Secure Services

ARM believes that security starts with the architecture, long before silicon and that adding security to silicon or devices represents a power hungry treatment of a security breach, rather than a preventative vaccination.

The ARM strategy is to enable service providers, content players and security service companies too have trust in devices to deliver higher value to customers by achieving common points of alignment and interworking that are vital to driving innovation. This in turn will provide enterprise and consumers with a choise of solutions and suppliers in a world where security exists within, across and between devices both in consumers' hands, the IT manager and the cloud.

Why ARM?

Applications

Partners

Technology

Resources

Each year, ARM Partners ship more than 6Bn devices for consumer electronics , meters, networks, cars, industrial equipment applications and more. The ARM business model and Connected Community of more than 850 Partners enables this scale.

More and more of these devices are capable of allowing users to personalise their devices for their needs, and the threats inherent in doing so need to be mitigated. ARM believes security can be best fulfilled in the future with a combination of hardware, software and services and when smart card technology, such as ARM SecurCore processors and ARM TrustZone technology work together to bring security to payments, enterprises, content owners and government services on any device.

ARM has partnered for many years with the leading security companies in the field of smart cards to bring their domain expertise of security and brand trust into TrustZone technology. TrustZone technology has been designed into the architecture of ARM processors and provides the ability to hold all of the required user names, case sensitive passwords, credit card and bank details, and a means of securing the keypad for PIN entry to be held securely on one device. This robust security exists without the requirement for anti-virus software or other power hungry applications added at the silicon or device level – a vital factor in handheld, battery-powered handsets.

There are numerous applications, existing and emerging which demand secure protection of data and personal information.

Example use cases include:

Mobile Payments

Secured PIN entry for enhanced user authentication in mobile payments & banking
Secured NFC communications channel
Digital Rights Management (DRM)
Software license management
Loyalty-based applications
Access control of cloud-based documents
e-Ticketing
Mobile TV

ARM TrustZone technology removes the need for separate secure hardware to be used to authenticate the integrity of a device or indeed a user. It does this by providing a true hardware root of trust in the main mobile chipset.

To ensure that the integrity of the application making the assertion of trust has not itself been tampered with, TrustZone also provides a secure execution environment where only trusted applications can operate safe from hacker/virus/malware style attacks - a Trusted Execution Environment (TEE).

TrustZone hardware provides the isolation for the TEE from software attack vectors. The hardware isolation extends to securing data input and output all the way to the physical peripheral, including for example, the keypad/touchscreen.

Armed with these key capabilities, chipsets equipped with TrustZone technology provide a wealth of opportunities to redefine the services users can access (more, better), how they access them (faster, easier), and where they can access them (anywhere, anytime).

For more detailed information on TrustZone technology click here
For information on efficiently designing and implementing secure systems go to the TrustZone Ready Program

ARM provides a broad range of technology to enable the development of next-generation secure devices including: processor IP, System IP and development tools (below). In addition to SoC intellectual property, ARM provides the TrustZone Ready Program - a cohesive set of design recommendations and market requirements to help silicon partners and OEMs design the appropriate security features for their platform. For further information it is recommended that organisations looking to develop trusted platforms contact ARM to discuss their development needs.

Processor IP

Cortex-A Series Processors
The ARM Cortex™-A series of applications processors provide an entire range of solutions for devices hosting a rich OS platform and user applications ranging from ultra-low-cost handset through smartphones, mobile computing platforms, digital TV and set-top boxes through enterprise networking, printers and server solutions.

Every Cortex-A series processor includes TrustZone security technology within its architecture.

The Cortex-A series consists of the Cortex-A15, the Cortex-A9, the Cortex-A8, the Cortex-A7 and the Cortex-A5 processors

SecurCore Processors
The ARM SecurCore™ processor family provides powerful 32-bit secure solutions based upon industry leading ARM architecture. SecurCore processors can be used in a wide range of security applications, outperforming legacy 8-bit or 16-bit secure processors.

The ARM SecurCore series consists of the SC000, the SC100 and the SC300 processors.

System IP

ARM CoreLink™ system IP components are essential for building complex system on chips and by utilizing System IP components developers can significantly reduce development and validation cycles, saving cost and reducing time to market.

Description:

CoreLink NIC-301 Network Interconnect
CoreLink DMA-300 DMA Controller
CoreLink L2C-310 Level 2 Cache Controller
CoreLink DMC-340 Dynamic Memory Controller
CoreLink DMC-400 Dynamic Memory Controller
CoreLink TZC-380 CoreSight Address Space Controller
CoreSight CDK-11 CoreSight Design Kit

Tools Support

All ARM processors are supported by the ARM Development Studio 5 (DS-5™) tool suite, as well as a wide range of third party tools, operating system and EDA vendors. ARM DS-5 software development tools are unique in their ability to provide solutions that take full advantage of the complete ARM technology portfolio.

An organisation looking to develop a trusted application will need some target hardware which includes a build of the TEE as well as the normal OS. This could be via a SoC development board from a chip vendor or via an OEM. ARM has partnered with well known Secure OS partners G&D and Trusted Logic Mobility who can provide a small, certifiable and trusted OS as well as Trusted Service Management technology to manage the life cycle of trusted applications. It is likely that legal agreements will be needed (for example an evaluation license to the Trusted OS software, NDA etc).

The designer is also likely to want a JTAG port on the target hardware that allows access to debug the secure world as well as normal world and developer tools that are compatible with the target trusted OS. The latest version of ARM Design Studio 5 (DS-5™) development suite includes functionality to simultaneously debug trusted and normal world code.

Blogs