 I'm Phil Atfield, the CEO and one of the founders of Secreter Labs, great pleasure to join you today. And I'm here on your website and I'm browsing around and I see that there's all these platforms and you're working with them to do, what do you do with all these platforms? So as we call it, we provide a chip to cloud security solution for customers, our customers who are building embedded systems where security is a substantial concern once the systems are in the field. So we work with a variety of processors from NXP, Microchip, ST Micro, NVIDIA and others are coming as well. And it's like a little bit like a real heart not to crack, right? To get real good security for the IoT and there's been IoT for let's say a couple of decades but has there been good security for all this stuff so far and are you like the solution that all the IoT needs to use or? So I'll be honest, absolutely we are. If a company goes to say field the product that's gonna be in service for five, 10 or 20 years the number of challenges that they need to address even from the design and manufacturing going forward into the field are requires multiple disciplines and a lot of difficult problems. It's sort of when you think of a system integrator there are highly specialized teams and security the devil really lies in the details at each part of the system its construction and its maintenance and what we've done is basically simplify that so that our customers have the, call it the best in class solution and they don't have to go through and figure out all of the details themselves. So for example, I'm on your websites right now on your website and there's a product and I see M spark and power something with a security suite and the cloud services. So what are you doing with these? Correct. So the security suite itself we basically provide a combination of tools runtime libraries and an SDK that allows our customers to start from the point at which their product designed where they need to say for example address credentials and public keys or PKI as a management infrastructure that will be used to operate these systems once they're in the field. So we give them the ability to basically configure everything from the crypto material that goes into their devices starting from manufacturing, secure boot and operation forward. And it's a case of as well there are so many problems with a system once it's in the field, these are embedded systems they don't necessarily have they typically do not have a person sitting in front of them in terms of management, it's all done remotely sensing is all done remotely all the controls are done remotely and they don't want these systems to be hacked. So given example would be building an access control, fire suppression, HVAC, energy management, hot water management, all of the sort of the industrial systems that we rely on daily that just should not be hackable. So if I understand correctly are you doing AI in the way that you do the security and it kind of like figure things out automatically or do people have to manage everything manually to choose what to do in all the devices or do you know what I mean? AI? So these systems basically when you think of an edge computer think of something like even an alarm monitoring system, they're very closed there isn't the ability to download applications they don't run advertising. So it's very much a hardwired configured environment and what they're looking for is the ability to have maintained strong control over who is able to publish software who is able to provide updates. And then at the same times the company's been invested heavily so they want to make sure that any intellectual property what they built into their applications can't be stolen or pirated in the field. In terms of AI, some of our customers actually provide they build high value systems. So call it industrial imaging, for example high throughput barcode scanners, inspection systems say for example the eyes of the robot in an automotive factory that inspect welds, the intellectual property in that camera is a substantial investment. They don't want it stolen. They don't want to compromise and the camera can't fail. So for then it comes down to really they sell different applications that run on their cameras. They want to be able to manage those and those are AI and machine learning models. So for them, I mean their business is the quality of their product but as well as the investment they made in the analytics that they run on the system. And we're seeing an increasing amount of that as well for customers that are running AI and ML machines basically managed at the edge. So appliances effectively. So the M spark security suite, can you, so that's the service and it's like a huge kind of like, work to get the whole, the firmwares need to be updated securely and who's doing the software and who do the IoT device maker makes the software, right? But what do you do to this firmware? So let's give an example. Typically we'll receive a board support package either from one of the silicon providers. So say NXP, Microchip or NVIDIA and then we receive a product that's derived from that. So a good example would be Johnson Controls where they've gone and they've built their, call it their runtime and application stack. And what we do is provide them within the M spark suite, we basically give them key management interfaces. So APIs that run in the secure domain. So we compartmentalize off, say keys and cryptographic operations and even compute operations. We provide them with the APIs and calls that allow them to manage their certificates and their keys and perform the authentication operations. At the same time, we also provide the software that connects into the boot chain to allow them to do secure updates or failover. And this basically means that their systems are never bricked. Another component as well is that we've integrated in with both the AWS and Azure IoT connectivity stack. So for things to provide, for example, fully managed TLS sessions. And this is a case where again, the credentials are fully secured, the applications can speak TLS, they can make use of all of the services available from the cloud service provider, but the customer has to do nothing in terms of integration other than to write their application, layer it upon the normal software that they would say obtained from Microsoft or Amazon. So it's just, it takes it and combines it all together so that they don't have to worry about dealing with credentials at manufacturing, dealing with provisioning at manufacturing, dealing with the life cycle of the keys, dealing with any of that. Because those are all, once you have the system built then immediately becomes an operational problem. It's out in the field, it needs to be updated. How do you do that? The mechanisms to make sure that the device isn't compromised or doesn't fail during an update that needs to all be, that needs to be handled. It's complicated, especially when you're replacing some of the low level firmware components. And the systems can't fail because otherwise that means a technician has to go in with a truck, open up a panel and replace a board or attach a laptop and it's expensive. So this is basically, we put a lot of effort into making it as seamless and streamlined as possible. And inevitably we have to integrate in with enterprise systems that already exist, but that's fine. I mean, that's the reality of the world when you have established industrial companies. So your customers can use whatever embedded OS they want. It could be like Zephyr or Embed OS or the platforms that Amazon is promoting or it can be Linux. So what are they using? So typically the microprocessors are running a Linux stack. So instead of, so call them the A-class ARM processors, the application course. When you think of something like Zephyr or Amazon Friartos, those are typically running on a microcontroller. We do support them, but our focus has been more on call it the higher performance edge compute capabilities and sort of at the top of the line are the Nvidia Jetsons where there's actually high end analytics running. Nice, so this could be some really high end security cameras or a whole bunch of that kind of stuff. Exactly, you think of security cameras, you think of cameras that are connected to gateways. Think of the edge gateways that actually have the sensors connected to them. So say for example, aggregator nodes that are the central hub for operations and say building management infrastructure. So they'll have other systems off to the side with the sensors, the sensors or whatever it is they're controlling. What we're providing is almost all of the time either a very smart edge node itself, for example, a high end camera or for a gateway that is the intermediate that manages an entire system. All right, so maybe we can go through some of your presentation right here. If I, this is like the overview of your technology. Yeah, so basically when you think of what's involved in taking a design from its inception all the way through to being in the field, every company faces time to market and they face resource challenges and add to it what they wanna put on these devices in terms of the investments that are made. There's already a situation where one of the world's pioneers in robotic vacuum cleaners, their intellectual property has pretty much been stolen and cloned onto all sorts of devices. It's sort of the poster child of how not to do intellectual property in the field. And this is over the course of the past couple of years has become publicized and well understood. So what we've had