Menu
ARM builds up security in the tiniest IoT chips

ARM builds up security in the tiniest IoT chips

Small, low-power chip designs now incorporate ARM's TrustZone technology

IoT is making devices smaller, smarter, and – we hope – safer. It’s not easy to make all those things happen at once, but chips that can help are starting to emerge.

On Tuesday at ARM TechCon in Silicon Valley, ARM will introduce processors that are just a fraction of a millimeter across and incorporate the company’s TrustZone technology. TrustZone is hardware-based security built into SoC (system on chip) processors to establish a root of trust.

It’s designed to prevent devices from being hacked and taken over by intruders, a danger that’s been in the news since the discovery of the Mirai botnet, which recently took over thousands of IP cameras to mount denial-of-service attacks.

“What ARM is trying to do is plug the holes before they can get started,” said analyst Bob O’Donnell of Technalysis Research.

As the array of IoT products expands into things like connected toothbrushes, many are being made by companies that know little about security, he said. ARM recognizes this.

“They’ve taken on the difficult task of trying to embed as much security into the device as possible,” O’Donnell said. It’s a big stretch for ARM, but the company’s well positioned because it already supplies the architecture for most IoT chips, he said.

TrustZone has been around for a decade for Windows, Mac OS and Android products but never for chips this small or low-powered.

The new Cortex-M33 chip design is just one-tenth of a square millimeter, and the Cortex-M23 is 75 percent smaller than that. They're the first chips based on the new ARMv8-M architecture and are designed to work with ARM's mbed OS. Chip vendors including Analog Devices, NXP and STMicroelectronics have already licensed the design.

ARM expects chips based on them to be used in products like bandages that collect and send medical data, tracking tags for packages in transit, and portable blood-monitoring devices.

These things won’t be plugged in to an outlet and may not even have batteries: A pocket-sized blood-testing device for diabetics could harvest enough energy to do its job just from the motion of the user removing the cap, ARM says.

Until now, this class of chip has had proprietary security hardware and software in many cases, which caused some limitations, said Nandan Nayampally, vice president of marketing in ARM’s CPU group. Added hardware made them less efficient, and developing different software for every chip duplicated effort.

With TrustZone, the chips can be secured without increasing their footprint, and they can use standard TrustZone software with APIs (application programming interfaces) for adding custom features.

Also on Tuesday, ARM introduced a cloud-based platform for managing and updating IoT processors for as long as they’re deployed. The mbed Cloud software-as-a-service platform is designed to solve the problem of how to manage millions of chips in devices that may be deployed all over a city or a global enterprise.

The platform can get a device set up and connected and then handle firmware updates over time. It also has a role to play in keeping IoT chips secure.

When a device boots up for the first time in the field, mbed Cloud can provide a security key for the communications channel and specify who can get access to the data from the device, based on enterprise policies.

The service can also help to prevent IoT-based denial-of-service attacks by monitoring what’s going on in the network. If there are abnormally chatty devices, it can isolate them or shut them down.

The SaaS platform isn’t just for devices with ARM-based chips or the mbed OS. If customers have legacy devices with other chips running Linux or freeRTOS, for example, ARM has a software module for connecting them to the mbed Cloud.

The service can be run on multiple public clouds, including Amazon’s and IBM’s.


Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Featured

Slideshows

Kiwi channel comes together for another round of After Hours

Kiwi channel comes together for another round of After Hours

The channel came together for another round of After Hours, with a bumper crowd of distributors, vendors and partners descending on The Jefferson in Auckland. Photos by Maria Stefina.​

Kiwi channel comes together for another round of After Hours
Consegna comes to town with AWS cloud offerings launch in Auckland

Consegna comes to town with AWS cloud offerings launch in Auckland

Emerging start-up Consegna has officially launched its cloud offerings in the New Zealand market, through a kick-off event held at Seafarers Building in Auckland.​ Founded in June 2016, the Auckland-based business is backed by AWS and supported by a global team of cloud specialists, leveraging global managed services partnerships with Rackspace locally.

Consegna comes to town with AWS cloud offerings launch in Auckland
Veritas honours top performing trans-Tasman partners

Veritas honours top performing trans-Tasman partners

Veritas honoured its top performing partners across the channel in Australia and New Zealand, recognising innovation and excellence on both sides of the Tasman. Revealed under the Vivid lights in Sydney, Intalock claimed the coveted Partner of the Year 2017 (Pacific) award, with Data#3 acknowledged for 12 months of strong growth across the market. Meanwhile, Datacom took home the New Zealand honours, with Global Storage and Insentra winning service provider and consulting awards respectively. Dicker Data was recognised as the standout distributor of the year, while Hitachi Data Systems claimed the alliance partner award. Photos by Bob Seary.

Veritas honours top performing trans-Tasman partners
Show Comments