Unparalleled security for SkyCell’s smart containers through banking grade Securosys Hardware

SkyCell is a Swiss-based provider of high-tech temperature-controlled container solutions to global pharmaceutical companies. The pharma companies are shipping highly temperature-sensitive medicine around the world in SkyCell containers which are fully IoT equipped “smart containers”. Quality is everything, which is why each SkyCell smart container has a digital identity that is used for tracking it through blockchain technology, wherever it is located in the world. This is made possible by equipping it with public and private keys generated by Securosys Hardware Security Modules.

SkyCell monitors and manages its smart containers throughout their entire lifecycle on geolocation, temperature, humidiy, shock, damage, service level and more. Since the danger of manipulation of smart devices is mounting, SkyCell was searching actively for a new infrastructure solution unprecedented in the industry. The authenticity, integrity and confidentiality of the collected data inside the smart containers has to be guaranteed at all times.

This is achieved by equipping each container with a smart card chip that holds its own digital identity. Rather than relying on the weak key generators found in smart card chips, SkyCell chose to use Securosys Primus Hardware Security Modules (HSM). The Securosys HSM use their internal true random number generators to generate digital identities, also called keys, for all SkyCell containers. The process is called Key Injection and is the basis for the secure management of SkyCells high-tech containers. It gives each container a tamper-proof identity that cannot be hacked.

0211A_Richard_Ettl_cBBF2017_K4Pharma and banking have something in common: safety first. Thanks to the banking grade key injection from Securosys HSM we can ensure that all our containers are identified and monitored in the most secure way”, says SkyCell CEO Richard Ettl. “Together with our clients, we track everything in the lifespan of each container on private blockchain technology – unique digital identities are therefore paramount for us to guarantee that the information is imutable and tamper proof. This bring us one step closer to our long term goal of full automation of our container rentals. ”

“SkyCell’s smart containers are an excellent example on how IoT (Internet of Thing) devices can be protected and individually identified”, states Dr Robert Rogenmoser, CEO of Securosys. “Without key injection from reliable sources like our Primus HSM, IoT devices remain hackable and their corresponding therefore data unreliable.”

1284A_Thomas_Taroni_SkyCell_cBBF2018_PR6052_K2Thomas Taroni, Head of IT of SkyCell confirms: “It is of utmost importance that we use the best, highest entropy, true random number generators for the digital identities of our smart containers. The Securosys HSM has not just one, but two of them that derive their randomness from different physical noise sources. This convinced us to rely on this technology. After all it is also used for governmental and banking purposes.”

Certified HSMs: Integrity for Key Injection and Embedded Device Management for IoT Sensors

Securosys Primus HSM offers SkyCell  the best possible source for keys that establish the digitial identies for their smart containers. Whenever systems, in particular with IoT, are built that rely on random numbers only the best source should be used. Securosys Primus HSM fulfill this requirement. They are tamper proof boxes that constantly control the entropy and quality of their true random number generators. They only use the best algorithms to generate the keys for digital identities and constantly fend off side channel attacks. Securosys Primus HSM are FIPS 140-2 Level 3 validated.

Securosys SA

Securosys SA is a market leader in cyber security and encryption based in Zurich, Switzerland. Founded in 2014, Securosys secures the Swiss financial markets on behalf of the Swiss National Bank and protects transactions worth over 100 billion Euros every day. The company serves more than half of Tier 1 banks worldwide with hardware security modules developed and built in Switzerland.