Building Trust in IoT, Plus Smart Buildings with KNX – EE Times

Events
This episode of the embedded edge with Nitin podcast is all about trust and creating secure environments for the internet of things (IoT), and KNX, an open technology standard well established in the world of building automation and smart homes and buildings. We’ll look at these through interviews with ProvenRun, Crypto Quantique and Cascoda.
In the first interview, Thierry Chesnais, CEO of ProvenRun, a company focused on creating the world’s most secure operating system (OS) and trusted execution environment for connected vehicles and smart devices, chats about the company’s pedigree, its journey, it’s success to date and future plans. The company managed to raised €15 million (about $19.1 million) in a series A funding round in December 2023 to accelerate its product roadmap.
In the second interview, Shahram Mossayebi, CEO and co-founder of Crypto Quantique, an IoT cybersecurity startup that provides both a physical unclonable function (PUF) hardware IP solution and software platform for device lifecycle management, talked to us about some of the trends and challenges in IoT security. We also discussed the latest developments from Crypto Quantique.
In the third interview, Cascoda CEO Bruno Johnson explains KNX IoT and how Cascoda is involved in deploying this technology. KNX is an international standard (ISO/IEC 14543) for commercial and domestic building automation and supports an open-source stack that conforms to the KNX IoT Point API transport medium. Bruno explains more about KNX and how it’ss well established in the world of building automation, and about Cascoda’s technology.
[FULL TRANSCRIPT BELOW]
EE Times Announcer: Welcome to Embedded Edge with Nitin, a podcast that brings to life the stories behind today’s embedded systems, technologies, and products. It’s the show where you’ll hear from both engineers and executives on some of the most topical news and most pressing challenges in the world of embedded system design. Here’s your host, editor-in-chief of embedded.com, Nitin Dahad.
ND: Welcome to this edition of Embedded Edge with Nitin. This episode is all about trust and creating secure environments for the Internet of Things, or IoT, and also KNX, an open technology standard well established in the world of building automation and smart homes and buildings. We’ll look at these through interviews with companies called ProvenRun, Crypto Quantique, and Cascoda. In the first interview, I met up with London with Thierry Chesnais, CEO of ProvenRun, a company focused on what he said is the world’s most secure operating system and trusted execution environment for connected vehicles and smart devices. The company had just raised 15 million euros in a series A funding round to accelerate its product roadmap. So, I sat down with Thierry to learn more about the company’s pedigree, its journey, its success to date, and future plans. In the second interview, I chat with Shahram Mossayebi, CEO and co-founder of Crypto Quantique, an IOT cybersecurity start-up that provides both a physical unclonable function, or PUF, hardware IP solution and software platform for device life cycle management. We chatted in London in late 2023 about some of the trends and challenges in IoT security, and also about the latest developments at the time from Crypto Quantique. In the third interview, I caught up with Bruno Johnson, CEO of Cascoda in London to talk about KNX, IoT, and about how Cascoda is involved in deploying this technology. KNX is an international standard that’s ISO or IEC 14543 for commercial and domestic building automation, and supports and open source stack that conforms to the KNX IOT point API transport medium. Bruno explains more about KNX and how it’s well established in the world of building automation, and about Cascoda’s technology. Let’s get straight to the first interview with Thierry Chesnais, CEO of ProvenRun. After that, you’ll hear from Shahram Mossayebi, CEO and co-founder of Crypto Quantique, and finally about KNX and building automation with Bruno Johnson, CEO of Cascoda.
I’m talking to Thierry Chesnais, CEO of ProvenRun, a company that’s just raised 15 million euros to enhance their security solution for IOT products. Thierry, hello.
TC: Hello Nitin. Glad to be here.
ND: So, Thierry, tell me a little bit about ProvenRun. I don’t think I’ve ever come across you before. So, what do you do, and what’s so good about you?
TC: So ProvenRun is a cybersecurity company focused on the internet of things and automobile. Our specialty is security by design, and we’ve achieved the highest level of certification on common criteria. We’re the first and only operating system to have achieved level 7 on common criteria.
ND: And you’ve been going since about 2009. It was founded by your founder in 2009. You joined a year ago. What was the premise of, I think you pivoted around four years after it was founded. But what was the premise at the beginning, and what are you doing now?