to do for our customers is actually tackle from the very beginning and we often get involved in their, they've made their decision which silicon they're gonna use. We wind up being involved with them in terms of taking the design through the design phases with them through integration, working with their application teams and then in many instances as well it's even into their manufacturing. So because of their credentials involved and keys involved, these may or may not involve say a secure manufacturing facility but what we do is provide the customers with the tools to integrate with their already existing manufacturing processes. So for example, they use an NHSM for signing device keys or certificates. We make available for them the APIs that allow them to capture the information and manufacturing so that they can track the devices. They build up, so they build up using the APIs that we provide in the M spark suite and that provides them, they can make a simple call to do whatever they want for an update. It can come in off of a USB stick, come in however they like, they get to the device and API call causes the device to perform the update and do that itself. And then for the ones that are now being cloud connected again, if anyone has ever gone and built, built a system from scratch for doing an update or firmware update, one of the challenges is making sure not only that the firmware is secure in storage. So we build the system in such a way that the online cloud storage server can't see the contents. Each device receives a uniquely encrypted copy of the content and the contents cannot be migrated from one device to another. It's all of the things that companies care about when it comes to no piracy and strong controls over the management of the device once it's in the field. So it's important, for example, that a company that makes a really cool IoT device can somehow send the firmwares to the factory and that they don't get lost on the way. Correct. Or that when the firmware goes to the factory and the company only orders 10,000 devices that 100,000 devices are not manufactured and 90,000 of them are clones. Right, think about it. So then put it in context of once the device is in service, we've already seen the situation where there's a, it's very easy to copy a board. Anybody can go and buy a piece of hardware, they can open the case, they can create a build of materials from the parts that are on the board, they can x-ray it and create a fake. And when you think of the implied risk in doing something like that in automotives or critical control systems, you don't want fake parts because there is a safety risk. And this is why the firmware is so called, strictly managed on these systems is that they know, call it, if there's 25 different pieces in the system, the pieces have to be qualified to work together properly. And this is where the fakes matter, the clones matter. And obviously they don't want the risk or liability of somebody buying a part that doesn't work properly in the system and causes some sort of failure. This is, you know, think about how complex your car is. How can you make sure that they don't make the 90,000 extra devices? Where do you come in and make sure that doesn't happen? So because of the way that the provisioning is done, when the system is first brought up, it only contains a minimal runtime. And that device must go back to a system that the vendor controls to limit the number of systems that are actually provision properly, like fully provisioned with the applications. So you put enough software or enough firmware on the system, either they do it entirely in their own factory, or if they're doing it on shore, they only get a minimum installation done. And the first thing the device does is it has to go back to the, basically to our customer systems to complete its load. There's a question right here from Carlos. Is there FPGA support? Am I, I'm wondering if he means by that, if there's an FPGA connected to the board, can we secure, for example, something like an AI or ML image going to that? And the answer to that is yes. One of our customers actually does use an FPGA within their camera to do the analytics and do the image processing. And that image is absolutely secured. Can you, can you describe some more examples of what kind of target markets you might have, like without maybe mentioning those you already have, but what could like really be good customers in the kind of technology that you have, or is it just like way too many examples? No, it's actually quite horizontal. Any place where there is the need to protect an application or an entire runtime environment. So it is very horizontal. So whether it's healthcare and dealing with private data, whether it's critical that sensor information not be leaked, if there are specific computations or algorithms that they want moved away from the network stack, those can be even migrated into the secure domain. So they're off of the, they're outside of the normal memory that say, for example, Linux runs in and the customer can run those within trusted applications. So, can you talk a little bit about the history of your company? Have you been doing this for a long time? Yes, we have. So the company's been around for about 10 years. We have extensive background in cell phones and embedded systems. Several people on the team are actually, my background is actually semiconductor design test and verification. We have a couple of people who specialize in formal methods and system verification at the formal level. And then several who are, most of our developers are actually physicists. They spend a great deal of time making sure that the software just does not fail. If anything goes wrong in a device driver in the software, we have to make sure that the systems are completely recoverable. So it's a very small team, but extremely disciplined and very broad. So a lot of experience and effort goes into the product. Yeah, cause you don't want to deploy 10,000 cool devices out there and then some kind of security update breaks them all or something, right? Correct. And we do extensive, unlike a lot of companies, so the sales cycle is kind of typical. We make available for our customers, there's an evaluation kit. You earlier showed a slide that showed the trust board. Basically a customer can order that online from Arrow. That gives them the ability to fully exercise the system. So they go through an evaluation using the product. And then typically we may or may not be engaged to do a little bit, a small amount of NRE for integrating say with legacy systems. We'll give them insight and often on secure operations. And it's just essentially all of the, call everything that security touches we inevitably wind up having a discussion around either implementation or the business processes of operations. There's another question right here. So we were talking about a little bit about the Cortex-M, right? So how much is that maybe in your roadmap to do more and more in that direction? Or you really like to do the high-end Linux stuff. So we've stayed with the high-end Linux largely because of demand. We actually have a lot of experience with the Cortex-M and even the V8-M, so the newer M23, M33 that have trust zone on the microcontrollers. We're very, we're actually, we were involved very early in the design stages of specializing how those cores should work. We've done a lot of work in it. One of the challenges we run into on the MCUs is that generally nobody wants to pay for security. They just don't want to pay for it, right? And that's the sort of the market demands when you have a customer who's willing to buy a $30 part, then they'll pay for security. But for the ones doing the MCUs, a lot of them are going into low-end consumer products and they just don't care. And these parts are like what, $3? Some of the MCUs are like $1 or $2. They're unbelievably inexpensive. And I mean, there are challenges as well when it comes to even configuring non-volatile memory to perform an update properly. It's difficult. And a lot of design effort involved to build the low, call it the early parts of the stack to manage that on the fly because you can't have a brick. What's your review of the state of the world when you look at, I don't know how many billions of IoT devices out there. How many of them have no security and no secure updates and all the stuff that they should have? So just in the past couple of days there was actually an interesting, I tell you, the results of a study done at Carnegie Mellon University released relating to say more home IoT. And it should be no surprise to anyone that a lot of the devices can't be updated. They have vulnerabilities dating back several years and that's the nature of consumer products. It's sort of the, where I'm happy to see security being in focus is where it is for critical and connected industrial systems or building management systems. It's sort of the, over the course of the past several years, enough, I'd say there've been enough hacks and those have been going on for decades that the large enterprises that care about their customers and their products are actually making a serious effort. And what we're seeing now is the evolution moving forward to more integrated and managed security systems. I mean, they're coming from, let's say more fragmented past and what they're doing is moving towards managed platforms, such as what we provide. I mean, it is improving on the industrial side but frankly the consumer side scares the leading daylights out of me. It's still, it's frightening. Robert Nix says 80%, he thinks 