Finding Room On The Razor’s Edge
Device manufacturers typically have extremely small profit margins and are constantly looking for new ways to increase that gap. Recently Medtronic announced a major re-org effort with the hope of obtaining some level of relief from their small windows of revenues per device.
Yet one of the more cost-intensive aspects of manufacturing remains untouched – trusted component sourcing. This trusted sourcing used to translate into the quality of the components but modern efforts have largely canceled out any disparity. Instead, the term “trusted” currently equates to cybersecurity and the belief that a given component will not compromise a larger system. In fact, interviews with large manufacturers have revealed that up to 40% markups on components exist purely due to this issue. If these manufacturers had their way, the number of allowed component providers would expand to allow other quality providers in and drastically lower the overall price of production.
There Is A Better Way
The reality is that even these trusted component providers can be compromised and there is typically nothing in the agreements that would enable a device manufacturer to obtain lost revenues/recall costs from their suppliers. Instead of relying on trusted providers, we suggest assuming all components are compromised and installing core intrinsic security that locks down those components during provisioning.
With Bear, a device manufacturer can create a component profile that only lets each component perform its assigned task. A component that should never receive outside communication, will never get any such data with Bear. A component that should only send measurements to the main controller will not suddenly be able to run hostile commands on a consumer’s network, and so forth.
By utilizing this approach, manufacturers can start using the most cost-effective components from across any supplier and stop being artificially constrained by unknown, and perhaps nonexistent, security vulnerabilities.
Doesn’t that make more cents?