TC: ProvenRun was founded in 2009 by Dominique Bolignano. He’s a repeat entrepreneur. He created Trusted Logic before, and his vision was to create the most secure operating system for the Internet of Things, to create trust in the Internet of Things. Those devices are everywhere around us. They’re very deeply embedded. Sometimes they’re running critical physical infrastructure. Airplanes, trains, a lot of our controllers around us in connected buildings and manufacturing plants. So, they are very critical to our lives. And so therefore getting as close as possible to perfection in the foundational software that runs them is super important. This was Dominique’s vision at the very start in 2009, and it took us ten years of R&D efforts to reach the highest level of certification common criteria, so a lot of effort. We started to commercialize in 2020, and [have been] going strong since.
ND: And the offer is basically, you’re offering a microkernel operating system for a bunch of markets, right?
TC: That’s right. Our major products, we have three major products. One of course is the microkernel, both for microprocessors and microcontrollers. Two is, we also offer a high secure high [provisor], and three is, we provide trusted applications that run on top of our secure OS called ProvenCore.
ND: And what kind of success have you had so far? You said you basically started commercializing in 2020. What kind of success have you had in the market so far?
TC: Well, we have three verticals, right? We have airspace and defense, automotive and semi. I can of course not talk much about some of our defense clients, but I can talk more about automotive and semiconductors. We have the chance to work, for instance, with Renault, who’s one of the leading car makers in terms of software defined vehicles. They have a groundbreaking partnership with Google, with Android Automotive and Qualcomm, and we have the honor of working with them to secure their software defined vehicles. We, in semiconductors, we have a partnership with ST Microelectronics. They’re the number one chip maker when it comes to 32-bit microcontrollers. And we help them secure their range of secure microcontrollers. The latest example with ST is the H5 family, which is their flagship family of microcontrollers, high performance, high security.
ND: And I think you announced that at Embedded World in 2023, didn’t you?
TC: Yes. ST launched at Embedded World in March this year, and won the best in show award for their secure microcontroller. We’re very happy that we were able to support that.
ND: Tell me about your customer journey. Why does one get convinced by what you’re doing? Because the security is something that’s hard to convince anyway in the first place. But how do you manage to get that sort of foot in the door?
TC: Well, it’s exceedingly hard. We’re the one and only company that reached the highest level on the common criteria scale, which is the global standard for security of IT systems. That’s unheard of. So, everyone sort of knows how difficult that is and how high of a bar that is. So, we don’t just claim that we’re secure, but we’re able to demonstrate it through certification. So, it’s not an unfounded claim. It’s actually something that is verifiable and that is substantiated. So, this catches everyone’s attention. And the quality of the code is such that since our certification in 2019, the code bait hasn’t changed. So, no bugs in five years, which is very important to any car makers and chip makers who need to constantly patch and correct bugs in their code bases. So, when they see the benefits that can come with this, I think this is really what catches their attention, and they want to hear more.
ND: And now tell me a little bit about the funding. What’s that going to help you to do? Why did you need to raise funding? Because you’ve been growing quite successfully already.
TC: So, the company was bootstrapped. So, the company has been sort of self-funded since the beginning. Additional funding will help us accelerate in terms of our technology and product roadmap, as well as expand commercial operations particular to North America.
ND: Right, and I think your sort of major base at the moment is in France, but you’re expanded into Germany and the US. Is that right?
TC: Yes, that’s right. ProvenRun has a global customer base. So yes, some of our clients are in France, because this is where we’re headquartered, but we have global clients also in Asia.
ND: And what’s next for you, Thierry?
TC: Well, the journey’s just the beginning, right? After where the year goes, so you’re catching me at a good time, Nitin, because this is actually my one-year anniversary with ProvenRun. I’m very excited about the continuation of the journey and actually making ProvenCore a standard in the industry, because that’s probably the best quality there would be.
ND: Thierry, thank you very much.
TC: Thank you, Nitin.
ND: I’m talking to Shahram Mossayebi, CEO and co-founder of Crypto Quantique. Shahram, hello.
SM: Hi Nitin.
ND: We are going to talk a little bit about some of the trends in IoT security, and obviously you’ve been involved, we spoke a few years ago when you started Crypto Quantique, specific sort of specialty. But let’s talk about some of the trends of what you’re seeing right now.
SM: Well in the past couple of years, we started seeing real movement on the ground, so since 2016, everyone being on the internet talking about IoT security, but the ground wasn’t really showing the same interest. But a couple of events, such as the pandemic, such as the cost of cybercrime to the economy, and also I think the mistrust between east and west of how the devices are created and how we can trust them in our national infrastructure, have made people to think way more seriously about IoT security, and we’re seeing that actually on the ground from suppliers, OEMs, and silicon vendors, consumer brand companies, that are looking into security by design and integrating solutions into their devices to make sure it provides security.
