When you see Iowa and IoT in a title, you probably think of agricultural applications and Iowa as a consumer. In fact, they have their own pretty active tech development culture especially around Des Moines. Certainly some of this is focused on agtech, but there are also players in fintech, payment tech, health-tech, business automation, green energy and many more domains. One such company, Icon Labs (I’ll call them Icon for the rest of this piece), has been providing connectivity and security solutions for embedded OEMs for over 20 years.
Icon specializes in cross platform security solutions for embedded OEMs and IoT device manufacturers. Of course this is now a hot domain crowded with companies laying claim to the best security products. In that context, it’s interesting to note that Icon has been building intelligent, secure, networked devices for industry leaders in industrial control, critical Infrastructure, mil-aero, telecomm, networking, and medical industries throughout the life of the company. Their solutions are deployed from the factory floor to broadband internet access devices, from core network routers to smart modems, and from optical cross-connects to the operating room. Icon have been walking the security walk for a lot longer than most providers in this field.
Icon’s solutions are software-based and start with the Floodgate Security Framework, available as building blocks or integrated together as a framework, for building security into an embedded device. Particularly notable is that these blocks have been designed for compliance with EDSA, ISA/IEC 62443 and NIST cybersecurity guidelines, an indication of Icon’s heritage in this field. They also offer a security manager (discovery, authentication, monitoring, logging, etc) among other products.
Icon were exhibiting at ARM TechCon this year so naturally I asked how they saw their solutions compared to the software aspects of ARM’s recently announced end-to-end IoT solution. Ernie Rudolph (EVP at Icon) responded that although the ARM solution is based on standard communications protocols, it is predicated on the use of the mbed OS with a TrustZone enabled processor and the mbed Device Connector. And of course many solutions, particularly legacy devices and systems will not be compliant with these expectations. Particularly in the Industrial IoT, automation in the form of M2M has been around for a long time. Replacing all of that with ARM-based solutions will not be practical, at least in the near-term.
At TechCon, Ernie showed me Icon’s demonstration of their end-to-end solution, in conjunction with Verizon and Renesas Electronics America. This used Verizon’s ThingSpace cloud to provide security management, through the Verizon interface. The Verizon IoT Secure Credentialing (SC) Certificate Authority (CA) provides CA services for automated certificate enrollment. Icon Labs provided the integration between the IoT device and the management services through their Floodgate technology. The Floodgate Security Framework now includes the Floodgate Key Manager component, a client providing automated enrollment with any certificate authority including Verizon’s IoT SC CA using an RTOS-compatible implementation of the SCEP protocol.
The edge-node in this demonstration was based on the Renesas Synergy platform, a hardware platform designed for IoT devices. Icon is a Renesas Synergy VSA partner and provides additional security features on that platform including multi-stage secure boot, secure communications, secure key storage and management, intrusion detection and the floodgate agent for command audit log, and management interaction.
It’s worth remembering the IoT domain and especially security in that domain is still very young, and is likely to need to support a diverse range of devices around the IoT. One solution probably won’t fit all and providers like Icon, who are already established in the IIoT, are likely to play an important role. You can learn more about Icon Labs HERE.
Next Generation of Systems Design at Siemens