Hardware Security Modules Increasingly in Demand For Secure IoT Deployments

The monolithic Hardware Security Modules (HSM) market has long been locked in its traditional enterprise and payment markets, but the unrelenting expansion of the IoT ecosystem has given it wings. Global technology intelligence firm ABI Research has been tracking the changing market demands that have driven HSM vendors to offer novel delivery models, new integrated form factors, and fit-for-purpose applications, in particular key management and root of trust for the IoT.

The last few years has seen a strong push for the use of HSMs in new vertical markets, especially, those within the IoT ecosystem, including automotive, healthcare, manufacturing, and utilities. “By and large, there are three primary drivers for the use of HSMs in these new markets: a growing body of standards and regulatory compliance for the protection of IoT data and devices, functional and physical safety requirements for critical devices such as cyber-physical systems, and finally intellectual property protection,” explains Michela Menting, Digital Security Research Director at ABI Research.

HSM usage in IoT-centric environments is on the rise particularly in industrial markets such as manufacturing (protection of IP, for secure programming/key injection in embedded secure hardware) and utilities (for payment capabilities in utility gateways and smart meters). At the edge, smaller HSMs have emerged that are integrated directly into connected devices, such as TPMs or automotive-level HSMs (Secure Hardware Extension (SHE)-based processors or E-safety Vehicle Intrusion Protected Applications (EVITA) HSMs). Finally, there is also increased demand for HSMs on the backend to process, manage, and secure data coming from those edge devices.

Today, the use of HSMs in IoT markets today represents a little under half of the total HSM market worldwide in terms of shipments and revenues. “This is in stark contrast to 5 years ago when HSMs were in practically all sold in the enterprise IT, payment, and government markets,” Menting points out. In addition to industry stalwarts such as Entrust, Thales and Utimaco, this expansion has also ushered in a new contingent of HSM vendors (Fortanix) and service providers, including semiconductors (Infineon, NXP, STM), IoT-focused vendors (Thirdway), and cloud providers.

“The HSM offerings targeted at IoT applications focus on offering flexibility without exponentially increasing costs or requiring additional hardware. The diversity in deployment and delivery models is driving penetration and expansion into new target markets, and continued evolution and adaptation of HSM product lines by vendors to these new incoming demands is driving great innovation in the HSM market,” Menting concludes.

These findings are from ABI Research’s The Use of Hardware Security Modules in IoT Applications application analysis report. This report is part of the company’s Digital Security research service, which includes research, data, and ABI Insights. Based on extensive primary interviews, Application Analysis reports present in-depth analysis on key market trends and factors for a specific technology.