An IoT node device must handle multiple security requirements, including trusted boot, trusted and secure operation and communication – just to name a few.
Hardware virtualization allows the flexibility of implementing a solution that can scale and adapt to the requirement of the IoT node device while maintaining the overall cost of implementation, validation, certification and operation of the device. In Figure 5, the trusted application handles all the security related tasks such as control of the sensors while capturing, processing and storing sensitive data; separately establishing secure communication to the host, either locally or over the cloud. The OEM application maintains isolation from any third party applications. For a third party application, being deployed in its own environment simplifies validation, deployment, and revocation while providing another level of security for the base services.
In a connected home environment (like that shown in Figure 6), there are many distinct IoT node devices that must securely be provisioned and managed by remote trusted service providers under the supervision of the home owner.
Figure 6: Example connected home environment