Layered Security for the Next One Trillion Devices

Arm technologies are in billions of devices today, a number we expect to see grow to over a trillion. Achieving this vision calls for a symbiotic relationship between hardware and software, where security is no longer an afterthought. Arm’s security portfolio is designed to protect against a broad spectrum of vulnerabilities, allowing partners to deploy the security level that best matches their application needs. Achieving layered security involves implementing technologies, processes and measures designed to protect systems, networks, and data from a range of attacks. Why? Because your device is only as strong as your weakest link - a single vulnerability could compromise an entire device.  The types of vulnerability are communication, physical, lifecycle and software.

Communication Vulnerabilities

IoT is about connectivity, which means the device sends messages back to a server, and an attacker can try multiple means to intercept, spoof or disrupt those messages. Best-practice cryptographic defenses must match the increasing value of the assets they communicate.

Physical Vulnerabilities

Silicon attacks are often split into two categories: non-invasive and invasive. Non-invasive (side-channel) try to observe the chip in different ways to gain information. They may use perturbation techniques for example, altering the power supply voltage, or interfering with electromagnetic signatures. Invasive techniques involve opening the chip to probe or modify part of the passivation layer. 

Lifecycle Vulnerabilities

A device changes hands many times from factory to user, to maintenance and to end of life. We must protect the integrity of the device as it goes through this cycle: is the object repairable, who is repairing it, how is confidential data handled? It also addresses the response to unplanned or forbidden paths, such as theft, overages, or Wi-Fi changes. 

Software Vulnerabilities

These are the most common attacks where someone finds a way of using existing code to get access to restricted resources. It could be due to a software bug or to unexpected call sequences that are open to whole classes of exploits.

Counter-Measures
Arm Solutions

Our IP extends across the system with processors and subsystem protection (both hardware and software), as well as acceleration and offloading, fitting together seamlessly for layered protection.

The Perfect Starting Point: Arm Platform Security Architecture

The Arm Platform Security Architecture (PSA) is the framework for securing the next one trillion connected devices and systems, from chip to cloud, rallying the entire ecosystem to adopt a common security best practice. PSA calls for a consistent standard of security designed-in to both the hardware and firmware of all devices. PSA instructs three key phases (analyze, architect, implement) and reduces the ongoing cost of security and time-to-market by providing a holistic set of deliverables that anyone can use, regardless of security expertise.

Bringing a Secure SoC to Market

Developers of IoT devices have a lot to consider and a key part of this is designing the right SoC. This requires a lot of moving parts: considering security, trust, power, performance and area constraints, plus scalable compute and connectivity to the cloud. Arm IoT frameworks accelerate time-to-security for SoC designers, device makers and developers by building on the principles of Platform Security Architecture and providing the powerful toolboxes they need to build their next system.

Security Counter-Measures
Arm TrustZone

Offering protection against software attacks with isolation and a device root of trust

TrustZone is a system-on-chip (SoC) and CPU system-wide approach to security, helping to isolate and protect secure hardware, software and resources. TrustZone is hardware-based security built into SoCs by semiconductor chip designers, then used by software developers. The family of TrustZone technologies can be integrated into any Arm Cortex-A and the latest Cortex-M based systems, whether it’s establishing a trusted foundation for a high-performance experience or enabling authentication on the smallest embedded device.

Arm CryptoCell Family

Offering protection against communication and lifecycle attacks

Arm CryptoCell enables the protection of assets (code and data) belonging to different stakeholders in an ecosystem (for example, silicon vendor, OEM, service provider, user). CryptoCell enables SoC designers to trade off area, power, performance or robustness in a very flexible approach so SoC designs can be optimized to achieve the most appropriate security level for the target market.

Arm CryptoCell Family

Offering protection against communication and lifecycle attacks

Arm CryptoCell enables the protection of assets (code and data) belonging to different stakeholders in an ecosystem (for example, silicon vendor, OEM, service provider, user). CryptoCell enables SoC designers to trade off area, power, performance or robustness in a very flexible approach so SoC designs can be optimized to achieve the most appropriate security level for the target market.

The Enhanced Suite of Physical Security IP

Offering protection against physical security and close proximity attacks

There is no doubt that chip-based physical attacks are becoming easier and more dangerous. Arm provides a suite of security IP to guard the SoC on several fronts, including:

Arm TrustZone Security System IP

Arm also has a range of Security System IP, including: the TrustZone Random Number Generator, TrustZone Full Disk Encryption and TrustZone Address Space Controllers.

Software Solutions
Pelion IoT Platform

The Pelion IoT Platform is a flexible, secure, and efficient foundation spanning connectivity, device, and data management. It accelerates the time to value of your IoT deployments by helping you easily connect trusted IoT devices on global networks, invisibly administer them, and extract real-time data from them to drive competitive advantage.

Talk with an Expert

 As long as there is value in controlling a device or accessing its data, there will be a constant battle against potential attackers. Talk with an Arm expert to learn more about security technologies that can be designed into devices.

Contact Us

Security Resources