Stuttgart/Barcelona, 28.02.2022: This year’s Mobile World Congress will once again be dominated by the topic of connectivity. Not without reason: According to McKinsey’s estimates, the Internet of Things could create global economic added value of up to 13 trillion US dollars in 2030. A growth that, in addition to a multitude of new functionalities and enrichments in everyday life, also brings with it many potential security threats: every network device, whether in a private environment or an industrial context, will sooner or later require maintenance and security updates. The Stuttgart-based company asvin and the firmware specialists from IoT Inspector have set themselves the goal of accompanying this process securely with their solutions. At the MWC, the companies are not only announcing their partnership: They will be demonstrating for the first time in Barcelona at the joint Baden-Württemberg/Hesse stand in Hall 7 Stand 7B70 how the right cybersecurity concepts can significantly reduce security risks in IoT and the industrial environment.
Industrial assets are increasingly interconnected via mobile devices such as sensors and cameras. Companies are required to counter threats such as ransomware or hacker attacks with effective security measures. Operators of critical infrastructures are also required by law to ensure the authenticity and confidentiality of software along the value chain and to protect sensitive data. Two companies dedicated to this mission are Stuttgart-based asvin GmbH and Düsseldorf-based IoT Inspector GmbH.
“Companies can no longer afford to leave security vulnerabilities open to hacker attacks. The threat of cyberattacks is continuously increasing. Not only industrial equipment, but also any IoT device poses a potential security risk. We are proud to have IoT Inspector, an experienced firmware specialist, as a partner at our side. Together, we provide future-oriented solutions that are needed to holistically protect software supply chains,” explains Mirko Ross, CEO of asvin.
“The demand for security compliance in the IoT requires a risk assessment based on regulations and conformities of the specific industries. We partner with asvin to automatically detect vulnerabilities and security risks and prevent third-party access. Software that does not pass our vulnerability check is not installed in the first place,” says Jan Wendenburg, CEO of IoT Inspector.
asvin traces the origin of software. It’s an approach that has long been common in supply chains of physical goods. The goal is to increase the security and traceability of software supply chains in the Internet of Things, from development, through testing, quality management, implementation and updates. The Stuttgart-based company provides customers with a directory of all software that shows which software is installed where. IoT Inspector’s firmware analysis solution automatically detects vulnerabilities and security risks before they can be exploited by third parties. IoT Inspector provides the previously missing proof, the so-called Software Bill of Material, which provides information about the components used in software solutions. Together, the solutions from both companies sustainably increase protection against malware attacks along software supply chains and protect sensitive data. They ensure that only software that has been verified and checked is installed. asvin provides detailed information here, transparently, traceably and decentrally organized in the blockchain.
First, the software is created, then it goes through quality inspection and is subsequently tested. IoT Inspector checks the software for existing vulnerabilities and outside attacks and only releases the software if it is harmless. This is where asvin’s blockchain-based solution comes into play by documenting the entire supply chain of the software. The software, which has now been checked and deposited in the registry, reaches the end device by means of wireless updates. Any manipulative attack on the software supply chain is traceable and leads to countermeasures.