ND: Specifically, I think we talked about there are certain types of attacks and types of—are there any sort of convergence of things that you’re seeing in terms of technologies or how people are implementing it? Or is there still an issue because people still are worried about how to do it or the cost of it?
SM: Yeah. I think the complexity of it is a great problem right now for two reasons. One is the customers on the ground, it’s hard for them to understand, get a grasp of how things need to be done and integrate it. At the same time, what’s coming from the marketing side of things is a lot bloated, and it’s not really educational. It’s not really in the benefit of the customer. And that’s creating problems. So, for instance, in the past couple of months, we have come across MCUs from well-known vendors which are not actually providing the security features that are being advertised on the team, for various reasons. Some of them, the firmware is not complete. Some of them, actually the hardware doesn’t work properly. There are various reasons, but it creates problems for the end user when they want end-to-end or [?] security, they buy the MCU and then they realize they cannot actually store the keys securely inside the MCU, and that makes everything fall apart. So, we’re seeing those problems that require a lot of education and awareness, and that’s something that we started doing through a couple of initiatives.
ND: And tell me about those initiatives.
SM: Yeah, of course. So, one of the main things that we are doing to actually show to the rest of the world how security is done by design properly is through the new initiative recently we launched called QuarkLink Ignite, which is essentially a freemium version of our QuarkLink SAAS IoT development tools that is now available. Your audience can just go on quarklink.io to sign up for free and download the embedded codes required for different devices from GitHub account. And that allows them to automatically do security by design for the MCUs that are currently supporting, and just enjoy the whole end to end security, property done, properly explained to them to understand how and what is being done for their projects. For the free version, they can onboard up to 50 devices from secure boots, provisioning, all the way to secure firmware update over the air. We are looking to add support for more MCUs and Wi-Fi modules on our GitHub for free for people to just download and have the proper security for their connected devices.
ND: And you’ve had a number of downloads already. Is there some initial data that you can share in terms of what you’re seeing or how people are doing things?
SM: Yeah. So, in the first week, we had a good amount have signed up, and a big hit of over 600 for quarklink.io, and we’re getting requests now from some of the users for the new MCUs that they want us to support. So, we’re looking forward to supporting more MCUs and more wifi modules, with the code, embedded code, that does all the hard work from security point of view, from secure boot to provisioning and onboarding of the devices to cloud services, out there for people to just use, and don’t be bothered about it anymore.
ND: And tell us a little bit about the progress generally with Crypto Quantique, because I think you’ve had some other sort of developments over the last year or so.
SM: Yeah, of course. Just regarding the initiatives, there is another initiative that we’re trying to do, again to educate the making. From a security point of view, we want to highlight some of the key issues with security components that are being used in different products or generally people talking about it, as these are the safe ways of doing security for IOT. Kind of create awareness, generally cannot share more at this stage, but we’ll be doing some research on those areas. Separately, post quantum cryptography is the next step that the whole industry will move to. I think last year we announced a POC on post-quantum cryptography algorithms from chip to cloud again for IOT devices, collaboration work with ATH Zurich University that we did, and I’m delighted to announce that we just won a large EIC European grant that allows us to productionize that product for the IOT, allowing them to be able to do post-quantum cryptography with minimum amount of resources required from chip to cloud.
ND: And what else can we see from Crypto Quantique?
SM: So, we are concentrating more around adding more features on the cloud side for different applications of cloud security. We’re trying to make it easier for security by design, but also take away any security burden that is on the end user’s shoulders so they can concentrate on making value, creating value of the data, rather than dealing with how to set up their systems from a security point of view. So, more features will be added to QuarkLink. More devices will be supported through QuarkLink, and then on the hardware side and the circuit, but also on the cloud side, we’re going to push new products that support post-quantum cryptography.
ND: Shahram, thank you very much.
SM: Pleasure. Thanks for having me.
ND: I’m talking to Bruno Johnson, CEO of a company called Cascoda, and I’m catching up with him on everything IoT and smart things, and some of the networks and standards. Bruno, hello.
BJ: Hi Nitin. Great to catch up with you again. It’s been a while. So yeah, as you probably know, Cascoda got involved in the Thread standard for internet protocol based IoT back in 2015 when the thread group really started, and we quickly got involved. We ended up chairing the low power work group for the Thread group, and we took that through, became the contributor to the Thread standard, and the open source stack Open Thread, and we took that right through to the end of the remit for the low power work group for Thread, and now all our work is incorporated into the latest version of Thread, Thread 1.2, and then later Thread 1.3, which is the underlying standard that’s also used in Matter and other protocols.
