IoT Security-as-a-Service

Getting started

Introduction

IoT Security-as-a-Service is a managed services solution that makes it extremely simple to protect your data at rest and from silicon to cloud,  ensuring that you can focus more on your business and enjoy faster time-to-market.

We implement a true end-to-end concept where data are protected from the device to the end user and are not visible by the intermediate nodes/platforms nor by the service provider. 

Our approach ensures minimal code development and investment and provides the highest standards of security, leveraging the root of trust in u-blox SARA-R4 and SARA-R5 module platforms to bring a unique and immutable identity for univocal identification and on-boarding in leading IoT cloud platforms.

The innovative symmetric Key Management System delivers an unprecedented level of security, giving the possibility to generate an infinite number of crypto keys on-the-fly, to be used for (D)TLS or for any other purpose. 

All u-blox security solutions are designed for LPWA constrained devices, reducing the data usage and the number of handshakes, thus minimizing the power consumption that is a critical metric for most IoT devices. 

You can find more information about IoT Security-as-a-Service here.

Starter kit

IoT Security-as-a-Service is available on SARA-R4 and SARA-R5 series modules. Several evaluation kits are available:


  • EVK-R500S - Evaluation Kit for SARA-R500S

  • EVK-R510S - Evaluation Kit for SARA-R510S

  • EVK-R510M8S - Evaluation Kit for SARA-R510M8S

  • EVK-R410-8-00 - Evaluation kit including LTE module for multi-regional use; Cat M1, NB1 bands: 3, 5, 8, 20, 28

  • EVK-R410-7-00 - Evaluation kit including LTE module for Korea; Cat M1 deployed bands 3,5,26

  • EVK-R410-6-00 - Evaluation kit including LTE module for Japan; Cat M1 deployed bands 1, 8, 19

  • A complete application board that let you to easily start testing u-blox services

Please contact us to discuss your needs and to request a kit.

Sign-up to the u-blox Thingstream service delivery platform

u-blox Thingstream provides a management console that you can use to manage the entire suite of u-blox services and the Security Thing, which is the logical representation of your module in the Thingstream platform.

Sign-up is free, quick and easy. Just go to the management console and register with your company information. If you already have a Thingstream domain for Communication-as-a-Service (MQTT Anywhere, MQTT Here or MQTT Now), you do not need to register again, security services are already available.

The management console lets you create the credentials (access key and secret pair) required to manage and use IoT security services through REST APIs.

The API documentation and swagger (YAML) specification download are available here.

Generate the access keys

In order to start using IoT Security-as-a-Service, you'll need to generate an access key and secret. You can do this by going to the Access Keys page under Security Services and clicking on the "Generate Keys" button.

Related Information

Security Services API documentation

Tools and Software

Still need help?

If you need more help or have any questions, please send an email to thingstream-support@u-blox.com .


Once you have generated your key and secret, make sure you save them somewhere safe as the secret cannot be recovered after you leave the page.

You can generate up to 5 access keys.

Create a device profile

You now need to create a device profile to identify a group of devices that will share the same price plan and feature set.

To create the device profile, and get the DeviceProfileUID required for device provisioning, go to the management console, and then select ‘Device Profile’ under the ‘Security Services’ panel on the left side.

A wizard will guide you through the steps to select the features and services linked to the profile. You can always change these at a later stage.

You will also need to select a price plan to be used by devices that are provisioned using the profile. To get started, you can use the free Developer plan which allows you to manage up to 10 active devices. Find out more about the available price plans here .

Once you have created the device profile, you need to seal the DeviceProfileUID in the device using AT commands. This is a simple procedure which is explained in the “Claim Ownership” section of the IoT Security-as-as-Service Application Note.

Once you have completed these steps, the device will automatically appear in your account in the ‘Things’ section of the management console with the selected service and features enabled. You can use the same device profile for all the devices that need the same set of features and services and you can make changes for individual devices via the management console.

Using IoT Security-as-a-Service security features and services

To test the APIs and the AT commands to interact with the module, visit the Tools and Software page.

Refer to the IoT Security-as-as-Service Application Note to learn more about how to use the services and features. The Application Note provides step-by-step instructions for all of the AT commands and APIs required.

You can also refer to the u-blox GitHub repository which is constantly updated with sample code to simplify the service implementation and reduce your time-to-market.

If you need more help or have any questions, please send an email to thingstream-support@u-blox.com .