Interview

AI Tech Interview with Phil Attfield, CEO of Sequitur Labs Inc

Sequitur has developed EmSPARK Security Suite aiming at providing affordable security solutions. The article shines light on features of the product and its differentiating aspects.

1. Tell us about your role at Sequitur.

I’m the Founder and CEO of Sequitur Labs Inc. At Sequitur, I lead a team of cybersecurity experts and experienced developers.  Our product is called the EmSPARK™ Security suite, a complete software solution for securing IoT devices.

2. What are the applications or rather opportunities you seek to have with your product?

Sequitur helps device OEMs reduce the cost and complexity of implementing security correctly by providing packaged software as a product. Sequitur’s software leverages advanced, on-chip hardware security technologies to deliver high-value strong security, economical and accessible security solutions.

The EmSPARK Security Suite is a critical security enabler for a large, worldwide market of device makers that need strong security but cannot afford the in-house expertise. Sequitur’s business approach includes demystifying and driving down the cost of security, simplifying deployment, and messaging the business value of security.

Our product is a great fit for the vastly accelerating growth of products deployed in the Industrial IoT (factory automation, building management systems, medical devices, access control, energy, video surveillance etc), and some consumer IoT (Smart Home).

3. How did you define the vision of Sequitur?

Our vision was to tackle hard security problems. The laws of thermodynamics also apply to cybersecurity, in that any system leans toward chaos. It’s about solving more than a set of problems – rather it involves solving a problem at any point in time. Security is a moving target.

Sequitur has found that there is a big problem to solve in IoT, because as intelligence moves to devices at the network edge, these complexities increase in an accelerating rate.

4. What are some of the unique lessons you have learnt from analysing your customer behaviour?

At Sequitur we’ve worked with a variety of customers, and we’ve learned to focus on particular behaviours.   Some, who have a basic understanding of security, often try to solve all of the problems themselves at first.  Others understand that it’s more complicated than it seems.  Further up the knowledge curve, we have customers who understand the undertaking involved to reach their goals.  There are others who know that it’s a way more difficult than it looks at first….and finally there are customers who recognize that it’s better to work with best-in-class when it comes to critical issues like security, so they can focus on building amazing products.  This is the customer with whom we can achieve success. Fundamentally – that’s why customers work with us – to best manage their risk).    

5. What are some of the distinctive features of Sequitur? And how do you differentiate yourself from your competitors?

The EmSPARK Security Suite was designed to address solutions in industries where embedded security is paramount such as industrial control, building automation, the smart home, machine vision, automotive communication, and medical devices.  Built on three pillars of product security – design, build and sustain, EmSPARK provides device manufacturers with the firmware, tools and APIs needed to properly execute IoT protection.  Our latest version of the EmSPARK Security Suite provides a robust security framework protecting embedded firmware, keys and security-critical assets through the entire device lifecycle. It enables silicon hardware security features, secure device provisioning, and API access to essential trust services such as secure storage, firmware updates and payload verification.

This allows developers to focus on building their application and device rather than spend time reading through data sheets to configure various hardware components. The result is that they can get their products to market faster.

We have three key differentiators:

  1. The EmSPARK Security Suite is the only solution that delivers security from chip to cloud.    
  2. No other product can address all three phases of a product’s lifecycle:  design (secure boot, memory partitioning, secure house of apps and data), build (secure software provisioning during manufacturing protection of intellectual property), and sustain (secure product updates and failure recovery, threat detection and remediation).
  3. Our product is platform independent – we support a variety of silicon products from great vendors like Microchip, NVIDIA, NXP, and ST Microelectronics, as well as cloud platforms like AWS and Microsoft Azure.

6. Sequitur was recently in the news for joining the NVIDIA network to protect critical IP at the Edge. Can you elaborate more on the same?

One of the most exciting trends in IoT is the acceleration of Artificial Intelligence and Machine Learning at the network edge.  Amazing products like NVIDIA’s Jetson platform have the processing power, form factor, and price point to make this possible.

Many IoT products incorporate artificial intelligence (AI) or machine learning (ML) to conduct complicated tasks that require some level of intelligent functionality with access to sensitive code or data sets, allowing some level of decision making without pre-orchestrated programming. The algorithms and models that deliver this functionality represent critical intellectual property (IP), and create significant value for the products and their vendors.