80% do not have a stable security concept. I put that for consumer product is probably higher than 80% even. I mean, we've had one company approaches about solving a problem on their devices that are in the field and it's pretty much impossible. I mean, the most we could do is security by obscurity and we know darn well that'll be broken the next day. It just, you have to have the hardware root, you have to have the hardware implementation. Is there a hardware crypto chip like Atmel on the board or do you decrypt via software AES stack, for example? So on the microprocessors, we will leverage the embedded IP, the silicon IP for crypto whenever it's available. Say for example, on the SAM A5D series, the A5D2s, those incorporate an AES engine. So what we do is we actually bind, so it's possible to actually bind the crypto engine to the secure domain. It can only interact with the processor when it's in the secure state and it can only interact with secure memory that's not accessible when the processor or peripherals are not secure. We tend to avoid using bolt-on security parts. If a customer wants it, it's easy. We can set up a driver for them, but in the case of all of the chips that we've mentioned, they all incorporate, let's call it rather advanced on-chip security features. So including, you know, critical key storage, tampering, anti-tamper tamper detection mechanisms, some of them even have public key engines. And I mean, we prefer using them just because there's no ability to intercept traffic on an external bus to the chip. So when I look at these chips here, for example, the STM32 MP1, does that mean there's like a whole bunch of board manufacturers and designers that you partner with on the way to sell these? Yes, actually, we work with some of the, call them the OEMs and the original device manufacturers. So we're working with several right now who are building appliances. They'll make a selection, you know, say for cost or performance purposes, that they want to use the silicon from one of our partners. And what we do is work with the OEM or the ODM to provide them with the base support for their system. So effectively when their customer goes and buys the appliance, it already has our software informer running on it and everything in terms of, we don't own the keys either. These are something critically that belong to our customers. We make it a point of not owning any keys. So these platforms here, for example, so I see NVIDIA, ST, NXP, microchip, right? Some of these are very, there's a big hype around the, for example, the IMX8M, 8M mini and all that. So there's been a lot of interesting developments recently that you can take advantage of, like new security paradigms, paradigms, or what do you call it, then like a whole bunch of, so the IMX have been evolving over the course of at least 20 years. So the original designs were done several decades ago and very advanced security capabilities from NXP on those parts. NXP has adopted it across both the IMX and the Lairscape series. Some of the newer IMX8s even include the neural net and tensor flow engine from ARM. So call it a very low power device with a high compute capability. And what's interesting is the way we're seeing customers optimize the workloads to make use of lower power, lower processing capability microprocessors to do a lot of intense compute work. All right, so there is a talk of doing more and more AI on the edge, right? Absolutely, and when you think of the bandwidth requirements of AI, you'll think of how much it takes to bring in 30 high definition camera feeds to one machine. If you were to try and funnel all that over the cloud and do it in real time, it's not so easy. It's much easier to connect the gateway device that has the compute capability on board. And this, for example, is like, it's a very common use case, especially for the high-end Nvidia Jetson is video processing and stream analytics. And so it can be done with FPGAs as well. So how awesome are these Jetsons and the AGX-Savier? The AGX, they're impressive. Like they are impressive parts. I mean, all of these are impressive parts. We look one, I mean, one of the things we look at when choosing silicon and what is the track record of the vendor? Do they have a background elsewhere in security systems? So if you look at NXP, Microchip, ST Micro, you'll find that they have a background in other products building payment terminals. All right, and then there's also some Microchip. What's going on with all these Microchips here? So basically Microchip, that is Cortex A5. So ARMv7s, those parts have been around for several years. Microchip has a very large presence with those parts in the payment terminal industry. So you'll frequently find those being used as well on things like smart meters. So I mean, it's the security features of those parts that are actually quite, they're quite advanced and highly evolved. It sort of, it takes a vendor several generations to even get their part right. And they've been at it for more than a decade. Like they're very nicely done. And the higher end parts have, they have electronic countermeasures as well for even focused eye on beam or people who try to fuzz clock or try to do side channel attacks on the parts. I mean, a lot of work goes into these. That sounds awesome. Like my water meter was like the water company just came and changed it. They just do that, right? And they put these, I don't know what kind of thing they have, but they have so wireless connection to the back, I guess they have some little thing in there. But then they all need to do that, right? With the water meters, the electricity meters, and that's a lot of devices that they wanna make sure working great for decades. And then think of what starts to happen with things like your power with your electricity meter where they're starting to look at gathering data in terms of the power consumption in the home for things like dynamic billing or power factor correction or use of air conditioning or when you run your electric hot water heater. What they're looking for then is they want to be able to gather the informations and perform the computations on the device to some extent as well. All right. And they do have to exist in the field potentially for many, you know, two, five, 10 years. We've had three electricity meters in the last 10 years and the last one was to basically change the cellular connectivity features that it had. And there I have the, I'm trying to open your, you have a presentation about the, maybe I have it right here. Can you describe some of the latest stuff that you've been doing in the last 18 months? So we've actually, over the course of the past 18 months has been a lot of activity on both IMX and NVIDIA. So again, for a lot of emphasis is being on vision systems. So things like even companies that are building solutions to address with COVID, overcrowding and recognizing in the ability to be able to alarm or monitor, say, you know, regions and office buildings where people would tend to gather and congregate just to make sure that, you know, they're following best practices if not too many people in a room with this, you know, conference room at the same time or even for retail, same sorts of things, as stores have reopened is making sure that aisles don't get overcrowded. It sounds really crazy, but then, you know, move forward from a system like that into actually monitoring and tracking people's shopping behavior and, you know, in a retail setting. So there's a whole bunch of new kind of requirements and what people want to be able to do with IoT? Yeah, so when you think of it, it comes down to for a lot of those applications that turns into they want to run a model of some sort or an analytical engine out at the edge and as a managed device or appliance that's not, you know, not necessarily facility where they have direct control over it with a human in front of it all the time, they need to be able to properly manage these, you know, manage the appliances. Think of them as being, you know, it's like, you know, access to a bank vault. You just don't want anybody walking up and opening the panel. And here's a comment about the AGX has 32 gigabytes of RAM. You can load 150 AI models onto that device. Yeah, they're impressive. That's a lot of stuff for you to play with also, I guess, or not. Yeah, it's actually, the hardware is impressive, but the use cases we see and, you know, never underestimate the ability of a customer to do impressive things. They always do it and they will always push, they always push the hardware and push the application as far as they can. And our job is to give them the ability to just secure it without having to do any of the, you know, any of the effort involved of reading, you know, 5,000, 10,000 page data sheet to figure it out. So what am I looking here to the, the empower cloud services? Right. So basically, so we provide the security suite that gives all of say the key management and connectivity capabilities to do that securely on a device. And what our customers are asking us for previously, we provided them the APIs for doing updates. And what they asked for in the end was to provide the system that allows them to deal with the manufacturing and the updates on their own. And we're, I mean, this is just, you know, speaking to the size of the market, it's big, obviously. And what they don't want is a breach at the edge. There was another article written just a few weeks ago, is that a lot of cases, there are devices that can be update, but they rely purely on TLS for delivering the update and you can download the payload