Layered Security for the Next One Trillion Devices
Arm technology is in billions of devices today, a number we expect to grow to more than a trillion by 2035. To protect the billions of devices entering the market, IoT security cannot be an afterthought but must be layered in to form a symbiotic relationship between hardware and software.
Why? Because your device is only as strong as your weakest link – a single vulnerability could compromise an entire device.
PSA Certified (previously known as the Platform Security Architecture) is an architecture-agnostic security framework and certification program for implementing technologies, processes, and measures designed to protect systems, networks, and data from a range of attacks and a broad spectrum of vulnerabilities.
Based on four key stages: analyze, architect, implement and certify, PSA Certified guides you through the complex world of security design, identifying threats to a system, and recommending and describing which counter-measures to implement. The Arm security portfolio is built to help our partners to meet PSA Certified guidelines, so organizations can deploy the right level of robustness to best match the needs of each application.
As the appetite for exploiting security flaws intensifies, so does the broad spectrum of vulnerabilities. It’s important to consider each type of vulnerability and how these could impact your system. At Arm we split the types of vulnerability into four areas: communication, physical, lifecycle and software.
Attackers can try multiple means to intercept, spoof or disrupt messages sent from devices back to the server. Best-practice cryptographic defences must match the increasing value data being communicated.
Silicon attacks are often split into two categories: non-invasive and invasive. Non-invasive (side-channel) use different ways to try to observe the chip to gain information. These include perturbation techniques–altering the power supply voltage or interfering with electromagnetic signatures. Invasive techniques involve opening the chip to probe or modify part of the passivation layer.
Devices changes hands many times—from factory to user, to maintenance and to end-of-life. The integrity of the device must be protected at each step: who is repairing it, how is confidential data handled, are firmware upgrades legitimate. Unplanned or forbidden paths, such a theft, overages, or Wi-Fi changes are all vulnerabilities to consider.
These are the most common attacks where someone finds a way of using existing cost to get access to restricted resources. It could be due to a software bug or to unexpected call sequences that are open to whole classes of exploits.
Key Security Goals
As a founder of PSA Certified, Arm believe that every connected device needs to meet 10 fundamental security goals. These goals help to overcome some of the most fundamental security threats, ensuring there is a baseline for security. Achieving these 10 security goals requires a number of things, including specific counter-measures.
Selecting the right security products for a device requires careful analysis to identify the level of threat while considering all four types of vulnerability. Ask yourself: what are the assets of my application? How sensitive are they? What are the risks to my business if they are exposed? What lengths will an attacker take to access the assets? PSA Certified advises to start security design with analysis and answering these important questions, using threat modelling (or a protection profile) to identify the appropriate counter-measures. Once this extensive analysis is complete and you have a list of security requirements, it’s time to select the best counter-measures for your application.
Arm offers a wide spectrum of security IP to mitigate the risks associated with each vulnerability. These include products that can help with cryptography, security services, isolation and tamper mitigation.
PSA Certified advises that software security measures must isolate the security firmware and private information from the rest of the application. Arm TrustZone-enabled Cortex-A and Cortex-M processors are the most efficient way to implement isolation.
Trusted Execution Environment
The TEE consists of hardware-based isolation technology, trusted boot and a small trusted OS, offering protection against software attacks.
CMSIS-Zone Arm Keil MDK
CMSIS provides device support and a common approach to interface peripherals, reducing development time and offering protection against software attacks.
Trusted Firmware-M (TF-M)
Trusted Firmware-M delivers reference documents, specifications, and APIs that meet PSA Certified guidelines for Armv8-M based microcontrollers completely free of charge.
Arm Mbed OS provides transport, lifecycle, and device security features for the entire Arm Cortex-M family via standardized security-specific building blocks.
Cryptographic Services: Arm CryptoCell Family
Arm CryptoCell lets you protect assets belonging to different stakeholders in an ecosystem, safeguarding against communication and lifecycle attacks. Depending on your application, choose either Arm CryptoCell-300 for high-efficiency systems with a small footprint and low power consumption or Arm CryptoCell-700 for high performance systems.
Secure Debug: Arm CoreSight SDC-600
An important part of protecting a device, is ensuring that debug can take place in a secure way. CoreSight SDC-600 enables silicon and tool vendors to enforce protection and debug access via a secure debug channel.
Anti-tampering Processor: Arm Cortex-M35P
Arm SecurCore SC300
Arm SecurCore SC300 provides a processor with embedded counter measures against side channel attacks and fault injections to protect against physical attacks.
Arm SecurCore SC000
Arm SecurCore SC000 combines the Cortex-M0 processor with anti-tampering security features to offer protection against physical attacks.
Designed on the principles of PSA Certified, Corstone reference packages provide a complete solution for architecting a system with security at the heart, while balancing trade-offs between performance and power. The pre-verified subsystem and system IP included in Corstone packages significantly accelerates the development of secure SoCs, saving you time and allowing you to focus your resources on differentiation.
As long as there is value in controlling a device or accessing its data, there will be a constant battle against potential attackers. Talk with an Arm expert to learn more about security technologies that can be designed into devices.
Protect Your Data Platforms from the Next Wave of Cybercrime
The latest Arm Security Manifesto 2018 shows a disturbing trend in the continuing rise of cybercrime, particularly vast armies of attack bots and elaborate global security offensives. Yet industry is under pressure to simplify IoT, even as the numbers of IoT devices and data streams multiply by billions every year.
- Pushing the boundaries of performance and security to unleash the power of 64-bit computing
- A Total Compute approach to delivering digital immersion under a common architecture
- Why silicon security may be crucial for your next IoT device
- How to Provide Confidence and Assurance at Scale
- Delivering security 'defense in depth' through Total Compute
- Arm receives first high assurance Common Criteria security certification for soft processor IP
- Memory Tagging Extension: Enhancing memory safety through architecture
- The Security Arms Race on Devices
- Automotive security partner blog: Fast, secure file systems for autonomous vehicles from Tuxera
- New FIPS 140-2 certification provides time savings for Arm security partners
- Why you need a tailored secure foundation at the heart of your next IoT product
- 10 security goals for connected devices