Choosing the Right Wi-Fi MCU for Industrial IoT: Key Considerations

In a recent article published to ElectronicProducts.com, Alex Li – a product line manager in the Wireless Solutions Group at Microchip Technology – reviews the importance of the Wi-Fi MCU as it relates to the incorporation of more (and more) functions in to the least amount of space and components.

Li argues that this is becoming an increasingly important consideration as the trend in IoT is now moving towards placing processing power at the far edges of the network, as opposed to solely in cloud-based data centers. He describes how the Wi-Fi MCU is one of the more versatile SoCs available to design engineers and goes a long way in helping accomplish this feat; that is, integrating multiple functions in a single device rather than within specific discrete components.

What is fortunate is the fact that the actual integration of these devices into an embedded IoT subsystem can be pretty simple, that is of course, assuming the right resources are available from the Wi-Fi MCU manufacturer. The keys here, though, are a high level of security, a streamlined method of provisioning to satisfy the needs of cloud service providers, and an intelligent, well-thought-out IDE that guides the designer from prototype to production.

The following is an excerpt from Li’s article:

Security begins inside

Security is essential for every IoT application, but industrial scenarios are mission-critical. Once a threat makes its way into an IIoT network it can then move through an entire facility and possibly an entire company. The first level of required security is within the MCU’s integrated crypto engine, where encryption and authentication are performed either sequentially or in parallel. Ciphers should include AES encryption with key sizes up to 256 bits, DES and Triple DES, and authentication should include SHA-1, SHA-256, and MD-5.

One of the most challenging tasks for designers is provisioning their products for a cloud service. Each cloud service provider has its own certification and keys, so provisioning the device becomes complex, requiring considerable knowledge about crypto.

Fortunately, some manufacturers including Microchip Technology make this process simple, saving enormous amounts of time and money. It is important to note that most Wi-Fi MCUs store credentials in flash memory where the data is accessible and vulnerable to software and physical attack. The highest security is attained by storing this information in a hard-coded security element because the data inside cannot be read from any external software. For example, Microchip’s Wi-Fi MCUs such as the WFI32 (See Fig. 2) employ this approach in the company’s Trust&GO platform for securely provisioning its MCUs for connection to AWS IoT, Google Cloud, Microsoft Azure, and third-party TLS networks.

The reduction in time and confusion resulting from the approach cannot be overstated. Weeks or more can be shaved from the design process while ensuring that all security and provisioning requirements are met with a proven and verifiable approach.

Pre-provisioned, preconfigured, or custom secure elements store credentials generated inside the device’s Hardware Secure Modules (HSMs) when it is manufactured, isolating them from exposure during and after production. The Trust&Go platform requires only an inexpensive Microchip development kit in which the designer works within the included design suite using tutorials and code examples to create the required manifest file. Once the C code for the secure element is working in the application, the design can be sent to production.

The other form of required security is the latest Wi-Fi security certified by the Wi-Fi Alliance. The latest version is WPA3 that builds on its predecessor WPA2, but adds features to simplify Wi-Fi security. It also enables more robust authentication, delivers increased cryptographic strength, and maintains network resiliency.

All new devices must be WPA3-certified in order to use the Wi-Fi Alliance logo, so every Wi-Fi chip and Wi-Fi MCU should be certified for the utmost security. Nevertheless, check to be sure the Wi-Fi MCU is WPA3 certified.

Read the article in full: What to know when specifying a Wi-Fi MCU for industrial IoT