Generic Trust Anchor API Introduction

A Trust Anchor of an industrial IoT device is a security capability for trusted information which is the basis to realize cryptographic security functions for the support of applications, such as:

  • proof of identities,
  • protection of integrity and confidentiality of genuine information, and
  • access control to hardware and software assets.

A developer of industrial applications must implement such security functionalities which may be provided by secure elements in a technology-specific manner using custom programming interfaces and libraries.

To facilitate and spread the usage of trust-enabling technologies, ISO/IEC JTC1 SC41 is specifying TS 30168 “Generic Trust Anchor Application Programming Interface for Industrial Applications.

The goal is to simplify the integration and usage of secure elements in IIoT devices by standardizing an Industrial IoT Security API. This will be achieved by providing a technology-agnostic API set for commonly used cryptographic functionality of trust-enabling technologies, such as random numbers, encryption, decryption, and signatures.

The Generic Trust Anchor API, i.e., a unified API for trust anchors will facilitate the integration of crypto-based security in many ways, including:

  • different secure element suppliers and technologies from multiple sources,
  • increase market flexibility,
  • address regional crypto requirements by decoupling,
  • migration to new generation of secure elements, and
  • crypto agility.

The work is organized under ISO/ IEC JTC 1/SC 41 and is carried out by national standardization bodies such as DIN in Germany.

For further details please contact us.