An Interview With Thales Part 2

POSTED BY Chris Phillips
Thales recently won a number of awards in our Future Digital Awards programme.

We interviewed their team to find our more about their award-winning cellular IoT solution, and how it can help operators secure their IoT connections.

1. Analysts expect a drastic growth of connected objects, and among them, a number will be connected to cellular networks. Can you tell me what’s in it for MNOs?

Indeed, we expect huge growth for IoT in both the consumer and industrial domains such as automotive, healthcare, smart cities, infrastructure, track and trace and more.

The emergence of this new ecosystem represents many commercial opportunities for MNOs (Mobile Network Operators), who can deliver exciting new IoT use cases, quickly and efficiently.

Moreover, there can be no doubt that the emergence of new-generation 5G networks will help enable explosive growth in the number of devices connected both to people and each other, which will consequently boost commercial opportunities for MNOs.

Trust and security must be built in, along with the potential to scale effectively to keep pace with rapid growth.

However, there are security challenges, when we talk about security sensitive services, such as smart metering, smart energy, industry 4.0 and healthcare with health monitoring. For those types of services, security is a must-have indeed.

2. More precisely, what are the security challenges?

MNOs have a key role to play in the development of IoT with cellular connectivity and especially for security.

The IoT is characterised by fragmentation in terms of the OS (Operating System) employed. There are several open source and proprietary IoT OSs already on the market. Given the variety of applications, hardware and connectivity encompassed with IoT, it is likely that the market will continue to sustain multiple OSs for the foreseeable future. In this respect, any IoT security implementation which is dependent on the type of OS cannot be scaled and is not sustainable. This is a key security challenge that MNOs need to address.

Establishing trust and confidence in the IoT is a priority for all stakeholders looking to benefit from the new age in connectivity. Essentially, the security framework must fulfil three key requirements: mutual authentication between IoT device and cloud, the integrity and confidentiality of security-sensitive data both at rest and in motion, and last but not least, the scalability of security and cost effectiveness, as the IoT is a cost-sensitive market.

3. Do MNOs need new technology to enable scalable IoT security?

Not at all. There is an existing technology/framework, which is already proven in the field and is ideally suited for the IoT: secure elements at large and, more specifically, eSIM/SIM in the case of cellular connectivity for IoT. Indeed, secure elements can deliver scalable ‘security-by-design’ for IoT, while eSIM/SIM can deliver scalable IoT security for cellular networks.

The approach is to leverage those hardware-based, tamper-proof elements, which are already present in every single cellular device, also known as the Root of Trust, to store sensitive data such as keys and security services. Moreover, secure elements are standard technology and are ideally suited to integrate the GSMA’s latest IoT SAFE (IoT on-SIM Applet For Secure End-2-End Communication) specifications.

The GSMA’s IoT SAFE specifications provide an interoperable and scalable security framework for IoT. We are the first to implement the GSMA standard specifications for IoT. This is an unprecedented advancement in terms of scalable IoT security for all security-sensitive use cases.

4. What is your offer for MNOs to achieve scalable and sustainable security for IoT in a cost-effective manner?

The issue is how the device’s middleware can leverage the security services in a scalable manner. And this is the problem Thales IoT SAFE, implementing the GSMA IoT SAFE specifications, solves: to specify and standardise an API so the device’s middleware can use the credentials and security services in the secure element (SIM, eSIM, eSE) in a standard manner; all parties can now talk the same language.

Thales can address the challenge of securely and efficiently connecting IoT devices to the cloud through cellular networks, thereby offering demonstrable benefits for all key stakeholders. Thales enables the opportunity to leverage assets that include widely deployed and field proven cellular networks and secure element-based security solutions that store credentials, to deliver services that can be enhanced to address IoT security in an interoperable environment defined by GSMA standards. Thales’ comprehensive IoT SAFE Service enables the secure end-to-end connection between the cloud and devices in the field, and is a proven and resilient gateway to the fast-growing IoT market.

IoT SAFE GSMA standard is cost-effective, as it leverages the SIM/eSIM which is present in every single cellular device. There is no need to add and pay for an additional secure element.

5. What are the benefits of Thales IoT SAFE and particularly for MNOs?

To start with, Thales delivers IoT SAFE as a service, it is plug and play without any integration effort required for all the stakeholders in this ecosystem. Those stakeholders are:
  • Mobile network/telecoms operators – providing the connectivity that embraces not only billions of people, but also billions of devices.
  • Service providers – developing applications for clouds and devices.
  • Cloud providers – hosting and managing IoT applications.
  • Device makers – building IoT devices or producing the components that are at the heart of IoT devices.
Alongside connectivity, MNOs can monetise IoT security services, and utilise both their own and any other public cloud. They are ideally positioned to capitalise on their experience. MNOs already have billions of secure elements deployed in the field, remotely managed by OTA platforms. Moreover, they will deliver the next generation of 5G networks; enabling extraordinary growth in connected objects.

In an interoperable framework, cloud providers can offer secure and seamless access, while minimising the risk of attacks to their domain. OEMs and chipset makers can: protect device integrity, streamline the production of secure devices, and overcome fragmentation. Service providers can develop secure services once, then deploy everywhere, regardless of device fragmentation. In addition to this, those in charge of the management and maintenance of IoT devices can benefit from remote ‘zero touch’ connectivity and management of connected devices across many diverse locations in the field. Costly and time-consuming site visits by employees to maintain IoT devices are replaced by swift, real-time, over-the-air updates managed by MNOs.

6. Moving forward, how do you think the roles of MNOs will evolve?

MNOs are uniquely positioned to drive cellular IoT. Around the world, they manage billions of deployed SIMs and eSIMs. MNOs therefore have unrivalled experience and capabilities to meet the challenges of a vast IoT ecosystem, in which these secure elements represent the Root of Trust. In addition to this, MNOs are already engaged in verifying and digitising their subscribers ID at enrolment. They are ideally positioned to enrol and link trusted digital IDs of objects with trusted digital IDs of their owners: MNOs can become Trusted Digital ID providers for people and things. In this role, MNOs will be further supported by key enabling technologies for the digital transformation, such as the 5G framework, online ID verification and eSIM (embedded SIM) technology.

Finally, MNOs have such a global reach that their impact on digital transformation across the world could be exceptional.