ARM is bringing some much needed security to the Internet of Things
ARM's TrustZone technology is coming to its Cortex-M embedded processors
By James Niccolai
If you believe what the tech industry tells us, everything is coming online. From pacemakers to washing machines to street lights, all will be networked together and feeding data into the cloud. If this Internet of Things comes to pass, we’re going to need a lot more security than we have today.
Chip design company ARM announced plans Tuesday for a new line of chips intended to help secure those devices. ARM is best known for designing the microprocessors in smartphones and tablets, but it also designs smaller chips, called microcontrollers, that feature heavily in IoT. Some four billion ARM microcontrollers were shipped by ARM licensees last year.
Now, ARM is bringing a security technology long used in its smartphone processors down to these smaller chips. Called TrustZone, ARM says it will make it harder for hackers to break into IoT networks and meddle with things like industrial equipment, medical devices and networked cars.
TrustZone is a hardware isolation technology that carves out a separate area on a chip where trusted code can run. The code that gets executed there is smaller than an OS such as Android, which runs elsewhere on the chip, so it can be carefully vetted for flaws and provides a smaller “attack surface” for hackers, according to ARM. TrustZone has been used in Samsung’s Knox technology for securing phones, and by Netflix to prevent people from playing video on unapproved devices.
TrustZone is in all of ARM’s Cortex-A class processors, and at ARM’s TechCon conference in Silicon Valley Tuesday, the company announced it will come to new versions of its smaller Cortex-M chips as well, in the form of the new ARMv8M architecture. ARM also announced a new interconnect specification, AMBA 5 AHB5, which lets the TrustZone area communicate securely with the rest of a chip package.
It will take time for microcontrollers with TrustZone to get into the market. Once ARM delivers the design to licensees, they still need to manufacture and test it. “You’ll probably see it in devices in 2017, though it could be before that,” said Nandan Nayampally, vice president of marketing for ARM’s CPU division.
When it arrives, he says, it will provide an important level of added security for things like fitness trackers, smart meters in homes and connected industrial equipment.
TrustZone doesn’t secure devices by itself; it’s used in conjunction with cryptography and random number generators. ARM also announced a part called CryptoCell, from its acquisition of Sansa Security this year, to speed the encryption of data on its chips. It will be used across all its Cortex families, from microcontrollers up to the most powerful SOCs aimed at servers.
The announcements were made at ARM TechCon, where IoT will be a big focus, judging from the agenda.
ARM will be competing in the IoT market with several other vendors including Intel, which perhaps not by chance just held its own IoT event a week before TechCon.