Arm plans secure reference architecture for Cortex-M
Arm is putting together a security framework that the company is assembling to support, at least initially, IoT devices based on the Cortex v8M architecture.
Ian Smythe, senior director of marketing programs at Arm, said: “The Platform Security Architecture [PSA] is a foundational approach to security for the IoT, allowing the industry to deliver security at scale.”
The company expects to release a specification and reference implementation for v8M-based devices in the first quarter of next year to customers under NDA. The specification that covers the requirements for secure devices will not be released publicly, according to Rob Coombs, security marketing director in the IoT device group.
Smythe said although there is a wide diversity of device types and applications there is a need for a baseline of security in IoT in order to avoid introducing weak links. “While we have different implementations, they need to have the same rules and principles.”
Coombs said the intention of the PSA is to devise “a framework that can scale across all ARM processors. We are on a mission to make it quicker, cheaper, and easier to implement hardware-based, robust security”.
The PSA is built around four main components. One is an immutable device identity that can include but is not limited to physically unclonable functions. The identity needs to be verifiable and must not be changed after manufacture. The second element, according to Coombs is support for a trusted boot sequence.
The third requirement is support for secure, over-the-air authentication and, finally, the device needs to support certificate-based authentication to ensure that it connects only to authorized servers and peers – and that it can authenticate itself to them.
The initial implementation focuses on the v8M architecture and the recently launched Cortex-M cores in that family. However, support is likely to be widened out to v7 cores that have appropriate secure coprocessors. The implementation, Coombs said, will include “trusted firmware” supplied under an open-source licence.
As well as PSA, the company launched a cryptocontroller IP core and a secure debug controller that would allow encrypted access to authorized developers after a device has shipped without exposing internal firmware to attackers. Developers need to use signed certificates to gain access to debug channels on devices that use the IP.