Yet, IoT invokes opposing sentiments. While technology evangelists are enthralled with the idea of human-machine interactivity and an automated realm, alarm bells are sounding elsewhere for IoT manufacturers and developers because of the inherent threats that connectivity poses. With connected IoT devices becoming prevalent in almost every field, an important fact to note is that “much of the ROI and business value of IoT ecosystems is drawn out of the data.” “But what if the data is not correct, or somebody hijacks an embedded device or IoT device and skews the data in some way, and the value being derived goes away?” questions Loren Shade, vice president of marketing at Allegro Software.
That is precisely where the real challenge lies for a lot of IoT vendors: once the data is collected, making sure that it is secure during its transmission to the cloud. Unfortunately, a majority of IoT developers fail to grasp the possible ramifications that can arise out of their IoT products, including compliance issues concerning GDPR, HIPAA, HITECH, and a variety of different regulations. Shade emphatically states, “Security is not just fire-and-forget; it has to be continually addressed through the lifecycle of a device.”
As the character Mad-Eye Moody preaches in Harry Potter and the Goblet of Fire, “Constant Vigilance!” IoT developers and vendors need to be continuously watchful from the creation of an IoT device to when the device is decommissioned at the end of its life.
Allegro makes sure device vendors can be up to the task.
“IoT technology is more than just evolutionary; it can be transformative for everyone in society,” says Shade.
At the forefront of the evolution of device management solutions is Allegro, providing a family of patented web servers and security toolkits specifically made to work in embedded environments. Their standards-based security and connectivity software toolkits allow embedded and IoT devices to connect to enterprise environments securely.
It All Boils Down to Security and Connectivity
Originally, when Allegro was founded more than 20 years ago, their first-ever product, RomPager, was based on device management. On that note, Shade goes on to explain why nearly all of their products are prefixed with ‘Rom.’ Back when the company was founded in the mid-90s, no processor had two gigabytes worth of memory and all the horsepower of today. What existed then were extremely small 16-bit MCUs that had very limited RAM, which brings the focus to one of the unique features of Allegro’s products.
Our products are highly configurable and scalable, and engineered for resource-constrained IoT edge environments
“We had specifically engineered our product to allow all of our software to run from ROM while using minimal RAM,” states Shade.
To assist developers in building security and connectivity into their IoT devices, Allegro provides powerful agent technology with the Allegro EdgeAgent Suite, which is made up of two collections of software components. The first is the Allegro EdgeSecure collection. Allegro EdgeSecure builds security into IoT devices, and consists of the Federal Information Processing Standards (FIPS) 140-2 validated Allegro Cryptography Engine (ACE), RomSTL, RomCert, and RomSShell. ACE is a cryptography module that feeds any type of standards-based products that have or need cryptography. Specifically designed for the rigors of embedded computing, ACE enables device manufacturers to add sophisticated FIPS-approved encryption technology to their designs and dramatically accelerate the development cycle. Ever since the company was founded, they have always believed that during device management or when a device is reaching out to other devices or the cloud, communication channels should be secured. RomSTL is Allegro’s own Transport Layer Security (v1.3) product that they wrote from the ground up and engineered for resource-constrained environments. Allegro also offers RomCert, a certificate management toolkit, because IoT devices, once deployed, go on for years, but certificates are typically not issued for longer than about 18 months. So if device certificates need to be replaced while the product is deployed, RomCert allows developers to do that and helps them make sure that the digital signatures are in place for firmware updates.
Allegro’s second collection of innovative components make up the Allegro EdgeConnect lineup and include the RomPager, RomWebClient, RomXML, RomXML Plus, and RomCLI modules. The RomPager component, built with patented technology, enables developers to create an Embedded Web Server in extremely small storage space. “Our products are highly configurable and scalable, and engineered for resource-constrained IoT edge environments,” adds Shade. Next is RomWebClient, which allows embedded devices to communicate with cloud-based resources— an important need in the IoT space. With the RomWebClient toolkit, engineering teams are able to leverage proven web technology when creating custom networked embedded designs. Both the RomPager and RomWebClient components, Shade emphasizes, are very scalable, and pre-integrated with RomSTL. Finally, the RomXML and RomXML Plus components allow developers to parse and frame XML along with supporting REST, JSON, and SOAP.
As the saying goes “time is money,” Allegro’s standards-based connectivity and security toolkits save IoT development teams a tremendous amount of time, money, and effort by allowing them to leverage these toolkits to build their end product.
Their Measure of Success
Allegro has had far more than its fair share of successful customer stories, and Shade, without missing a beat, names two right off the bat. The first involves one of the largest defense contractors in the U.S., Boeing. They have a product called the Combat Survivor Evader Locator (CSEL), a combat search and rescue communications system that allows downed troops to securely communicate for help. When Boeing needed to upgrade the cryptography in their products, they turned to the ACE module to support a much-improved cryptography suite that meets all of the requirements of their application. Allegro’s products allowed Boeing to scale the ACE cryptography module down to the required specific size to fit into their device.
"Allegro solutions are engineered for resource constrained IoT environments, and improve security at the IoT edge"
On another end of the spectrum is Stryker Medical, one of the world’s leading medical technology companies. Among their innovative array of medical devices are hospital beds, which, much like the ones in Star Trek, can indicate a person’s weight, respiratory data, and more. Stryker Medical was keen on selling their product to Veterans Affairs hospitals. What was stopping them? The beds had connectivity, and the VA security requirements mandated the use of FIPS validated cryptography to back up the security. They reached out to Allegro, who assisted them with the FIPS validated cryptography, allowing Stryker Medical to meet VA hospital requirements. Besides Allegro’s security offerings Stryker Medical also uses Allegro’s HTTP, XML and JSON products to securely communicate bed data to their business partners.
Among Allegro’s customers, 90 percent do their own implementations using the Allegro provided software with a complete set of enterprise-grade manuals including robust sample applications. Allegro has engineered a portability layer into the products that allows customers to use their choice of processor and operating system. This porting layer is being shipped in hundreds of millions of units today. If it is Allegro’s industry-leading technology stack that attracts an abundance of customers, it is the portability of their products that keeps them coming back.
Today, in an interconnected world that is glued together by IoT devices, Allegro continues to ensure that manufacturers and developers of IoT ecosystems can deal with the ramifications of a larger data lifecycle.