Cambridge superchip company Arm has joined forces with global technology giants including Google and Cisco to create a ‘Fort Knox-style’ IoT security platform to protect a trillion connected devices from potential cyber hackers.
The ‘device to cloud’ Platform Security Architecture (PSA) from Arm is the first common industry framework for building secure connected devices.
Paul Williamson, Arm vice-president and general manager for IoT Device IP, issued the rallying cry to the battallon of tech warriors in the frontline of the security war: “Devices must be born secure; security is no longer optional.”
The gauntlet was originally thrown down at Arm’s TechCon a year ago by parent company SoftBank’s chairman Masayoshi Son as he announced his vision for a trillion connected devices by 2035.
Now, ahead of Arm’s TechCon 2017 (October 24-26) in California, the company has unveiled what it is doing in practical terms to deliver on the challenge. The upshot, says Williamson, is exciting and game-changing for the entire IoT industry. “It’s here: A common industry framework for protecting a trillion connected devices – PSA.”
Williamson said: “Achieving Masayoshi Son’s vision will require that we, the global population, become more knowledgeable in protecting our devices, while trusting the technology industry is doing everything it can to protect them and our data.
“No easy task as this trust will need to be earned while battling hackers who relentlessly seek vulnerabilities to find more entry points into our lives.
“This means that security cannot be an afterthought across all parts of the value chain from device to cloud. Particularly for the Arm ecosystem which expects to have shipped 200 billion Arm-based chips by 2021 (100bn+ to date and another 100bn by 2021).
“200bn chips is an astonishing number when you consider it’s nearly 2x the number of people (108bn) who have ever lived on earth. It also highlights the responsibility of Arm and our ecosystem to ensure these increasingly diverse connected devices that communicate with each other are designed with a common secure foundation.
“To address this, Arm is announcing the introduction of the first common industry framework for building secure connected devices, called Platform Security Architecture (PSA). Many of the biggest names in the industry are already endorsing and/or supporting PSA and the principles it’s based on.”
Williamson said the growing number of devices being connected to the internet need to be secure without sacrificing the very diversity which make them innovative and unique.
“Arm chief system architect Andy Rose and his team made sure this was top of mind when developing PSA through analysis of devices and best practices for securing them,” he said.
With this in mind, PSA delivers:-
- Representative IoT threat models and security analyses
- Hardware and firmware architecture specifications, built on key security principles, defining a best practice approach for designing endpoint devices
- A reference open source implementation of the firmware specification, called Trusted Firmware-M
Williamson said: PSA is a fundamental shift in the economics of IoT security, enabling ecosystems to build on a common set of ground rules to reduce the cost, time and risk associated with IoT security today.
“To allow the IoT ecosystem to more rapidly realise the benefits of PSA we will deliver an open source reference implementation firmware conforming to the PSA specification.
“Development initially targets Armv8-M systems, with source code release expected in early 2018. PSA is OS agnostic and is capable of being supported by all of Arm’s RTOS and software vendor partners, including the latest version of Arm’s market-proven Arm Mbed OS.
“As part of our continued drive to provide partners with the tools to build secure IoT solutions, we are also announcing new additions to our portfolio of security IP.”
These are as follows:-
- Arm TrustZone CryptoIsland – A new family of highly integrated security subsystems providing on-die, smartcard-level security starting with CryptoIsland-300 which targets applications requiring high levels of isolation and security, such as LPWA communication, storage, and automotive.
- Arm CoreSight SDC-600 Secure Debug Channel – Evolving IoT use cases results in more devices requiring device lifecycle debug access. SDC-600 enables full debug capabilities without compromising system security, integrating a dedicated authentication mechanism for debug access.
Williamson added: “PSA addresses one part of the value chain and at Arm TechCon, Dipesh Patel, president of Arm’s IoT Services Group, will provide an update on Arm’s plans for securely connecting and managing IoT devices.
“Arm is moving fast and enabling our lead partners to thoroughly test and refine the PSA framework in advance of the public release of specifications and software in Q1 2018. But Arm, our ecosystem and the industry need to move faster.
“All parts of the value chain need to embrace the guiding principle that security can no longer be optional. Our investment in PSA and Trusted Firmware-M represents much of the heavy lifting and lays out a clear and fast path to a common foundation for IoT security. No device should be left behind.”