and mess with it from a web browser. And our customers don't want this. Like they want to even, they even, you know, they need to know that the device that the update's going to is their device. And the device that's in the field wants to know that it's getting an authorized update only meant from the vendor. Like you can't run unauthenticated software on the device at all. So the objective was basically for us to provide the services to our customers and then it provides, you know, it gives them a, call it the full stack for managing the firmware and the applications once they're on the device. And they, you know, just less integration, less thought for them. And it can cost 10% of revenues. So if you think of the cost of a breach, and I'd say, you know, an example going back a very long time is, how much did RSA have to spend to remediate the problem with the broken secure ID token? And I know that was well into, I wanna say nine digits before the decimal. That was a substantial cost to the business unit was I'd say easily into the hundreds of millions of dollars to remediate the problem. And when you think of the one of the, one of the objectives of hacking a system in the field, if it's high value is ransomware. And the reputational cost of the provider of that system is high. So what they don't want is the ransomware problem. And this is sort of the, at the inception of it, your opponent wants to make money and your job is to protect your system. It's the risk of what happens. And you know that the ransomware artists, they'll find an installation and they'll go from one to the next. And this is, I mean, this is the usual. I mean, you look at why it's not secure. It's just, it's a hard problem covers multiple disciplines. And yeah, it's like we've had a little bit of a strange year but let's hope that there was a big scare with the Y2K back 20 years ago, right? 21 years ago, but then let's hope there isn't like some kind of gigantic IoT problem that just shuts down the whole bunch of stuff. Well, you know, there is a problem coming on January 19th, 2038. It's called the 2038 date rollover problem on X519 certificates. Wait for it, one of our customers was operating a PKI. We were running, we were told the systems had to be in service for 50 years. We were running 50 year clock tests on the system and found the date problem in their certificates in their PKI. So it was a manage of going through and having them to correct their backend systems as well. And I mean, most systems won't be out there for that long, but if you have security that's relating on, you know, relates to timestamps on certificates, you know what it's like when you have a, when the browser certificates out of date and you can't connect to anything? Imagine that, all of a sudden your system can't connect even for an update. These are not problems we want. But even before 2038, there could be something like something huge that kind of like makes life a trouble a little bit. So the one that we hear brought up, I'd say by some of the most forward thinking is the concept of crypto agility. And cryptography has a problem. Say for example, you know, elliptic curve, public key cryptography works today or AES 256 works today, crypto fails hard. And what I mean by that is when it breaks, it's broken. And you have to have the ability to remediate as quickly as possible. And it isn't always practical to go and do a truck roll and send a technician into the field. There has to be a means to update the device when it's in the field. So things like quantum crypto that some companies are starting to think about is to make sure that there's the ability even on a short-term basis to get a software update onto a system in order to handle a problem like that. Because that's, you know, think of it as being like a catastrophic system failure. If AES 256 were broken tomorrow and it were broken in real time, we'd have problems. Our banking system is what our problems. All right, so that's like a big problem, the AES 256 breaking, but there could be like, I guess, some, I don't know, like something that's too many IoT devices is using and that's that become too easily compromised. We see some really, so we see some really, let's call them poor hygiene and design practice where customer or company hasn't figured out how to do credential management for cloud connectivity and they'll use the same set of credentials on thousands of devices. And that really turns into a system that's unmanageable. You just break it once and you've broken all those devices. And what does it mean as well for what happens at the back end, at the cloud service that they're trying to use to manage that? And we've seen scenarios like that already. I leave nothing to the imagination of what can go wrong. So, yeah, no, it's always a matter of once the system's in the field, it needs to have its daily care and feeding. So if I go here in your presentation, it's a multifaceted problem. Yeah, so think about it, the hardware fragmentation. So for every one of the vendors that we support and then beyond that, the implementation of silicon on each of those devices is done differently. And if a customer doesn't wanna be locked into a specific device, they need a solution that works on all of those products and looks the same without them having to go in and rebuild every time they wanna see it, for example, change to a different device. The threat landscape is always changing. I mean, that's the nature of sort of the cat and mouse game of security once it's in the field. There are bugs, they need to be addressed through an update which means there has to have, there have to be basically the mechanisms to do the life cycle management. All of the disciplines required for a company to go and build a product from design all the way forward, it takes a lot of special disciplines and even our largest customers admit what Sequoiter Labs does, this is what we do. We're focused on it, we track, we work very closely with the silicon and with the silicon providers and the software to make sure that we cover the gaps. And the amount of time that we spend going through the data sheets and building the bottom of the software up is daunting. A customer, we've been told it would have taken them more than two years to get a product out the door. And that's sort of the last piece is when it comes to the time to market. If they went through to address all of the security requirements from start to finish, it can add six months to two years to their design getting it deployed. What we do is effectively take that time off the calendar and accelerate, help them accelerate getting their product to market. But how are you able to do that? Is that because you've done the big work once and you can port it to all the customers? Yeah, it's basically, we've done the heavy lifting and it comes into a matter of providing them with the tools and the software and the even where to integrate into their operating procedures so that they can manage the systems. And it's interesting to see sort of the level of evolution. Large enterprises are pretty good at this. Some of the smaller companies that we deal with, there's a fair bit of education as well, teaching them even about business processes for managing keys and certificates. And that's okay, they need to do it. All right, and here if I come back to the presentation, so here you have... Yeah, and you think of it, you have the two components. There's the M-Spark. If you think of that as the firmware, the runtime that is used on the device itself, and then M-Power is the cloud connectivity that leverages the M-Spark suite so that the customer can manage their solution once it's in service. All right, there's a 40% reduction in time to market. Yeah, that's actually come from customers who've told us how much time we took off of their schedules to fully implement security and get the product to market. And I mean, our customers as well, they take our product and they frequently take our whole solution that goes through security labs before they ship it. And I mean, for them it means we have customers using silicon from multiple vendors. They build once and deploy wherever they deploy on any of those systems. There it shows some of the little icons here. So it could be like stuff like routers also. Exactly, routers, cameras, gateways, thermostats, access control, power management. It's even on medical devices. So in the case of Johnson Controls, this is part of their metasys system. And here I see a car. What do you do with the cars? The cars again, so whether they want, they're typically closer to the head unit. We're not involved in the real-time control functions for automotives, but they often put in gateways and management capabilities. And they care about, again, which firmware is running in the car. Think about the complexity of firmware on a car. How about this little icon that shows the transmission of power? What do they have with IoT stuff going on? So basically, you think of them basically managing in the field or monitoring. So either at transmission level or power quality, they need to understand loads or whether it's coming back in off the grid to say to power meters or at the neighborhood level. And is it like, how would you define your position in the market compared to other secure IoT update devices? Are you market leader or is it like a still a huge, like a big opportunity that hasn't been really captured by anyone as it should yet or? I'd say we're one of the leaders and based on customer demand that we're seeing, I'd say there's been a lot of attempts to implement updates in the