ARM is making a free operating system a cornerstone of its push into selling both more cores and server software to help manage them. But the company has yet to clarify how it will implement key elements of the security infrastructure meant to underpin it.
The device-level operating system is in an earlier stage of development, with alpha software going to selected partners by the end of the year. Zach Shelby, director of technical marketing at ARM, said: “By TechCon next year we will be at full production for the whole thing.”
Some of the support infrastructure needed to handle security still has to be rolled out. Although the Mbed operating system calls for an encryption subsystem, known as the CryptoBox, to handle secure operations, current versions of the Cortex-M processor that are most likely to run it do not have as standard the hardware elements needed to guarantee that the processor can boot up securely and maintain a root of trust for the software infrastructure.
“There are some roadmap items that will show up over time,” said Krisztián Flautner, general manager of ARM’s IoT operation. “We have approached this from the API point of view. You do need mechanisms to support APIs and you need secure areas. But we’ve invested in defining these boxes to get a high degree of certainty that things will work. We are rolling this out in a fast way. We are talking to partners about it and we have early code. The question is how to roll it out to SoCs. But we think it’s important to have a proper security foundation [for the IoT].”
The Mbed operating system for IoT nodes is designed to consume less power than traditional real-time operating system (RTOS) software. “In the 1990s, the processor was the scarce resource. You had to time-share the processor and it was a very processor-centric model. Today even on those tiny embedded chips we have immense computing power. Instead, the scarce resources today are energy and productivity. Mbed is not a hard real-time operating system. But it’s energy efficient and productive.”
Unlike a conventional RTOS, Mbed OS does not allow tasks to pre-empt each other. Instead, a task is allowed to complete its work before it yields control. This is meant to sidestep the problem of various power domains being activated and put to sleep again frequently because different tasks need different pieces of hardware. The OS also does not use regular timer interrupts – the processor is expected to only wake up if events need to be handled. Because of this approach, ARM calls the Mbed OS “event based”.
Although not constrained to talk only to the ARM server software – Muller stressed the communications are based on existing protocols – the company has designed the companion Mbed Device Server to hide many of the implementation difficulties of building applications that talk to devices that only join the network intermittently because they are powered-down most of the time. In contrast to the free Mbed OS, the Mbed Device Server will be paid-for software.
“We are trying to drive an industry but we are also trying to drive ARM’s business,” Mike Muller, ARM CTO said. “And the royalty model is how we like to do things.
“The Mbed Device Server is free for development. But we require a licence for commercial use. It allows you to use open web standards for development, and translates into the web standards that are useful for constrained devices. You can run it where you want, whether hosted on a cloud platform, or run it in your own server rooms,” Muller said.
Muller explained “periodic connectivity…is not what an applications developer wants to hear. With the server, you can talk to the device as though it’s there even when it isn’t. And you talk to devices behind a firewall”.
Flautner said: “We see the need to do this because there aren’t these components out there.”
Mikko Saarnivala, director of technology, said the server software has been deployed in trials by a couple of customers, with one system being used to manage streetlights and another handling smart meters.