It’s Here: A Common Industry Framework for Protecting a Trillion Connected Devices
By Paul Williamson, vice president and general manager, IoT Device IP, Arm
News highlights:
- Platform Security Architecture (PSA) from Arm defines a secure foundation for connected devices
- Endorsed by leading cloud, hardware and silicon providers
- Open source Arm Trusted Firmware-M developed to PSA specification
- New secure IP enhances IoT security in SoCs based on Arm Cortex processors
A year ago, Arm and SoftBank Chairman Masayoshi Son announced his vision for a trillion connected devices by 2035 at Arm TechCon. Therefore, it’s only appropriate we talk about what’s being done to secure those trillion devices ahead of TechCon 2017.
Achieving this vision will require that we, the global population, become more knowledgeable in protecting our devices, while trusting the technology industry is doing everything it can to protect them and our data. No easy task as this trust will need to be earned while battling hackers who relentlessly seek vulnerabilities to find more entry points into our lives.
This means that security cannot be an afterthought across all parts of the value chain from device to cloud. Particularly for the Arm ecosystem which expects to have shipped 200 billion Arm-based chips by 2021 (100bn+ to date and another 100bn by 2021). 200bn chips is an astonishing number when you consider it’s nearly 2x the number of people (108bn) who have ever lived on earth. It also highlights the responsibility of Arm and our ecosystem to ensure these increasingly diverse connected devices that communicate with each other are designed with a common secure foundation.
To address this, Arm is announcing the introduction of the first common industry framework for building secure connected devices, called Platform Security Architecture (PSA). As you will see from the image below, many of the biggest names in the industry are already endorsing and/or supporting PSA and the principles it’s based on.
Defining security for IoT at scale
The growing number of devices being connected to the internet need to be secure without sacrificing the very diversity which make them innovative and unique. Arm chief system architect Andy Rose and his team made sure this was top of mind when developing PSA through analysis of devices and best practices for securing them. PSA delivers:
- Representative IoT Threat Models and Security Analyses
- Hardware and firmware architecture specifications, built on key security principles, defining a best practice approach for designing endpoint devices
- A reference open source implementation of the firmware specification, called Trusted Firmware-M
PSA is a fundamental shift in the economics of IoT security, enabling ecosystems to build on a common set of ground rules to reduce the cost, time and risk associated with IoT security today.
Trusted Firmware-M: From architecture to implementation
To allow the IoT ecosystem to more rapidly realize the benefits of PSA, we will deliver an open source reference implementation firmware conforming to the PSA specification. Development initially targets Armv8-M systems, with source code release expected in early 2018. PSA is OS agnostic and is capable of being supported by all of Arm’s RTOS and software vendor partners, including the latest version of Arm’s market-proven Arm Mbed OS.
Also announcing today … new secure IP components
As part of our continued drive to provide partners with the tools to build secure IoT solutions, we are also announcing new additions to our portfolio of security IP:
- Arm TrustZone CryptoIsland – A new family of highly integrated security subsystems providing on-die, smartcard-level security starting with CryptoIsland-300 which targets applications requiring high levels of isolation and security, such as LPWA communication, storage, and automotive.
- Arm CoreSight SDC-600 Secure Debug Channel – Evolving IoT use cases results in more devices requiring device lifecycle debug access. SDC-600 enables full debug capabilities without compromising system security, integrating a dedicated authentication mechanism for debug access.
We must all move faster
PSA addresses one part of the value chain, and at Arm TechCon, Dipesh Patel, president of Arm’s IoT Services Group, will provide an update on Arm’s plans for securely connecting and managing IoT devices.
Arm is moving fast and enabling our lead partners to thoroughly test and refine the PSA framework in advance of the public release of specifications and software in Q1 2018. But Arm, our ecosystem and the industry need to move faster. All parts of the value chain need to embrace the guiding principle that security can no longer be optional. Our investment in PSA and Trusted Firmware-M represents much of the heavy lifting and lays out a clear and fast path to a common foundation for IoT security. No device should be left behind.
Find out more about PSA in our developer resources.
Any re-use permitted for informational and non-commercial or personal use only.