ARM Brings TrustZone Security Technology to IoT Devices

The company is introducing its ARMv8-M architecture, which will extend TrustZone's reach from the data center to IoT and embedded devices.

mobile security

SANTA CLARA, Calif.—ARM is introducing a 32-bit architecture for its small Cortex-M processors that officials say will bring greater security to the growing numbers of embedded and Internet of things devices.

On the first day of the chip designer's ARM TechCon 2015 show here Nov. 10, officials unveiled the ARMv8-M architecture, which brings ARM's TrustZone security technology to the billions of small devices that make up the Internet of things (IoT).

The move enables chip manufacturers and end users to leverage a single architecture and security technology—which is also used by other ARM chip designs, including its ARMv8-A 64-bit architecture aimed at servers and other systems running rich operating systems, and ARMv8-R, a 32-bit design for real-time systems—for the entire infrastructure, from end devices at the edge back to the servers in the data center.

As the number of connected devices—from mobile devices and automobiles to industrial systems and home appliances—continues to grow, so does the attack surface for hackers, which raises the need for security at all points in the infrastructure, according to ARM officials.

"When we want things to be secure, we want everything in the chain to be secure," Nandan Nayampally, vice president of marketing for ARM's CPU Group, said during a briefing with journalists before the show.

The IoT is expected to grow rapidly over the next several years. Cisco Systems officials expect the number of connected devices worldwide will increase from 25 billion last year to more than 50 billion by 2020. IDC analysts expect IoT spending to jump to $1.7 trillion by the end of the decade.

All these devices are going to need to securely access the Internet, send and receive data, and communicate, Nayampally said. And there will be a broad array of connected systems, sensors and devices, from small wearables to power grids. They all will need to be secure, he said.

ARM's TrustZone technology, introduced about 10 years ago, is designed to separate and isolate non-trusted resources from trusted hardware, software and data while reducing the attack surface available to attackers. It includes hardware-assisted cryptography with secure access validation built into the system-on-a-chip (SoC). Nayampally said the technology is currently being used in a wide range of arenas, from authentication and mobile payment systems to content protection and enterprise security. Advanced Micro Devices has adopted TrustZone for some of its processors.

Other uses cases include secure remote firmware updates, firmware IP protection and secure debugging, he said. TrustZone includes ARM's CryptoCell security subsystem for greater embedded security.

The ARMv8-M architecture also will support the AMBA 5 AHB5 interconnect protocol, which extends security from the ARM embedded SoC to other components in the system, such as memory, storage and connected peripherals, both trusted and untrusted.

ARM is offering up an array of supporting software tools for the ARMv8-M architecture that touch on everything from compilers, debuggers and an integrated developer environment (IDE) to fixed virtual prototypes, APIs and a toolkit to enable the creating of custom platforms. The company is making the tools available to some early-access partners.

In addition, Nayampally said ARM is seeing support among partners for the ARMv8-M architecture, including from vendors like Symantec, Green Hill Software, Trustonic and Mentor Graphics.