field. And given the types of customers that we're seeing, I think we must be doing something right. And I know by design how we approach the system, it's developed to be resilient to not fail over. We didn't build something with a single point of failure. And you were mentioning your employees have what do you call it the particle physics? What was it that you were talking about? Actually, we do have one who has a PhD in subatomic nuclear particle physics. And when it comes to detail and the detail that goes into the software annually, no, I don't write production software. I work on other problems. He writes production software. And it's sort of the, maybe there are two bugs in the code he writes per year. And it's actually an embarrassing day for him when one is found because he's that meticulous in the design. So maybe the way to be the company that does the security for all these IoT devices, you need to have a special way of looking at things maybe? So obviously we found defects in silicon. We're not a company that will go to Black Hat and deliver a presentation on how we broke a chip. Instead, we work directly with the silicon provider to remediate the problem as well as making sure that their customers can deal with this for systems that are in the field. I've spent a lot of time actually breaking systems. So you've become familiar with the attack points, how it's done even down to say putting in physical compromises to a system to lift cryptographic material or obtain firmware. And it's sort of the, when we recognize sort of the level of ever involved and the investment that goes into the system, what we strive to do is put the detail in so that our customers are comfortable with the products when they're in the field. I mean, even down to physical tamper's on a cabinet. The cabinet gets open, then the system will, there's a remediation action that it will take depending on what the customer requires. It's a lot of detail. Can you give some more stories about your background, what you were doing before and maybe your colleagues also a little bit? Like what's the... Yeah, so we actually have one of the senior people on the team as background. He was one of the lead designers of several of the Qualcomm microprocessors that are in cell phones going back more than a decade. Another fellow on the team was responsible for releasing the first Android handset at T-Mobile. So has a very long and extensive background in operating infrastructure. I used to design silicon. I worked at Boeing for several years on internal infrastructure and operations for authorization and controls for everything from documentation through to communication systems. So it was an expert witness along the way as well on cybercrime and then again, the usual stuff on the bio with the webpage, facilitated meetings around cybercrime at the G8 level. So what you've seen inside broken systems, compromised systems, how criminals think and how to build systems. And at the end of the day, they have to be operated once they're in the field. I mean, it's their systems, they're very complicated and they only work properly for about two weeks and then they need an update. So my insurance company is trying to sell me the cybercrime package. So it's like the new thing, like there's a reason to get this stuff. I'm not trying to talk about the insurance companies, but like this is a big field and with the whole cybercrime. And I wonder if what they're trying to do is underwrite the risk of something like the malware or ransomware on a system. Like if you're going to buy something like that and there's a problem, because think of it, if you buy the right product, you're not subject to it, they'll look at the risk pool and figure out how to make money on that somehow. It's just sort of insurance is such a weird game. We've seen cases where they will allocate risk into different pools, they'll charge them different amounts of money and obviously they like very low risk opportunities, they'll charge you a nominal amount of money and make a lot of profit off of it because nobody ever has to file a claim and they'll use that to offset the expense at the other end where it's a much higher risk pool. So I'm not even sure what I would buy insurance for cyber crime personally, and I don't wear a tinfoil hat but I tend to be more careful and more paranoid than most people in terms of what's actually connected in my house, I don't have a smart thermostat. We have isolated networks for different appliances. Wasn't there like a new story two weeks ago where all the cash registers in Sweden stopped working or something like that? So they basically got in through the payment system, they basically got into a payment control system. I mean, these are, it's sort of though, when you think of the interconnectivity of things, this is what's frightening. So if we go back even to, oh, it's probably six, seven years ago now, Target, a retailer in the US, their payment processing system and their credit storage, the system that contained credit storage information for their customers was compromised through heating ventilation and air conditioning through an HVAC. That all this stuff was on the same network and they weren't, network wasn't being monitored properly, system wasn't architected properly, and somebody just decided, hey, this will put it all in the same network and look what happened. It's sort of the, at each step, the systems have to be managed properly and it's sort of the, we can't just connect stuff on a whim and without understanding what the implications are. I give another example. So this is going back several years and it was absolutely ingenious. When the first network connected light bulbs appeared, if you go back and read the article surrounding entire office buildings being made to blink because the hackers managed to get control of the light bulbs in the buildings. And it's sort of, I think of a light bulb, okay, the next thing that's gonna happen is a secure, the light bulb, you'll put a secure element in it. When that light bulb is, when the light bulb stops working and it's thrown into a bin, does that device still have the credentials that would let me access your network internally? Possibly. Does that scare me? Yeah. That's the same as somebody deciding, you know, they're gonna replace the router and they forget to wipe it before they sell it off. And we've seen this happen before too. And somebody obtains the router and gains access to the network because the credentials are the same. It's sort of the, it's, there's hygiene and operations that has to be thought through carefully. When you were talking about that you did something with a G8 and I'm thinking there is some kind of talk right now where, I mean, I think the news is that Joe Biden is doing phone calls to put in and saying, stop doing all these ransomware things, right? Is that related to this, what you were expert in? No, what I worked on was more data retention and data preservation. There's a challenge, the law enforcement has challenges and some of the challenges are for good reason. And this had to do with the privacy and data protection laws that exist in Europe. And one of the problems that the operators ran into immediately was how to either, how to even identify criminal activity and then track it down. And it was helping them to understand what they had in their data and how they could make use of it so that they could identify, track and then prosecute the criminal activity. And it was sort of the, in crossing those gaps, so put yourself in a room where there's law enforcement that doesn't understand necessarily a computer or a network, and this is a while ago, things have improved. There's someone from legal counsel from a large corporation who understands legalities and the law, but they don't understand the technology and the technologists are very focused and have no grasp on the legal aspects outside of their little purview. And this is an example of the, when you think of the number of disciplines that have to come together to solve a problem, it was being able to help them even think about and speak about the information that they might have or what they could gain access to and how to piece together a puzzle. So, when I have this presentation up, your presentation, is it because you're launching something recently or? We did, we actually so the most, so it's only within the past couple of months that we've been announced and released MPower. So we've had the MSpark Suite has been available for several years, and it was the demand over the course of the past two years where we set forward to do the, call it the proof of concept and the design for MPower for the, for basically the operating environment for connected devices. It was purely our customers saying, go build this. We did, you know, there are customers, you know, they're repeat customers. Once we're on a device, they're more than satisfied with the product, they come back for more and they want to do the updates. They've looked at other alternatives and said, no, you did a good job. We'd like to, we'd like you to provide this. And this, this basically gives an example. There was a question earlier around the segregation for people that are familiar with it, the microprocessor we support. There's a silicon feature, if it's completely implemented called arm trust zone. I think there's a little bit more animation on this one. It basically gives you a sense of what's the, the machine is basically broken into a secure and a non-secure domain. And the resources are hardware isolated. So think of it as being a hardware firewall