In the fall of 2019, the MIPI Security Birds of a Feather (BoF) group officially graduated to the Security Investigation Group (IG), affirming MIPI Alliance's commitment to examining security efforts across the organization and providing working groups with consistent solutions.
Requirements and Recommendations
The group will focus on defining how to map industry security protocols and data models to MIPI interfaces. Operating as a forum for discussions and a facilitator between working groups, the IG will offer guidance to MIPI working groups on requirements, guiding principles and policies, and external threats.
True to its name, the group will investigate potential security issues, a common set of components to reduce effort and cost, security protocol for use across MIPI interfaces, and compliance requirements if necessary. It will offer recommendations for an ongoing support model, including how to address new requirements and use cases, external specifications, ongoing alignment and potential adoption aids.
Security IG Leadership
The MIPI board appointed Nitin Sarangdhar chair of the Security IG. Nitin is a senior principal engineer in the Intel Architecture Group, focused on security of Intel products, and has been working with the industry toward standardization of platform security protocols, including work with DMTF, USB-IF, PCI-SIG, MIPI Alliance, TCG, FIDO and UEFI.
Nitin is a recipient of the DMTF star award in 2019, as well as the FIDO outstanding contributor award in 2019 and 2018, and is a co-chair of its security L2+ working group. He has presented at the RSA conference and multiple Intel Developer Forums, and participated in panel discussions on IoT security. He has a master’s degree in computer, systems and electrical engineering from Rensselaer Polytechnic Institute and has more than 35 years of experience in the computer industry, as well as over 60 granted inventions.
"This year the focus of the Security IG will be to develop a common security framework that can be used by all MIPI devices," Nitin says. "The framework will work toward definition of a unified security protocol and multiple security profiles to allow different security/cost tradeoffs."