ARM’s new architecture is a way to secure a trillion connected devices

How can we secure connected devices? Or rather, how can we secure a trillion connected devices?

That may sound like a stupidly large number – more in the realm of science fiction than reality – but that’s the vision of ARM chief executive Masayoshi Son. However, protecting such a vast volume of devices could obviously present challenges.

There will be a diverse range of devices being connected, all for different applications and using different connectivity protocols. Therefore, it’s important that these diverse internet-connected devices are designed with a common secure foundation.

With this in mind, the company has introduced a common industry framework for building secure connected devices, called Platform Security Architecture (PSA).

Economic shift

According to Paul Williamson, general manager for IoT device IP at ARM, PSA represents a fundamental shift in the economics of IoT security, enabling ecosystems to build on a common set of ground rules to reduce the cost, time and risk associated with IoT security today.

He said that PSA delivered a number of advantages to builders of IoT systems. These include representative IoT threat models and security analyses, and  architecture specifications, built on key security principles, defining a best practice approach for designing endpoint devices and a reference open source implementation of the firmware specification (called Trusted Firmware-M).

PSA is being supported by several SiP, software and security companies, including Silicon Labs, Microchip and Symantec.

The company has also introduced two other security products to supports its drive for device protection. TrustZone CryptoIsland is a family of security subsystems providing on-die, smartcard-level security. The first product in the range is CryptoIsland-300, targeting applications requiring high levels of isolation and security, such as LPWA communication, storage, and automotive.

The other new offering is the CoreSight SDC-600 Secure Debug Channel, designed to support the growing requirement for IoT devices requiring lifecycle debug access. The SDC-600 enables full debug capabilities without compromising system security, boasting a dedicated authentication mechanism for debug access.