Layered Security for the Next One Trillion Devices
Arm technology is in billions of devices today, a number we expect to grow to more than a trillion by 2035. To protect the billions of devices entering the market, IoT security cannot be an afterthought but must be layered in to form a symbiotic relationship between hardware and software.
Why? Because your device is only as strong as your weakest link – a single vulnerability could compromise an entire device.
The Platform Security Architecture (PSA) is an architecture-agnostic framework for implementing technologies, processes, and measures designed to protect systems, networks, and data from a range of attacks and a broad spectrum of vulnerabilities.
Based on four key stages: analyze, architect, implement and certify, the PSA is a guide through the complex world of security design, identifying threats to a system, and recommending and describing which counter-measures to implement. The Arm security portfolio is built to achieve PSA principles, so organizations can deploy the right level of robustness to best match the needs of each application.
As the appetite for exploiting security flaws intensifies, so does the broad spectrum of vulnerabilities. It’s important to consider each type of vulnerability and how these could impact your system. At Arm we split the types of vulnerability into four areas: communication, physical, lifecycle and software.
Attackers can try multiple means to intercept, spoof or disrupt messages sent from devices back to the server. Best-practice cryptographic defences must match the increasing value data being communicated.
Silicon attacks are often split into two categories: non-invasive and invasive. Non-invasive (side-channel) use different ways to try to observe the chip to gain information. These include perturbation techniques–altering the power supply voltage or interfering with electromagnetic signatures. Invasive techniques involve opening the chip to probe or modify part of the passivation layer.
Devices changes hands many times—from factory to user, to maintenance and to end-of-life. The integrity of the device must be protected at each step: who is repairing it, how is confidential data handled, are firmware upgrades legitimate. Unplanned or forbidden paths, such a theft, overages, or Wi-Fi changes are all vulnerabilities to consider.
These are the most common attacks where someone finds a way of using existing cost to get access to restricted resources. It could be due to a software bug or to unexpected call sequences that are open to whole classes of exploits.
Selecting the right security products for a device requires careful analysis to identify the level of threat while considering all four types of vulnerability. Ask yourself: what are the assets of my application? How sensitive are they? What are the risks to my business if they are exposed? What lengths will an attacker take to access the assets? The Arm PSA advises to start security design with analysis and answering these important questions, using threat modelling (or a protection profile) to identify the appropriate counter-measures.
Once this extensive analysis is complete and you have a list of security requirements, it’s time to select the best counter-measures for your application. Arm offers a wide spectrum of security IP to mitigate the risks associated with each vulnerability. These include products that can help with cryptography, security services, isolation and tamper mitigation.
IoT Security is Essential
Securing the IoT is one of the big barriers to IoT reaching its full potential. To truly protect the billions of devices entering the field, security needs to be considered at the very beginning of device design—built in from the ground up and throughout the full lifecycle of the device. As the IoT starts to fix real-world problems, the value of assets inside IoT devices will only increase, making them prime targets for hackers.
Protecting our IoT devices and assets (for example the sensor data, or encryption keys), requires careful analysis of IoT assets. We also need to consider all security threats (communication, lifecycle, physical or software attacks), ensuring informed decisions are made about the necessary counter-measures to safeguard each IoT use case. If security is not considered upfront, enterprises and users of IoT may later find deployments compromised, risking revenue, brand credibility or in some cases, life-threatening situations.
PSA specifies that software security measures must isolate the security firmware and private information from the rest of the application. Arm TrustZone-enabled Cortex-A and Cortex-M processors are the most efficient way to implement isolation.
Trusted Execution Environment
The TEE consists of hardware-based isolation technology, trusted boot and a small trusted OS, offering protection against software attacks.
CMSIS-Zone Arm Keil MDK
CMSIS provides device support and a common approach to interface peripherals, reducing development time and offering protection against software attacks.
Trusted Firmware-M (TF-M)
Trusted Firmware-M delivers reference documents, specifications, and APIs of PSA-trusted code for Armv8-M based microcontrollers completely free of charge.
Arm Mbed OS provides transport, lifecycle, and device security features for the entire Arm Cortex-M family via standardized security-specific building blocks.
Cryptographic Services: Arm CryptoCell Family
Arm CryptoCell lets you protect assets belonging to different stakeholders in an ecosystem, safeguarding against communication and lifecycle attacks. Depending on your application, choose either Arm CryptoCell-300 for high-efficiency systems with a small footprint and low power consumption or Arm CryptoCell-700 for high performance systems.
Isolated Subsystem: Arm CryptoIsland Family
Arm CryptoIsland provides a fully isolated subsystem with a similar set of security services to CryptoCell, with added scope for programmability and reuse.
Pelion IoT Platform
The Pelion IoT platform provides secure device-to-data connectivity and data management, offering protection against communication and lifecycle attacks.
Secure Debug: Arm CoreSight SDC-600
An important part of protecting a device, is ensuring that debug can take place in a secure way. CoreSight SDC-600 enables silicon and tool vendors to enforce protection and debug access via a secure debug channel.
The Arm Kigen family delivers integrated secure identity to protect the next wave of connected devices in a more flexible, scalable and cost-effective form. It also offers secure authentication and remote SIM management of devices.
Anti-tampering Processor: Arm Cortex-M35P
Side-Channel Attack Mitigation IP
To protect systems from side-channel attacks, Arm offers the CryptoIsland-300P and CryptoCell-312P products, with additional hardening to drastically reduce the leakage of sensitive information.
Arm SecurCore SC300
Arm SecurCore SC300 provides a processor with embedded counter measures against side channel attacks and fault injections to protect against physical attacks.
Arm SecurCore SC000
Arm SecurCore SC000 combines the Cortex-M0 processor with anti-tampering security features to offer protection against physical attacks.
Arm secure foundation solutions build on the principles of PSA and contain Corstone foundation IP to provide powerful toolboxes needed to build secure, PSA-ready systems. The pre-verified, modifiable solutions accelerate time to market and time to security.
As long as there is value in controlling a device or accessing its data, there will be a constant battle against potential attackers. Talk with an Arm expert to learn more about security technologies that can be designed into devices.
Protect Your Data Platforms from the Next Wave of Cybercrime
The latest Arm Security Manifesto 2018 shows a disturbing trend in the continuing rise of cybercrime, particularly vast armies of attack bots and elaborate global security offensives. Yet industry is under pressure to simplify IoT, even as the numbers of IoT devices and data streams multiply by billions every year.
- Arm receives first high assurance Common Criteria security certification for soft processor IP
- Memory Tagging Extension: Enhancing memory safety through architecture
- The Security Arms Race on Devices
- Automotive security partner blog: Fast, secure file systems for autonomous vehicles from Tuxera
- New FIPS 140-2 certification provides time savings for Arm security partners
- Why you need a tailored secure foundation at the heart of your next IoT product