ND: Tell us briefly just what your involvement and Cascoda’s involvement.
BJ: Yeah, so we always recognized that [four] IoT standards are extremely important. There is, of course there is a role for proprietary standards, but really, in order for this technology to become ubiquitous, it really needs to be based on strong international standards. So yeah, we got involved with the Thread group, and that’s very successful. But later, we got involved with the KNX Association. Now, KNX Association had started a standard called KNX IoT, which is extending the KNX building automation standard over Internet Protocol V6. So, all of a sudden you don’t need to go to a proprietary protocol down to, for that last sort of 10, 20 meters of connectivity, you’re internet protocol connected all the way through. So, your end device, the individual sensor actuator, has an IP address.
ND: And when was that?
BJ: So, during Covid we were asked for a meeting. I think it was 2020, we were asked for a meeting with the KNX Association. We sat down with their chairman and CEO, and we discussed the possibility of our skills, and how Cascoda could potentially help them to make an open-source software stack for their new standard KNX IOT. And based on our extensive experience, we had over ten years’ experience in this area by then, we got invited and won the contract to develop the KNX IoT open-source software stack, which we successfully launched at the Light and Building Show in Frankfurt.
ND: And this sounds [like] a very stupid pun, but why does that matter?
BJ: Really, really good question. So KNX was the largest building automation standard in the world, both by market sides, but also by number of installations. So, it’s around 40 percent of the global market. The products market for KNX is worth about 10 billion dollars today, and the analysts say it’s due to go up to about 30 billion by 2030. It’s really important, because standards in building automation are required to make our buildings more efficient. There was a bit of research launched, published by Carbon Intelligence in, I believe it’s late 2020, that said that central London’s buildings still used, I believe it was over 80 percent, 85 percent of their nominal energy consumption during April 2020 despite being totally empty. And you know, that just shows that our buildings are just not as efficient as they should be. And by using internet protocol-based technology, we can much better improve the energy efficiency of these assets, which are, you know, buildings are Europe’s biggest energy consumption, and we don’t have an option of rebuilding our infrastructure. It’s all about updating our existing infrastructure. And KNX IoT is a very big part of that story.
ND: And I think you were explaining to me when we chatted about this earlier, that it’s different, in that you’re not having to send, like with other standards, sort of go one way. It’s in all kinds of directions.
BJ: Yeah, that’s right. So, with KNX IoT, there’s a very important distinction between a standard such as KNX IoT and a standard such as Matter. The point with the KNX Association is that the installer tool is made by the standards group for the KNX Association. So, there are hundreds of thousands of installers all around the world who know the software, and trained on the software, and also, every single certified product for KNX is in that software. So, you can go into a building which had infrastructure installed in it 30 years ago, and you can still use that same software to reconfigure it and get it talking to new software, including KNX IoT. KNX IoT has been designed using the same models and the same semantics. It’s effectively KNX over IPV6. So, you just need a simple router device which does the translation between the IP segment and the twisted pair segment, and so you can get this new IoT infrastructure to add the additional sensing and actuating to turn off our heating, air conditioning of our buildings or rooms, if particular areas are not being used. We can do that automatically, and that’s the difference. It’s not going through the ecosystems of large commercial hyperscalers whose business model is about collecting and monetizing the data. It’s directly used for, developed for the specific use case. So, there is no, let’s say conflict of interest there, if you like.
ND: It is surprising that maybe a lot more people don’t know, although it’s pretty well established. I think other people get a lot more media attention.
BJ: Yes, that’s absolutely true. And I suppose the amazing thing about KNX is, it’s all around us. It’s in all our buildings. It’s in our airports and throughout Europe and much of the world. It’s just there and it works. And we just don’t even think about it. But of course we get bombarded as consumers by people who are trying to get us to buy products to put in our homes. Now of course KNX is used in homes. You know, but it tends to be used in higher end homes. So there is, you know, certainly a market for it in homes, and perhaps with KNX IoT, it will be able to extend this market more to the mass consumer market. But initially, it comes from the building automation market, highly secure and highly reliable.
ND: And so, what’s next? You’re pretty heavily involved in that.
