IoT Security a Focus at ARM TechCon Show

Throughout keynote presentations and other conference sessions, the message was that security needs to be a priority when developing for the Internet of things.

IoT security

SANTA CLARA, Calif.—ARM is looking to extend the reach of its chip designs beyond smartphones and tablets and into new growth areas, with the Internet of things being a key one. The company sees the development of tens of billions of connected devices, systems and sensors as a natural fit for its low-power system-on-a-chip (SoC) designs, and has made a strong push into the burgeoning Internet of things (IOT) market over the last couple of years. That has included everything from the development of its mbed IoT platform to partnerships with the likes of IBM and acquisitions to build out its capabilities in the market.

At the company's TechCon 2015 show here Nov. 10, CTO Mike Muller unveiled ARM's new Cortex-A35 SoC, which is aimed at low-cost smartphones but also can be used for IoT devices.

With a broad array of devices becoming connected, the attack surface for hackers is rapidly increasing, and the issues of security and privacy have been at the forefront of IoT discussions throughout the industry. They also have been a focus at TechCon this week, where there were more than a dozen sessions about security and the IoT. In addition, at the same time he announced the Cortex-A35, Muller also introduced the company's efforts to bring its TrustZone technology that is pervasive in its architectures for mobile systems to IoT devices though the development of its new ARMv8-M architecture.

Muller stressed the need for a layered approach to security that starts with the hardware and works its way up through software and communications.

CEO Simon Segars followed that up in his Nov.11 keynote address, talking about security, privacy and the need to develop trust among end users and governments in the use of a myriad of connected devices in use. Otherwise, they risk stalling what he and ARM partners on the TechCon stage said is a significant opportunity for technology innovations, business advancements and improving the lives of the world's population.

If people don't trust their connected devices, they won't want to use them, Segars said. If governments are concerned about security, they will move in with regulations. The key is for the tech industry to get ahead of the security and privacy issues that impact trust and develop solutions that will deal with the challenges, the CEO said. An important part of that will be to address security as the devices are developed, rather than trying to bolt on technologies later.

"We have the opportunity to get this right," Segars said to several thousand TechCon attendees. "Let's take that opportunity to get the IoT right. “As the IoT evolves, and as it gets more complex, it will be difficult to address security after the fact, he added.

The Internet of things is expected to grow quickly over the next few years, with Cisco Systems forecasting that the number of connected devices worldwide will jump from 25 billion in 2014 to more than 50 billion by 2020. IDC analysts expect that IoT spending will hit $1.7 trillion by that year.

IDC also is predicting that as the number of devices grows, so will the number of cyber-attacks. According to IDC figures, the number of IoT devices will grow to 22 billion by 2018 and will fuel the development of 200,000 new apps and solutions to take advantage of them. However, security will continue to be a key issue. During a recent webcast, Frank Gens, senior vice president and chief analyst at IDC, reportedly said that by 2018, two-thirds of enterprises will experience IoT security breaches.

"Trust is all about risk mitigation," said Coby Sella, vice president of products and technology at ARM said during a panel discussion. "You need to address that risk factor."