Connect One(TM), the Device Networking Authority(TM), today announced the release of iChipSec(TM) CO711AG, a secure Internet protocol (IP) coprocessor chip that easily adds encrypted WiFi connectivity to price-sensitive machine-to-machine (M2M) applications. The iChipSec coprocessor encrypts and decrypts data and acts as a controller that enables a host processor to use 802.11b/g wireless networks for sending and receiving secure data via a wide range of Internet protocols. CO711AG also supports switchable access to cellular, dial-up, 10/100BaseT Ethernet networks. Typically requiring only one man-month of development time, CO711AG speeds the introduction of secure communication for privacy-sensitive non-PC products such as point-of-sale (POS) terminals and medical devices.
iChipSec is a new branch within the iChip family of IP coprocessors. It is a drop-in system-on-a-chip (SoC) that frees up processing time on the host processor by offloading cryptography, network security and TCP/IP tasks. CO711AG uses the SSL3/TLS1 protocol to support one secure client socket session or one secure FTP session. It supports digital signatures using RSA public and private keys and hash algorithms to sign and verify data. Cipher suites used for encryption include 3DES, AES-128, AES-256, ARC4, MD5 and SHA-1. For WiFi applications, CO711AG also supports WEP and WPA encryption.
The CO711AG offers unprecedented ease of adding security to an embedded design. Only one command is needed to open the SS3/TLS1 socket and an additional command opens a secure FTP session. Just four commands are needed to set the parameters used to define the cipher suite, the certificate authority, the iChipSec certificate, and the iChipSec private key. iChipSec uses X.509 client and server certificate authentication to perform both client and server authentication and to manage a chain of server certificates. It stores and manages up to four certificate authority certificates, plus the private key for client certificate authentication.
“iChipSec enables us to secure the real-time transmission of pulse rate, electrocardiogram and blood oxygen saturation level over the Internet from the embedded wireless modem in our MDKeeper(TM) wrist-based vital sign monitor,” notes Avner Amir, general manager of Tadiran LifeCare. “People’s health, safety, and quality of life are paramount to us as a medical device manufacturer. Connect One’s iChipSec is a drop-in solution that is field-proven, updateable and meets our need to combine secure wireless communications with biomedical sensors.”
“We are proud that Tadiran LifeCare selected iChipSec for their MDKeeper medical device,” says Alan Singer, Connect One vice president of sales and marketing. “Security of medical information is as vital as security of financial data. With iChipSec, customers such as Tadiran LifeCare can meet security and time-to-market goals on-time and on-budget.”
The CO711AG TCP/IP, security and crypto offload engine provides the manufacturer many benefits. It eliminates the need to use a more powerful processor for encryption, since iChipSec works with any host processor. Because it works with any or no host RTOS, iChipSec eliminates the complicated, time-consuming task of porting and shrinking the WiFi drivers and WPA supplicant from large Windows CE or Linux libraries to an embedded RTOS. It eliminates the need for additional memory to store the WiFi drivers and WPA supplicant in the application memory.
The logical interface between the host device processor and iChipSec is Connect One’s AT+i(TM) Protocol, a high-level API that enables fast and easy implementation and maintenance of the security and Internet protocols. AT+i requires no Internet programming expertise on the part of the designer and minimum modification of the host application. AT+i’s SerialNET(TM) plug-and-play operating mode does not require any change to the host application and enables CO711AG to act as a serial-to-WiFi bridge.
CO711AG supports up to 10 simultaneous TCP and UDP sockets for multi-tasking Internet sessions and two TCP listening sockets for acting as servers. It also includes upper layer Internet protocols like SMTP, POP3, MIME, and HTTP, FTP and Telnet clients, and a Web server. It includes two Web sites, one for configuring iChipSec and one for use by the application, that can serve up to three browsers simultaneously. iChipSec firmware is remotely updateable via sockets, FTP, or a Web browser, ensuring that devices deployed in the field will be able to keep up-to-date with new protocol standards.
The chip includes 1MB of remotely updateable flash memory for storing the Internet and security protocols, device configuration parameters, and the application Website. It also includes large SRAM buffers to help streamline data packet transmission between the host device and the Internet. The core and I/Os operate at 3.3 volts and at speeds up to 66 MHz. CO711AG is packaged in an RoHS-compliant 121-ball uBGA form factor.
Pricing and Availability
iChipSec CO711AG is available now for $13.75 for over 50,000 units. The II-EVB-330 evaluation board for secure LAN, cellular or dial-up access costs $450.00. The II-EVB-331 evaluation board for secure WiFi access costs $725.00. WPA2 encryption will be available during Q3. Support for secure SMTP (SMTPS) and HTTP (HTTPS) will be available during Q4.
About Connect One
Established in 1996, Connect One Ltd. is widely regarded as the device networking authority, with many innovative firsts to its credit. The company manufactures semiconductors and device servers that facilitate reliable and robust Internet Protocol-based communication for everyday devices. Connect One is privately owned, with offices in Phoenix, AZ and Kfar Saba, Israel. For further information, please send an e-mail. Connect One, The Device Networking Authority, iChip, iChipSec, Internet Controller, AT+i, and SerialNET are trademarks of Connect One Ltd.