 Hi everyone, I'm Clive Watts with IR Systems here at Embedded World in Nuremberg 2020 bringing you the latest technology that we're introducing and launching at the show here today. So we're talking about a major problem that we have with the industry which is to do with securing the IoT supply chain. So developers of IoT products they have a major problem. A couple of key issues that we're addressing today in this new product range is how you protect your IP so you make a big investment in your software development and you need to make sure you get that into your manufacturing department out to external contractors without that IP being affected, influenced, stolen, modified. And the other major problem that people have is overproduction. So we have a system whereby you can ensure that when you ask your contract manufacturer to make a thousand pieces of your IoT product they can only make a thousand pieces. So those two things are very powerful that resonate very strongly with the customers that we're talking to here as issues that they have getting their products to market and obviously maintaining their own brand and preventing problems with their customers. So we're talking here about secure things right? Indeed. So it's part of IR? So secure things was a startup company that was founded about five years ago and was acquired by IR systems a couple of years ago because of the synergy between the development tools that IR has and the security aspect, the security expertise that secure things brings. So that's a really powerful combination it's kind of our unique selling point at the show here is that combination of development expertise but also production security expertise. So that's what we're looking at here for example what is this? Yeah so this is an example of an application that's been developed by a developer and we've moved it down and programmed it into this demo board here. We've customized it and made it have a unique identity so that when it goes out into the big wide world when it connects up onto the internet and it has a unique place on the network and we can identify it and we can make sure it plays nicely on the internet with all the other products. So are you demonstrating your solution? Yeah so I can show you how the STP works. So STP is our secure desktop provisioner. The idea here is that in the production environment we don't have security experts, we have people who are trying to get a job done, people who are trying to make sure they just get their boards set up and configured and delivered as the designer intended. So we have a very simple PC based application here. Essentially what we're doing as a production division is choosing a manufacturer in this case IR systems is the manufacturer. Choosing a product that we're programming in this case we're programming an NXP K66 based product. We're choosing how many parts we want to program today. In this case I'm just going to do the one piece and when we're ready we just hit start here and this is where we do all the security work, create a unique identity for this device and then you'll see in a moment this device will start programming, going through a sequence of operations, setting up the device and making it fully secure. So here you can see a programming head. This is actually talking to the device, interacting with it and eventually we finish and we can see that we've successfully provisioned and programmed up one complete part. So this is really designed for prototyping for low volume production, maybe doing initial production runs of 100 to 100 pieces before you go to volume production later on. Is it to do with with securing a proprietary software? It's encrypted in some kind of... Yeah, so the key thing here is that once the designer has completed his work and the software engineers are all done and what you need is to package all that up, secure it, encrypt it to make sure that no one can interfere with that before it gets to production. So that's the key essence of the product offering that we have here today. It's not only to do with proprietary software, it has to do with security. Yeah, it has to do with making sure that you deliver your product. You know, you may be designing in the US and manufacturing in China and those are obviously geographically wheels apart and you have to get your stuff in one place to another, but also all the different media that you might use to transmit that, they're susceptible to interception, to hacking and we get around all of those issues with the technology that we have. You don't want to have a security service of a country or another interfere and put a back door before the product chips and then suddenly to have a backdoor and all the different things. Yes, absolutely, yes. So the key thing here is we want the designer to know that when this product goes out the door from the contract manufacturer, it has exactly the same software in it that he designed. So over here, for example, we see a bunch of boards, are they all on boards maybe? Yes, so these are all on boards. The key thing here is obviously we're working with many, many different OEMs. They're using all sorts of different kind of ARM based products. Some of these are from ST, some of these from NXP, other vendors as well. And obviously we have to make sure that we support all those different chip vendors. So we work very closely with the silicon providers to make sure that we are implementing the best possible security that we can on the devices that they're manufacturing. And what's Disbox doing? That's a really good question. So this is our secret source, if you like. So this is conventionally you'd call this a hardware security module. In fact, our product is much more than that because it's dynamically talking to the chip when we're programming it, creating unique identity, creating cryptographic features for that chip in real time. So that's our secret source. It also holds all of the OEM's information securely so that it can't be intercepted and modified by anybody who's trying to do bad in the world. That means for this to work, you need to be partners and working together with companies like ST and NXP. Absolutely. So that ecosystem is really important to us. So we're working very closely with all the major silicon makers. Clearly they want to sell more chips into the marketplace. They know that security is an issue. Clearly we want to help them get those chips into the market and more IoT products. You know, we all know that there's been a huge promise about the rise of IoT devices in the marketplace that there'll be 30 billion of them going out there. But that rise has been quite slow, slower than predicted. And I think much of that is down to concerns about security. So we're working with OEMs. We're working with the semiconductor providers. And we're working with the companies who are producing the boards, manufacturing the boards to try and pull all those pieces together so that they form a secure chain. We call it a secure supply chain. And you're perfectly connected with the whole IR ecosystem Yeah, absolutely. So that's a really important piece because I have so many developers out there who are already building these systems. And what we wanted to do was just enable them to find a way to add security in with our C trust product, probably seen that elsewhere, and then be able to take that output and move it seamlessly into production. Because that's where many competing solutions fall down. They don't enable you to do that smooth transition to production. So if you're a startup company, you're trying to learn about security. This is an absolutely excellent way to do that. We sell a bundled product called Inception Suite, which actually gives you everything that you need to get started with security, really with the idea of trying to get people to think about security from the inception of their product and their project. So people who really have no idea where to start, and you'd be quite surprised how many companies are like that, we get them a starter kit that will get them everything they need. And with the new Cortex ARM V8M, for example, are you doing stuff on those that have a secure element, the ARM trust zone and the chip, does that help? So our system is very flexible. In fact, we've just announced support for trust zone in our product. So trust zone has been around for a long time. In fact, I was originally a trust zone product manager when I worked at ARM myself. So I know how long it goes back. Adoption has been a little bit slow because people haven't really known what to do with it. And what we're able to do now with what we've launched at this show is to make it really easy for developers to partition their work between the non-secure worlds outside of trust zone and using trust zone to protect their really secure stuff. So we're really enabling that market of trust zone today. And security is like the big topic of the embedded world. Everybody wants to be more secure now, because there's been shipping billions of devices that are not secure. Yeah, that's absolutely true. Yeah. So it hasn't really been a big incentive to build security in Intel recently. And I think what we're starting to see is a real tipping point in security, because for one thing, there's GDPR. People are having to protect customers property, their data. There's also legislation coming in very strongly. For example, California's just published a new law that all IoT devices must be secure. They're kind of a bit vague about what that means. But legislation is now driving people to think about it. And there's also been a few highlights, very newsworthy items where people have got into trouble, they've got fined, companies brand suffered, perhaps their stock prices dropped as a result. So there are many, many different incentives for people to get on board with security. And we're really seeing that tipping point happening now and people moving forward saying, OK, we're ready to do security. How do we do that? And I secure things between them are offering a great solution for that.