Devices connect to millions—if not billions—of other devices every day. This increasing connectivity is greatly increasing the vulnerability of such systems. For example, unauthorized access to medical devices can pose serious risks to patient safety and privacy. Automobiles are susceptible to cyberattacks that compromise brake or steering controls, for example. Exposure to defense and aviation systems can have catastrophic consequences.
More chips than grains of sand The so-called end nodes (machine controllers) are the primary security risk for outside cyber-attacks. To keep those connections secure, Sandgrain works on an advanced system. The startup does so with an electronic barcode, which forms a robust authentication platform combined with the CyberRock cloud. Each Sandgrain chip is unique, and the company can produce more unique chips than the number of sand grains on Earth. Secure chip identification and authentication are guaranteed.
CEO Jack Gijrath: “A trusted identity refers to establishing and verifying the legitimacy of devices, users, applications, and the infrastructure. Authentication is the first line of defense that ensures only authorized and authentic entities can interact with IoT devices and systems. Devices must have a trusted identity to be recognized and authorized to communicate.”
Unique chips and a cloud platform The founders – and many of Sandgrain’s current team members – once worked at Mapper. This Delft-based company developed machines for computer chips and went bankrupt in 2018. Mapper’s strategy was to make unique individual chips (ICs). “That concept was the basis of Sandgrain but evolved into the combination of unique chips and a cloud platform for authentication,” Gijrath says. “At the same time, based on our experience at NXP, we knew there was a real market demand for a robust, digital barcode solution.”
Within nine months of its founding, the startup managed to develop a working barcode and CyberRock. As such, it can demonstrate full end-to-end functionality. The startup focuses on four primary target markets:
Capital-intensive (manufacturing) machines are where the role of a Sandgrain implementation is readily apparent through operational cost savings (e.g., wafer steppers and MRI scanners).
Operationally-critical environments where unauthorized access must be prevented (e.g.: utility infrastructure).
Typical IoT products/systems where a lot of money is already spent on safeguards against unauthorized access (e.g., machines that are online globally and controlled or maintained remotely).
Application areas where regulations are forthcoming that Sandgrain is perfect for (example: EU EV Battery Passport).
Just the beginning The Brainport region is a logical location for the startup, partly because of the presence of potential customers and technology suppliers. But, Gijrath believes there are also drawbacks. “Transportation to and from the region lags. We also struggle to attract staff, and our experience is that there is a lack of local venture investors.”
Still, it recently raised €2 million in investment. And that’s just the beginning. “Our goal will have succeeded when our solution is seen as the most scalable and secure foundation for cybersecurity and product passports worldwide. Ultimately, Sandgrain should become the standard.”
The Gerard & Anton Awards are supported by EY, Rabobank, V.O. Patents & Trademarks, TWICE, Kadans Science Partner, Braventure,Lumo Labs, Gemeente Eindhoven, High Tech Campus, Philips, Goevaers & Znn. B.V. and DeepTechXL.