between even different applications and different silicon resources on the device. And what we do is manage and enforce what happens across those partitions. So this technology has been in use, it's been around for more than a decade. It's used in payment terminals, smart TVs. It's the basis behind things like the HDCP on your phone or for high definition on a mobile or a set top box. And what we're doing is we make it available for these high end embedded systems or these embedded systems that for our customers. And we leverage all of the security features that are available in silicon to do this. So it's sort of, it's one thing for the silicon to implement this. It's then go build a stack and a set of applications and services around it to provide those features that let them build their product. You mentioned HDCP. Is that the one that prevents piracy with like HDMI devices to their TVs and stuff? Yeah, so when you think of it, I mean the movie studios care enormously about the value of that content. So most of HDCP and all of the decrypting of a TLS stream and the rendering and the delivery to the screen does not happen in an application where you can intercept the data. I mean, if you took a look at a Samsung phone to see how they implement the HDCP, you have an application that has buttons on it but the rest of the content never gets near Linux. So the stuff that they were doing with HDCP for, I don't know, 20 years or something, it was actually reliable. I'd say it's been evolving over the course of the past 20 years. Because the idea was that nobody in China was allowed to do a HDMI capture device that didn't respect the HDCP, right? Or something like that. Yes, and a lot of that comes down as well is even some of the parts that we support, they can come keyed or unkeyed because some of the column, the master keys for the HDCP are actually embedded in the silicon and they're not accessible. It's sort of, you can build an application that uses HDCP but you basically have to have a part that has a license associated with it in order to gain access and you still don't get to know the key. Like the keys are not accessible, the processor never even sees the key. These are smart devices, they're very well done. But couldn't there be some chip makers in China that didn't wanna respect this and just made chips that didn't and somehow they were able to display those movies and capture them on a device that was not compliant and then the MPAA tried to sue them and stuff? Probably the MPAA would go after them and I know that the ones that build the DRM software as well will be very careful about who they distribute their software and the keys to. I mean, at the end of the day, a lot of this comes down to a key, it is a key management problem, like it's in crypto management. And if the keys go into the silicon in a foundry that's trusted and you can't get the keys elsewhere, then you have to break something to get the keys. And we know some of the silicon, the keys aren't directly in the fuses even, like they're very innovative in how they store material. It's not so easy to read. And I mean, obviously, if there's money involved, a hacker's gonna go after it. So look at the course of 10 years later, the silicon involves, the systems evolve and they work out new means of storing and protecting the content. Nice, so this is showing the whole setup of your technology. Exactly, that's the whole stack. So if you look at it, it starts in manufacturing through secure boot all the way forward. And the last, they basically, so for a firmware update, we have to be able to cover a failure. So if anything goes wrong during the update, we need to be able to recover the device and make sure it doesn't fail. The provisioning goes back to the initial setup of the device when the credentials are created. Anti-piracy deals with the application and maintenance. For example, subscription controlled applications are the services that run on the device. The customer gets to manage those, but we provide them with all of the APIs and they call it the interconnect and plumbing so that they can do that. Secure storage is built up against using the features that we provide. And then the integration directly for Azure and AWS, we built it using the credentials on the device so that the customer doesn't have to go through and figure out how to use a secure element or a TPM or Azure Dice or whatever it is at the very bottom of the connectivity stack or the credential stack. It's all integrated. And we just make it easy for the customer, make it as easy as you can for the customer. Do some want to connect to Google Cloud or to Alibaba? We haven't encountered much of that. The focus we've had, I mean, most of what we see is primarily probably because of where we're located is largely Azure and AWS. You're in Seattle, right? Correct, the city of clouds. All right, there's cloudy sometimes? Yeah, from like end of October through to June. All right. Maritime climate. And what are we seeing here on this next slide here? So this is basically where we went with Empower. So it's trust as a service, essentially giving the customer the ability to do the credential management. We're even working with some PKI providers, PKI service providers. So the customers who want managed credentials through someone else's services, facilitating for them to do that through third-party services as well. So we don't want to operate the HSM or the backend infrastructure, but we'll integrate it with it so that our customers can make use of those say, credential management services. And then again, for them to do their updates, this is a matter of they'll go and build, build a new firmware package. They have to sign it, encrypt it, they release it to storage. And then the APIs are already on the devices in the field that would go and retrieve that. So it's all to integrate so that the customer doesn't have to think and they don't have to build the infrastructure up. And this is showing some more about the Empower. Yeah, that's basically, so those bullets are very much. So one of the other pieces should mention as well as the device registration, AWS and Azure both support just in time registration, late registration on the device. So using pre-installed certificates only, the device is able to mutually authenticate to the cloud and enroll in the customer services. So they don't have to go and say extract a certificate and preload over a spreadsheet or a web browser. It's to basically automate the enrollment and connectivity for the devices. And it just carries forward from there. So I mean, fundamentally at the beginning it starts with credential management and carries all the way up through to the use the use and management of the credentials themselves and then the services that lay around top and then into packaging and protecting applications or models. So do customer have like some kind of a large software thing or web-based and they click and say deploy 10,000 meters? Literally what they do is when you, so when you think of the end of the test environment and release to manufacturing, they'll have an image that needs to be updated onto the device, they encrypt and they sign that that's deployed to the cloud through a web interface. It's associated with the devices that it's targeted to and the device periodically asks, reports its status. And if there's an update available and the customer said deliver it, then the device will undertake to update itself and then report back. And who in the company is taking care of this interaction with your technology? I guess the current managers. So it's in two places. Yeah, so basically when you think of this of the team that's first doing the application or the stock development for the embedded system, they're the ones that make sure that the initial firmware has all the connectivity and features that they wanna go into it. If they want to use the APIs, they'll build, they'll build, call it a utility that does the unencapsulated of encrypted content for some specific purpose, whether it's data or a model, they'll work that out. The initial firmware goes out for manufacturing. So when the devices are first built has the update capability built in. And then on the other side is when they go to release an update, that's typically through an operational environment. At this point it's now a matter of the system is in the field, somebody else has responsibility for it. So they'll go through whatever their release, whatever their release processes are to publish the firmware so that it's accessible for the devices. But many of the devices are actually they have to be designed and finalized and kind of like sometimes invented by the design house at the factory nearly, you know, in China. And they, so then- There's actually, well, that depends. You actually rate, you raise an interest in case because there are companies that will outsource the entire design to say a device manufacturer. And those are probably some of the more frightening scare, some of the more frightening security scenarios because the customer doesn't even know what's going on in terms of security on their system. In the cases where we see say more attention to security they're either doing initial prototypes themselves or they're working with an ODM and giving them security requirements that must be addressed. But it comes down to who owns the security problem and for companies that care, they still keep it inside of their own business. They may have someone else manufacture the hardware or do certain, you know, do certain firmware components but in the end, the OEMs still own, they