ARM builds up security in the tiniest IoT chips

Small, low-power chip designs now incorporate ARM's TrustZone technology

IoT is making devices smaller, smarter, and – we hope – safer. It’s not easy to make all those things happen at once, but chips that can help are starting to emerge.

On Tuesday at ARM TechCon in Silicon Valley, ARM will introduce processors that are just a fraction of a millimeter across and incorporate the company’s TrustZone technology. TrustZone is hardware-based security built into SoC (system on chip) processors to establish a root of trust.

It’s designed to prevent devices from being hacked and taken over by intruders, a danger that’s been in the news since the discovery of the Mirai botnet, which recently took over thousands of IP cameras to mount denial-of-service attacks.

“What ARM is trying to do is plug the holes before they can get started,” said analyst Bob O’Donnell of Technalysis Research.

As the array of IoT products expands into things like connected toothbrushes, many are being made by companies that know little about security, he said. ARM recognizes this.

“They’ve taken on the difficult task of trying to embed as much security into the device as possible,” O’Donnell said. It’s a big stretch for ARM, but the company’s well positioned because it already supplies the architecture for most IoT chips, he said.

TrustZone has been around for a decade for Windows, Mac OS and Android products but never for chips this small or low-powered.

The new Cortex-M33 chip design is just one-tenth of a square millimeter, and the Cortex-M23 is 75 percent smaller than that. They're the first chips based on the new ARMv8-M architecture and are designed to work with ARM's mbed OS. Chip vendors including Analog Devices, NXP and STMicroelectronics have already licensed the design.

ARM expects chips based on them to be used in products like bandages that collect and send medical data, tracking tags for packages in transit, and portable blood-monitoring devices.

These things won’t be plugged in to an outlet and may not even have batteries: A pocket-sized blood-testing device for diabetics could harvest enough energy to do its job just from the motion of the user removing the cap, ARM says.

Until now, this class of chip has had proprietary security hardware and software in many cases, which caused some limitations, said Nandan Nayampally, vice president of marketing in ARM’s CPU group. Added hardware made them less efficient, and developing different software for every chip duplicated effort.

With TrustZone, the chips can be secured without increasing their footprint, and they can use standard TrustZone software with APIs (application programming interfaces) for adding custom features.

Also on Tuesday, ARM introduced a cloud-based platform for managing and updating IoT processors for as long as they’re deployed. The mbed Cloud software-as-a-service platform is designed to solve the problem of how to manage millions of chips in devices that may be deployed all over a city or a global enterprise.

The platform can get a device set up and connected and then handle firmware updates over time. It also has a role to play in keeping IoT chips secure.

When a device boots up for the first time in the field, mbed Cloud can provide a security key for the communications channel and specify who can get access to the data from the device, based on enterprise policies.

The service can also help to prevent IoT-based denial-of-service attacks by monitoring what’s going on in the network. If there are abnormally chatty devices, it can isolate them or shut them down.

The SaaS platform isn’t just for devices with ARM-based chips or the mbed OS. If customers have legacy devices with other chips running Linux or freeRTOS, for example, ARM has a software module for connecting them to the mbed Cloud.

The service can be run on multiple public clouds, including Amazon’s and IBM’s.

Join the PC World newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Stephen Lawson

IDG News Service
Show Comments

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?