Dutch industry veterans bag €1.3M to raise device security and circularity

Nieke Roos
Reading time: 5 minutes

Building on an idea once co-conceived by Mapper, Eindhoven-based Sandgrain is developing an integrated solution for trusted authentication of connected systems by combining hard-coded ICs and a cloud platform. DeeptechXL is backing the startup with a seed investment.

A major challenge for the Internet of Things remains the vulnerability of the end nodes. The higher system levels are relatively well protected using public-key certificates, MAC address management, secure elements and the like. Getting into an end node, however, is still rather easy. A case in point is the famous hack of a casino through an internet-connected fish tank in 2017.

There are two main approaches to giving an IoT end node a trusted identity: storing the ID in the node itself, in some form of protected memory, or in a central system. Both are flawed, though. With node-based identity management, the end node can still be hacked, no matter the level of protection. Worse, the stolen ID can be endlessly replicated and all copies will be seen as valid. The central approach is fundamentally more reliable, allowing much better detection and control after detection, but when identities and physical devices aren’t linked, a hacker could steal an ID and insert it into his own clone.

This article is exclusively available to premium members of Bits&Chips. Already a premium member? Please log in. Not yet a premium member? Become one and enjoy all the benefits.


Related content