still own the system in terms of responsibility for the security features. But maybe they're, I'm sure it's gonna be like a range of trusted suppliers that you might be working with that you can recommend them to work with these guys to develop solutions for this or that. We'd gladly give recommendations and I'd say then the next step is is even if you're not certain about the partner, make sure that you're getting genuine parts and limit their visibility of what they see in terms of your intellectual property. I mean, we can, we've supported customers doing manufacturing in non-secure untrusted facilities. It's possible to do it and their systems still cannot be stolen. It's just a matter of making sure, you know, they understand what's involved with that and what it looks like for, you know, can we do it on their specific silicon? This is back into, yeah, the IP and the insights into the device behavior. So when you think in terms of if there are tamper, if there are repeated flaws, if there are maintenance problems on the system is providing the ability for a customer to have the device report that information back. And then in the case of tamper as well as when a tamper happens, actually have the device recover itself. You talk about MCUs? Yeah, so on the MCU side, it's more challenging just because of the resource constraints. It's even more fragmented in terms of what the security capabilities are. So preferences to work with again, with microcontrollers that have a very rich security feature set. You know, I kind of give, for example, there are some from, well, NXP, Microchip, ST Micro at this point all have, I could call them, very capable parts. It's a matter of, it comes down to cost and performance requirements. Most of them, you know, you can get secure boot capabilities, the ability to isolate hardware. It's then back into which operating system, what do you want built in there, whether it's Zephyr or FreeR TOS or, you know, Azure R TOS. And it says here that people can contact you with info at your website and then get a for demo or free trial. Can you talk a little bit about the business model and is there like some published pricing or it depends on the project and stuff? So we actually have to be flexible because it depends on the size of the company and the number, the volume of the product. So we typically license on a unit volume, like for a product. And obviously, the price is depending on the scale. The service is based on a subscription service. The free trial, so in the case of the microchip boards, we actually have a downloadable kit that they can take and try on a board with the APIs. So they can try the cloud connectivity, the SAMe 5D2, so there are a couple of boards that we support. So example would be the Exelt board or the Unprovision Trust Board from Aero. They can actually try. We're working on another one as well. It will be for the IMX8M Plus. So this is going out through, we haven't made the announcement yet, but we're supporting one of NXP's largest partners that delivers a system on module for the NXP IMX8s. And we'll have a kit available for their system as well. And so the idea of having a kit right there is that people can start to play around with your solution. Exactly, they wanna understand what do we know about security? So the easiest thing to do is they can go through the documentation. In the evaluation kit, we provide fully working examples and source code level for all of the APIs and connectivity customers can take it and work with that. And then at that point, you're usually working with a person who's been tasked to deal with the security aspects of a system or a design that they're working on. They'll get in touch with us, we'll give them presentation and overview. Then they just obtain the evaluation kit and go from there. By working with you, would you say that maybe the whole value proposition of an IoT device can be like to give people, sell something and say, as part of the pitch is that, hey, you buy this amazing IoT security device, security camera device, and then this X number of years of secure updates. And that makes it like a more attractive device. Think of it in the case of our customer. So an example, it would be boundary. So one of the, on the previous pages, they provide a home and small office security system. They wanted update capability and for them, the update matters. They know that the devices will be targeted once they're in the field. And they want to be able to go forward and manage these once they're out there. I mean, they've taken the right approach to security. They know devices get in the field and we've got to fix things or add features to it. The whole point was this all starts at the very beginning with the design. I mean, we do occasionally get involved in the design, the system design as well or down to the chip level. Then they want to understand it. The requirements vary so much and depends on where we catch them in the design cycle, but the requirements vary so much in terms of things like rollback prevention or recovery that those are, they're often, there's some customization required and we'll help the customer either, we'll provide them with a reference or we'll do the work and do the integration for them and give them the software. How about this year and stuff with not so many trade shows and stuff. Usually you would go to like the embedded world and stuff like that. Absolutely, we would be in multiple booths in Nuremberg. A year ago, February, we were supposed to be live in the Amazon in the AWS booth. And without the trade shows now, it's just... You weren't there last year? We didn't go, we did not go last year. So we were lined up to be present in the AWS booth. They canceled the whole Amazon booth, I remember. They did, I mean, we were in the Amazon booth. We were supposed to be in the Amazon booth last year giving demonstrations and speaking. And none of that happened. Typically we'd be in embedded world and a couple of other events, possibly IOT Solution World Congress in Barcelona, we'd be there. And what's happened over the course of the past year has become a set of webinars. We've done a few conferences and the sort of the web virtual conferences, they just aren't the same. I mean, you know when I say multitasking means a person is staring at their cell phone, they're reading PowerPoint and doing their email all at the same time, not paying attention. And one of the benefits of the events like embedded world is actually meeting people face to face. Being in a booth and arranging meetings because as well beforehand, you arrange with your partners, who's present? Who should you go speak with? So it's much more difficult now. So I mean, the whole concept of marketing and channeling is I get dozen, hundreds emails a day, invitations to webinars and at the same time, we're doing the same thing, delivering these and working with our partners and the channel to reach out to the customers. I mean, the past year and a half has changed dramatically the way we do business and I don't know if it'll be the same again in the future. There's still the benefit of face to face in person to person. I mean, no debating that. I would think that all these tech companies should have all their tech like to be in the forefront of how to use tech to do business, right? But it's hard to get out of the analog world even for the very, very amazing tech companies, right? It's been pretty funny actually watching because we are a very distributed company. We have people that live all around North America and we've been that way for more than 10 years. So we've been leveraging videoconferencing, audio conferencing, the online collaboration. We've been leveraging that for 10 years. So for us when COVID hit, it just meant, okay, we don't get to go to the office. And I mean, for now we have, you know, people who've deliberately, they like to travel. We don't have, you know, we have several software developers that are world-class ranked rock climbers. They're extremely disciplined. It doesn't matter where they're physically located. They have connectivity, they can get the work done and it gets done well. I mean, it wasn't a culture shock for us. It just meant not so much at the office anymore. And there was a, there is one guy at the Leonardo. He's famous for installing internet at the base camp of the Mount Everest. Oh, something like that. It wouldn't surprise me at all. I mean, I know that, I'd say one of our leading rock climbers, I know that he does not take a cell phone or a computing device when he's scaling cliffs. But I know at the base of the cliff, he'll sit down and work on software. I wonder if these Starlink satellite dishes have a mobile version you can put in your, and your climbing backpack. Okay. You know, we'll see. Don't be surprised. Don't be surprised if they do it properly. I have a satellite connected audio receiver at home. And the antenna for that is probably six centimeters by nine centimeters. And it gets enough of a signal. I mean, the thing with the satellite is it needs to be bi-directional. So it's going to take a little bit more, a lot more in terms of setting the direction properly and power management just because you have, you have the uplink side as well to transmit back. Yeah. I have an awesome video with Merck. They're talking about doing, using LCD to do a phased array kind of a satellite-based technology that can have so small. Okay. But so basically you- That's interesting. You think about this and you think about even how antenna, I mean, apart from the semiconductor is also a background in transmission theory