This morning Arm announced their Platform Security Architecture (PSA), a new way of protecting our ever expanding connected world. This is intended for all Arm-based devices from the lowest cost microcontrollers on up. There is a particular focus on IoT devices, since they will be the most numerous and they will be developed by people who won't have in-depth security knowledge and expertise. The problem is that this doesn't just affect the compromised devices, it can affect other sites and even internet infrastructure. An example of what can happen was last year's Mirai malware that I wrote about in my post Video Cameras: No Service for You . Arm TechCon Before I talk about the announcement, let me point out that this week it is Arm TechCon, so it's going to be Arm all week here on Breakfast Bytes. It is in the Santa Clara Convention Center from Tuesday to Thursday. The Expo is just Wednesday and Thursday, though. Of course, Cadence will be there, at booth 200 in the unlikely event that we are hard to locate. We also have many presentations throughout the event. Details of Cadence at TechCon are here . Full details of the whole conference, including links for registration (use promo code "invite" for a discount) are here . As a teaser, let me list just the keynotes, although there is much more. The keynotes are open to anyone, even people with a free "exhibits-only" pass. Tuesday, 9:30am: Mike Muller, Arm's CTO, There's Lots More to Come Tuesday, 9:55am: Dipesh Patel of Arm, The Road to One Trillion Devices, Simple, Secure, and Scalable Wednesday, at 9:30am: Simon Segars, Arm's CEO, Humanizing Technology Wednesday, 9:50am: Avoiding a Hacker's Paradise . I think this is a discussion moderated by Don Clark of NYT, with Simon Segars and Mary Aitken of University of Dublin Thursday, 9:30am: Greg Yeric of Arm, Process Technology in Limbo . I saw Greg talk at IEDM in 2015 (see Moore's Law at 50: Are We Planning for Retirement? ) and so I regard this keynote as self-recommending Thursday, 9:50am: Rob Aitken of Arm, How to Build and Connect a Trillion Things . I previewed this last week in A Trillion Devices: Arm TechCon Preview Thursday, 10:10am: Rene Haas of Arm, Architects of Possible Introducing Platform Security Architecture Anything Arm does has a major impact since they ship so many processors. By units, they are far and away the most widespread architecture (by dollars, I think Intel must be #1). It took from their founding in 1991 until 2013 to get to 50B chips shipped by their licensees, but only until now (four years) to ship the next 50 billion. They expect to ship 100 billion in the next four years, so on track to trillion dollar numbers with which two of the keynotes at this week's TechCon are headlining their talks. Security is not optional. Even if, for some reason, the maker of a device doesn't care about security, probably due to lack of knowledge, the rest of the world doesn't want IoT devices that ship in large numbers to be recruited for botnets or become attack vectors in any way. IoT devices that control physical devices have the potential to be especially dangerous. Even if you say "it's a lightbulb, what's the worst that can happen, it goes on when you didn't turn it on" then you are showing a lack of imagination. Yes, turning on your friend's bedroom light in the middle of the night might be no more than an amusing prank. Turning on every single bedroom light in the Bay Area at the same time is likely to bring power cuts, if not do permanent damage. As this example makes clear, security is required in the smallest devices like lightbulbs, never mind obvious things like cars or industrial machinery. So the big points of PSA addresses are: Security across the whole value chain Scalable to the tiniest, low-cost devices Secure connection and management of devices Arm is different from a semiconductor company in that its processors show up in a wide range of different devices from a wide range of manufacturers. As Arm said on the press call I attended: hundreds of silicon providers, tens of thousands of manufacturers making systems, hundreds of billions of devices The key thing is that across that broad ecosystem there need to be common security principles. A Recipe and a Reference Implementation There are three parts to PSA: analysis, architecture, and implementation. The four common principles, across all security use cases, are: Device identity, doesn’t change over time Trusted boot sequence Secure over-the-air (OTA) software updates Certificate-based authentication (not usernames and passwords) Availability To date, the information has only been available under NDA to partners. However, there area lot of partners from Cisco to Google and Baidu, from Renesas to Greenhills and British Telecom (although I think it is officially BT these days). However, in Q1 it will all be open, both the documents and the source code. Trusted Firmware-M (M is for microcontrollers) is Arm-authored to the PSA specification. It will have a permissive open source license to drive rapid adoptions. Initially it will target only Armv8-M-based SoCs. Arm's Mbed OS will provide a PSA implementation for all Cortex-M devices. Arm gave the example of a smart meter. Before PSA, metering data could be compromized, resulting in theft of electricity. The default passwords were sometimes left in the meters, resulting in possible compromise of all sorts, or perhaps using smart meters to launch DDOS attacks. SInce the devices could not be updated, even when vulnerabilities were discovered, they could only be updated by physically replacing the meter. After PSA, there is designed-in security and data-logging, there are no "default passwords" since devices use certificate-based authentication, and OTA update is built-in by default. To show how important OTA is, you have probably heard about KRACK, the vulnerability of many Wi-Fi routers (but not, luckily, most smartphones, at least at the high end). All those routers need updating. Today, if anything happens, you might receive an email telling you to update the firmware and telling you how to do it. But most people, based on past experience, will not. But Wait...There's More Arm announced two other security products. Arm TrustZone CryptoIsland-300, which is an on-die security enclave. This allows even more isolation of security services and is ideal for low-power wide-area networks, storage, and automotive. It reduces what security people call the attack surface, the number of places that need to be secured. Also, Arm SDC-600 Secure Debug Channel. Debug access is a common vulnerability in devices. Sometimes it is protected by a fuse which is blown after manufacture, cutting debug access forever, but that has obvious problems when a system has to be debugged. The Secure Debug Channel allows the channel to be turned on and off securely. Summary Arm have created a common framework for the trillion device world. Devices must be "born secure" and accept that security is not optional. It covers end-to-end security from the smallest devices up to the cloud. Costs are kept down for users since the PSA specifications and source code are being donated to the industry. More information here on the Arm website . Sign up for Sunday Brunch, the weekly Breakfast Bytes email.![]()
↧