The balance between software and hardware has been shifting in recent years. While there have been loads of innovations in both areas, it’s become noticeable that more and more focus is being placed on the software side.
The question then becomes: how does that impact the development of connected devices and how to handle the change?
This article delves into the implications of this shift, highlighting the advantages and challenges that come with the rise of software-centric solutions while acknowledging the indispensable role of quality hardware in IoT development.
The focus on software
It is true that some parts that were previously made strictly for hardware have moved to software, like some of the logic or interfaces. For example, specialized interfaces used to be managed exclusively by hardware.
Now, thanks to fast and powerful cores we can move those interfaces to software and even modify them using OTA. Or like in the case of Profinet which used to be managed with specialized chips – currently, we have software libraries that can drive it.
There are a couple of reasons why the industry has been putting so much focus on software development; there are far more software developers on the market than hardware ones, which in turn makes Silicon vendors want to move as much from hardware to software as possible in order to keep the market growing.
That said, the most important reasons for this shift lie elsewhere.
The need for time and cost efficiency
Creating a prototype in hardware is much more time-consuming when compared to software. This is because a mistake made in the hardware means having to change the layout in the PCB, modify the hardware itself, and assemble the second prototype from scratch, then test it again.
This process takes months, which obviously influences the cost of development. On the other hand, a mistake in the software means changing a few lines and recompiling. It takes only minutes to fix – which is why it’s a more profitable bet to make.
Security and safety concerns
While moving some of the aspects of development to software can get companies faster results, it comes at a certain price. The main concerns here regard the security and safety of the devices.
If there’s a safety-related problem in the hardware, it will appear at the beginning of development or during tests. In the case of software, some of those mistakes can remain undetected for even as long as a year. For industries where safety is a priority – like the automotive industry, for example – this becomes a major issue.
Having the logic side of things in the hardware means a higher degree of safety. Even if the firmware gets hacked or the memory got corrupted, the possibility of breaking the device (or, in a worst-case scenario, harming someone) is much smaller. The development process itself is also much more stable in terms of detecting security concerns.
Learn more about the security of embedded devices>>
Managing cryptography in hardware vs software
When it comes to embedded devices, security can be managed from either the hardware or software side. In terms of cryptography, the most important question to answer is: where to store the keys?
There are two options: the keys can be stored either in the memory or in a specific hardware component. The first option is rather risky. Storing the keys in the memory means it’s quite easy to collect them. They could be used to hack the system, act as a device, break into the cloud, etc.
On the other hand, the hardware component is designed to keep the keys as safe as possible. It is not possible to collect the keys from within such a component, only to send information to it so that it performs calculations and gives back the result.
While the connection between the cloud and the device can be secured, that doesn’t quite solve the software-based security problem. A person could still buy the device, open it and try to collect the keys.
When storing the keys in the memory, this becomes quite easy to achieve. In the case of the hardware-based option, it is much more of a challenge – the component is based on solutions such as the hardware security module (HSM) or the Trusted Platform Module (TPM), so it’s especially resistant to similar types of attacks.
Choosing the right level of security
A lower security level does not necessarily mean you should avoid storing keys in the software. It depends on the type of the device, and the level of security necessary for a given system.
If the device is collecting less important data, like, for example, information about the temperature inside a person’s house then a high-security level is not really necessary – it may be more convenient not to store the keys in the hardware component.
But let’s imagine a different scenario and say that the same device is not only able to check the temperature but also remotely open a person’s house.
In that case, if someone is able to collect this external temperature sensor, open it and collect the security keys, they could also break into the house. The security level should match the data being guarded, and the potential safety risks.
The importance of hardware
While software has been gaining more significance as of late, that does not mean that hardware is being left behind. The world of hardware has also seen a lot of innovations, new protocols, and new technologies to connect between devices and collect data.
It’s crucial to remember that the quality of hardware reflects on the software. Even the best software won’t solve the issues that stem from unstable hardware. Choosing the right hardware is key for developing a well-made product – that also means having an agreement with silicon providers that ensures this specific hardware will be produced for at least the next 10-15 years.
This is specifically because when technology is changing so fast; silicon providers are going to move to newer hardware, and the older ones might become obsolete. It's a scenario that companies need to keep in mind and be prepared for.
Handling the move to newer hardware
There’s also the possibility to use software to move from older to newer hardware, but it needs to be accounted for early in the process.
Using the same software, we can move to new hardware technologies and limit the cost of development from scratch. This is possible with solutions such are stable operating systems like Linux or FreeRTOS for embedded systems and using libraries on top of the hardware that would act as a translation layer between hardware and software.
That way, there’s a part that understands both the hardware and the API, acts as part of the software, and can be changed quite easily for the new hardware.
Summary
While it is true that more is moving from hardware to software for the sake of quicker and cheaper development, there’s always going to be a need for good quality hardware. It’s especially important to take security into account when developing an IoT device, as hardware-based solutions are a much safer choice in that regard.
Both software and hardware are expanding fast, but finding the right hardware developers is much more difficult. If you’re looking for experts to consult your hardware product, don’t hesitate to contact us; we specialize in the design and development of connected devices.
Przemysław Łagód
Head of Hardware