern for all major players in the industry. Among the issues, IoT security has risen a key focus for many manufacturers, developers and suppliers.
Tuya Smart’s new IoT security module WBR3N drew the attention of industry professionals during CES. The security module is the first of its kind with a built-in secure element (SE) to hold a Common Criteria (CC) EAL6+ certificate.
Commanding comprehensively robust security guarantee, the module realizes mutual certificate authentication and device activation authentication between the device and the cloud, in addition to the Elliptical Curve Cryptography (ECC) security certificate and device certification information that is built into the Squeeze-and-Excitation (SE) block during the production process.
In terms of communication, WBR3N uses TLS1.2 two-way strong verified communication based on security authentication, which represents the highest level of communication security in the industry.
In terms of security protection of device data, WBR3N uses built-in independent SE to execute the data encryption and decryption process, therefore safeguarding data security.
At the same time, the module provides SE-based independent physical security storage and has a built-in root of trust (RoT), through which storage is performed. The core codes enjoy protection by the built-in SE, while OTA ensures process safety through a secure communication process and firmware verification.
Overall, WBR3N comes with multiple logical and physical protection layers such as metal shielding, end-to-end encryption, memory encryption and tampering detection, able to fend off advanced attack methods such as power analysis and fault attack.
Aside from enhanced hardware security capabilities, Tuya Smart also has released Tuya Sage, an IoT security operation platform. The solution is designed to help developers identify and eliminate potential security risks of the IoT system and ensure security and compliance during system operations.
Shared security responsibility is the fundamental principle of IoT security. Shared security means that cloud providers are responsible for protecting cloud security, while developers are responsible for the security of the applications, data, and resources that use and access the cloud. In practice, many developers lack a holistic sense of the security and compliance status of global smart terminals, a challenge that industry experts are looking for solutions to address.
With Tuya Sage, developers have an oversight of all protected devices, including their basic security information and risk status. Once a device encounters an attack, the developer can complete the risk interception in one click. Through real-time threat intelligence, Tuya Sage is able to identify local vulnerabilities in smart terminals in a timely and effective manner, allowing developers to understand the security and privacy compliance status of the terminal, as well as whether there is any non-compliant user data flow so that it can be rapidly addressed.