BJ: Yeah, sure. So KNX IoT has, already has some of the, let’s say very large companies in building automation are backing it. So, at the last trade show in the area, which was the ISH trade show, also in Frankfurt, Siemens publicly displayed some of their products for KNX IoT. And interestingly, they get that to work with BACnet, and BACnet is the other big building automation standard that’s more popular in the US. So, the interoperability between KNX and BACnet is also there. So yeah, the market for KNX IoT, some of the other big KNX manufacturers have indicated that they are going to be adopting it. We’re actively designing it in now. I’d say Cascoda, you can think of Cascoda as a platform supplier to this market, a bit like Qualcomm is a platform supplier to the cell phone market. You know, most consumers won’t have heard of Qualcomm, but every cell phone manufacturer certainly has. So, you know, we’re positioning ourselves in that sort of space, and being quite successful there. And we’re getting design into this space.
ND: So, you say successful. I think I first met you with a UK government mission several years ago when I was involved. How is Cascoda doing, and what’s your sort of opportunity for growth?
BJ: Yeah. So, we have a combination of our business. Of course, we have customers that are highly monetized and very successful companies. So, they engage us to help them do the designing for their products. Every product is different, and every customer’s needs are different. So, they engage us. So, we engage early with them on a consultancy basis to help them understand the technology. We have a KNX IoT development kit which is commercially available now. We have that working in various market segments. So, we have everything set up now for lighting, heating, ventilation, air condition, and so on. And then we’re helping our customers design our chip sets and our software into their systems. Now fortunately, we’ve already made a lot, done [all] of the background work for this. Our module is called the Chili Module, and we’ve created a software platform for the Chili Module to design it into a KNX IoT platform. We call that Chili Cuisine. Basically, it’s a single file where you can take, you can configure your KNX IoT device, and it squirts out all the outputs required to begin testing. So, it squirts out the binary file to program up the module. It also squirts out the files needed for the KNX tooling to be able to configure the device using KNX software. So, within a day, you can build your prototype and get testing, which is extremely efficient for this market.
ND: I was going to say that’s really good food for thought, but that would be really taking it very far in terms of the Chili Cuisine. Bruno, thank you very much.
BJ: Thank you so much, Nitin. It was great to catch up with you again, and look forward to doing a bit more with you regarding this in the future.
ND: So, that brings us to the end of this episode. That was Embedded Edge with Nitin, and I’m Nitin Dahad. Thanks for listening, and see you next time.
In this podcast, we get deep into nanoscale ferroelectrics with Professor Beatriz Noheda, learning why nanoscale ferroelectrics may be useful in brain-like systems, and a little about how they are designed and fabricated.
In this podcast, we chat with ProvenRun and Crypto Quantique about secure operating systems and hardware IP for the IoT, and with Cascoda on the success of KNX in smart buildings.
In this podcast with Antonello Monti, a distinguished expert in the field of energy, we chat about the movement toward fully digitalized energy grids—a game-changing concept that promises increased flexibility, efficiency and sustainability.
In this podcast, we chat with Simeon Bamford, who’s currently working on tactile neuromorphic sensors, about creating circuits to perform functions lost to brain damage, Bamford’s involvement with the commercialization of dynamic vision sensors and more.
In this podcast, we discuss BrainChip’s second-generation architecture for spiking neural network acceleration.
In this podcast, we analyze the pivotal role that SiC solutions play in optimizing energy harvesting and efficient grid integration for sustainable energy sources.
In this podcast with Simon Keeton, executive vice president and general manager of the power solutions group at onsemi, we analyze the pivotal role that SiC solutions play in optimizing energy harvesting and efficient grid integration for sustainable energy sources.
In this podcast, we chat with Professor Melika Payvand to understand the role memristors are playing in the systems she designs.
Finwave, an MIT-founded startup, has been making waves with its patented 3DGaN technology, promising to revolutionize the landscape of energy-efficient 5G/6G communications, data centers, automotive, IoT and beyond.
In this podcast with QPT advisor Geoff Haynes, we will analyze how GaN transistors have long been celebrated for their remarkable high-frequency switching capabilities, offering superior performance compared with traditional silicon-based devices.
In this podcast, Professor Steve Furber discusses associative memories and the original SpiNNaker neural simulator designed using ARM cores.
Part two of our interview with Peter Vaughan of Power Integrations delves deeper into the current and future state of technology for electric vehicles (EVs).
In this podcast featuring Microchip Technology’s VP Clayton Pillion and technical staff applications engineer Ehab Tarmoom, both from Microchip’s SiC business unit, we delve into the potential impact of SiC across a wide range of industries.
Join us on our latest podcast episode where we take you on a journey through the past, present and future of EV powering technology.
In this podcast with Mike Engelhardt, we will analyze different aspects of the mixed-signal simulator QSPICE.

source

About The Author

admin

See author's posts