and optics. And when you think about what this means for, I mean, radio and optics where technology is going in terms of phased array or adjustable arrays, the systems that will actually, the antenna will be able to adapt itself to the signal. The beam-forming stuff, right? Yeah. Yeah. Yeah. But the antenna can adjust itself. You track it properly. Because I mean, they're always having to do things like clock recovery and clock stabilization. They're just doing, you know, phase analysis that receiver and they can literally beam-steer the antenna. So you're happy if your colleagues, if your employees are getting inspired wherever they want in the planet? Absolutely. Absolutely. The time of day doesn't matter. They want to go climbing in Spain. They go climbing in Spain. It's sort of the, that's the way it is. And I mean, they are seasoned, mature and disciplined. And there's something we found in the rock climbing culture as well. They never go it alone. There's always more than one person and they realize the one on the ground holding the rope, you're depending on them just as much as the one being careful going up the cliff. And that's the approach they take with software as well. We're very much accountable to each other. The team works that way. If there's a problem, there's no blame. We work to resolve it. It's just, it's the company culture. We have to solve the problem. So there's just one rule. You can't have any solo-free climbers. What do you call those, the ones without the ropes? Yeah, the free climbers, we don't. They carry ropes. They'll be stringing the rope on the way up, but they're on ropes. All right, all right. Yeah, but so if you have all this experience doing that, that sounds like an awesome culture to have in a company. But the problem is, is when you start to go and try to talk with all the other companies, right? And maybe it's not really, it's a lot of Zoom calls and stuff or what? It's actually not that bad. So one of the challenges as well is identifying a quality customer versus one that doesn't actually understand the problem that they're dealing with. I mean, security is hard and people like it because it's interesting and a lot of people will wanna go and vent it themselves. And one of the challenges you run into is they don't necessarily understand how difficult it is until they've done it and failed. And that's sort of, I mean, I would say most teams that we work with, they've been through an implementation before and they understand how difficult it is and that's what we specialize in. And it's identifying the ones that are just sort of coming in and going, I heard something from the sales guy from this company and I'm just gonna put this part on my board and it's like, yeah, think carefully about that. It's not so easy. Security is not a bolt on. It has to be designed in. All right. And so I guess the IT market keeps growing, right? And the Masayoshi-san who's trying to sell it to NVIDIA, but the whole vision was like trillions of devices. It's gonna be so many IoT everywhere, all the everywhere. So it's keeps growing this market. It is. And what's interesting is I think we're in another expansion phase. So if you think of, way back a long time ago, there were main frames and terminals. So centralized computing and then we moved forward to PCs and mini computers in the desktop and you had decentralized computing. And then it turned back into sort of a mix of PCs and servers and you had some sort of hybrid environment. And then all of a sudden there's the cloud thing, which is basically giant mainframes and data centers with lots of bandwidth. And now we're back to the situation where we're rediscovering what an appliance and an edge computer means that's running a specific function because the horse power and the compute power has changed so much. Then it makes sense now to decentralize again to optimize bandwidth and even uptime and resiliency. This big cloud back in, did they turn into single point of failure? What if there's an earthquake? What's the redundancy look like say across a major cloud service provider? And ask these questions because I used to work for one of the large airplane manufacturers on the planet and know that they have redundant backup systems spread around the world even for their own operations because there's earthquakes here too. And so what's next? Do you talk about the future roadmap or is there like some requests from customers and that you say, okay, that you wanna say that what's next? Yeah, so we're moving forward and we're actually leveraging other forms of hardware isolation. So there are places where you know, we'll raise the bar even higher for isolating, say for example, application execution. So we're currently working with a hypervisor combined with what we have to take and create, we'll call it asymmetric multiprocessing on some of these multi-core CPUs so that the CPUs themselves are running completely different systems. And they're networked together on chip. And it just raises the bar that much harder with another layer of hardware isolation than some of our customers are demanding this. That sounds awesome. And one thing that I'm wondering because it's been a trend for a few years and I guess it's going even more and more as far as I understand the process nodes are getting smaller and the diet is more space. So maybe I was wrong, but then there's all these, they're adding the AI stuff on the SOCs. Yeah, so basically use that. Yeah, so basically what it means when the process node shrinks, say you're going from some of the older parts are probably still in 40, 50 nanometers. And over the course of the past 10 years, we're going down, go to five nanometers and lower. What that does by reducing the gate size dramatically reduces the real estate. So the dye becomes much smaller again or the dye is larger with just that much more capability. But at the same time, because the gates are, you know, the gate width is so small, they operated a lower voltage and therefore it can run faster, but also consume a much less power. And the other thing that starts to happen as well is it becomes that much more difficult to break the device because you're now on such a dense population that trying to even go after that with something like focused ion beam becomes more difficult. So the security improves as well. Nice, because all this AI stuff on the chip does that also give you some ability to use that and do more security? Absolutely, think in terms of even, think in terms of even the analytical models that can be done to basically do network or traffic analytics on a device. So even monitoring the environment around it where you instead of moving the model out to the cloud, you're actually running this on the edge nodes. And we have customers looking at doing that as well. So they're basically calibrating models to understand the nature of what's happening within their own systems and then monitoring those on the device. All right, but thanks a lot. I think we've done a feature film so far. So that's awesome. And I guess we could go on it. Yeah, it's not gonna be edited. It's just gonna be like this. And hopefully people think it's great. And so people can contact you, right? Maybe they can contact you and get more information. Absolutely, I mean, we're always happy to deliver a presentation and walk through. Dennis, well, there's a lot of stories that haven't been told to. All right, yeah, we can do what you call it, a sequel maybe in the future. A sequel of horror stories of other things that we can talk about. Yeah, that'd be great. I'm sure you have a lots of stories and maybe also your colleagues have great stories to talk about in the future. But people can watch your, do you have a YouTube channel? What do you post all those webinars? So a lot of the material is posted through our site, our partner's site. And I think there will be links through LinkedIn feeds on the company. So I'll link to your LinkedIn and you have a Twitter. And people can check it out. All right, so thanks a lot. And I'm looking forward to a physical planet in the future with straight shows. I'm hoping we can get to Nuremberg because it's a really fine restaurant. Oh, there's one specifically. I was that one. Is that the one I went to? The seller? No, there was these amazing Bradwurst and a whole bunch of stuff. It was like on the bridge. Yeah, I don't know that one, but at the base, so translated to English, it would be the NASA castle tower seller. There's a door that's probably nowhere near two meters tall. So the door is probably a meter and a half. You open the door and it's a stone staircase down to the basement underneath the tower. And you can't stand up straight because you'll smash your head on the stone. The food is fantastic. Just great, great food, fresh beer. Is that where they had the torture chambers? Probably. Yeah, that's a beautiful city, but not just to look around nice cities, but also to interact with the cool tech companies. Absolutely. It's gonna be nice when it happens. Yeah, I really missed meeting people there last year because I'd say most of our customers and every day the company has calls, 8 a.m. Pacific for sort of our regulars that we speak to in Europe. And it's just, it would just be nice to meet them again in person. Yeah, all right. Cool, thanks a lot. Thanks everybody for watching. And hopefully we get lots of views of the people that think this is interesting. You can hopefully you can share it with your contacts. Yeah, we will. I appreciate it. Thanks ever so much. Thanks a lot. Thanks everybody for watching. Have a great day. Have a good day.