Why Security Matters
Security and privacy requirements continue to evolve and are increasing becoming a critical purchasing decision point for consumers, industry and governments. Requirements are rapidly evolving around data ownership and privacy in smart devices, such as mobile phones and tablets; and security within the Internet of Things is rapidly ramping in reaction to advanced threats such as Stuxnet and potential impacts on critical national infrastructure.
Cutting edge devices such as smartphones and tablets provide consumers with high value experiences based on an expanding set of services. These range from productivity solutions such as access to email and corporate VPN, to online commerce and banking, to entertainment in the form of music and video, and many more. However, such is the capability and performance of today’s mobile devices that a new approach is required to match the services consumer demand with the risk that asset owners are willing to accept. To realize their fullest potential, mobile devices require not just power efficiency and performance but also security.
ARM is working with its Partners and standards organizations to make it easier and quicker to develop platforms and devices with robust security based on TrustZone® technology. As part of this initiative, ARM has created the TrustZone Ready Program,designed to simplify the development of chipsets and devices with a hardware-backed Trusted Execution Environment (TEE).
Evolving from Legacy Approaches
We have become used to the legacy PC user experience where the system is continuously under attack from a wide range of threats such as viruses, malware, man in the middle/browser attacks, keyloggers and zero day attacks (making use of undetected vulnerabilities).
The problem of securing large computing systems has led to the provision of an array of separate trusted hardware such as One Time Password dongles, credit card/PIN derived pass codes and complicated protocols for authentication. This growing array of hardware needed to access your bank or corporate network makes for a poor user experience, for example limiting the access to your bank account to when you have the dongle in reach.
High value services demand trusted platforms that can provide protection from software attack and enable secure protection for critical code and valuable data. As we move to the “Internet of Things” era with billions of smart connected devices a new approach is required that provides a Trusted Execution Environment built on specialized hardware available in a wide selection of modern ARM application processors.
Internet of Things & Embedded Security
Smart Devices, with feature rich operating systems, are not the only target of the modern hacker, and increasingly the industry is dealing with the advent of APD (advanced persistent threats) against critical infrastructure such as water, gas, electricity, transportation and other utilities.
The advent of the Internet of Things, with billions of additional connected devices offers significant enhancements to how we live our lives as citizens but also carries risks around subversion of the technology and management of privacy. With this in mind ARM is working with its ecosystem to develop advanced system platforms that integrate robust security controls that can ensure data is tightly constrained.
ARM has a rich history in this embedded domain with hundreds of millions of SmartCard and SIM devices shipped every year based on ARM technology. At the centre of these devices are the SecurCore range of processors which deliver the same flexibility and programmability of traditional microcontroller devices while delivering a range of specific tamper-resistant technologies that can help defeat physical and software attacks.
Where physical tamper-resistance is less important may partners already implement strong embedded security devices based on the Cortex-M range of processors. Here, through the integration of cryptography, secure storage, and professional entropy sources, such as random number generators, partners are already enabling a Secure Internet of Things.