While there are a vast number of potential IoT security threats designed by hackers for any number of reasons, not the least of which is financial gain, manufacturers and integrators remain focused on their search for best-in-class security strategies for locking down their products as these algorithms and models simply cannot be compromised. Such theft of the organization’s intellectual property can create long-term damage to a company’s revenue and brand and must be protected.

Our software supports, and is deployed commercially on, the NVDIA Jetson family.   Jetson’s powerful GPUs enable AI/ML at the network edge, and our products provide protection for these critical algorithms.  As members of the NVIDIA Partner Network, we work with NVIDIA’s partners, customers and development teams to secure AI at the edge.

7. What are some of the common pain points that your customers commonly approach you with?

Our customers know that times have changed, and security at the device level is simply not optional any longer.  As device vendors build products that are networked, intelligent, and housing critical intellectual property, they are confronted with a daunting task of securing these devices. 

Device security is a major undertaking for any vendor. It requires a deep understanding of security features, memory architectures, silicon implementation, and crypto-algorithms, among many topics.   It is not easy – even for a company with a lot of resources.   Our customers still need to deliver great products on time and within budget, however.  Given this steep learning curve and potentially large investment required to handle device security, a turnkey solution from a trusted vendor is a compelling offering.    We focus on a product that makes it easy to address these issues and strong customer relationships that build trust among the IoT device vendor community.

8. What advice would you like to give to the upcoming tech start-ups?

Success is earned – no matter who you bring in or how lucky you get.  You cannot buy credibility…you have to build it.  In our business – trust is critical…but it is fundamental anywhere.

9. Can you give us a sneak peek into some of the upcoming product upgrades that your customers can look forward to?

We have an excellent turnkey solution today that enables our customers to quickly integrate device security functions like secure boot, IP protection, secure updates, key and certificate management, secure failure recovery, critical data storage, and secure factory provisioning.   Our customers would like to see some of these functions available as a cloud-automated solution.   We are working on solving these problems in-house and through partners who deliver services like Public Key Infrastructure and Software Installation.

10. Which is the one tech breakthrough you will be on the lookout for in the upcoming year?

We’d like to see more silicon enabled using ARM® Trustzone technology, which provides a great architecture for the solution we provide.  We have recently been certified as PSA Level in a new software category, which clearly defines the key elements of a secure device.  We are seeing a trend of traditionally limited microcontrollers support more of these functions at a low cost.  This development makes it more attractive for customers to deploy our software on their devices to solve their security problems and substantially expands our addressable market.

11. Please share a recent piece of content (can be a video, podcast, blog, movie, webinar) you liked that set you thinking about in general?

These recent excellent podcast by Malicious Life gives a great explanation of the Solar Winds Hack:

Episode 101 | Malicious Life

There we two vulnerabilities discussed that are fundamental risks in IoT device networks, which we work hard to address:  enforcing security during product software updates, and managing protection of intellectual property in the supply chain.   This event was a reminder that cybercity needs to be addressed with a holistic solution; in our world of IoT device security, it means thinking about the entire device life cycle, from design, through manufacturing, its initial bootup in the field, and regular updates, protection from threats and monitoring until it is taken out of service.

12. What is the one quote that has stayed with you throughout your professional life?

“It’s Turtles All the Way Down”.  This expression refers to world being supported by an infinite layer of “turtles”, or a reference to infinite former state.    It is a nice reminder of the belief that there is a multi-layer, even infinite layer, approach to security.  Every time you think you are done – you need to take it back into the problem you are solving and how it relates to what can change next, and ow it fits into the busines process. 

For more such updates and perspectives around Digital Innovation, IoT, Data Infrastructure, AI & Cybersecurity, go to AI-Techpark.com.

Phil Attfield

CEO of Sequitur Labs Inc

Phil Attfield has more than 25 years of experience in computing, networking, security and systems modelling at both large and small enterprises.  I began my career at Nortel where I was a member of the scientific staff, developing software tools and in-house products for modelling, synthesis and verification of telecom and network equipment hardware.  I later founded Signal 9 Solutions, which pioneered PC/desktop firewalls and created the Conseal brand of security products.  At Boeing, I led the team responsible for the development of large-scale security policy and management framework.  I’ve served in a number of high-profile roles in the field of digital forensics and am a frequent keynote speaker at international security conferences.

Related posts

Interview with Josh Epstein, CMO at AtScale

AI TechPark

Interview with Visitor Check-in Software Proxyclick’s CEO Gregory Blondeau

AI TechPark

Interview with Andreas Pettersson, CEO at Arcules

AI TechPark