Arm aims to bring protection against physical tampering and side-channel attacks into processor cores designed for IoT nodes, starting with one of its M-series designs.
The Cortex M-35P will come with a portfolio of options that are intended to fend off typical invasive and non-invasive attacks. Asaf Shen, vice president of security marketing at Arm, said: “Physical attacks are getting easier and cheaper.”
The M35P makes use of techniques for anti-tamper protection that it has used in previous implementation of its SecureCore designs used in smartcards. The tamper protection is on top of the existing M-series’ Trustzone software-isolation scheme and include support for parity checks on internal buses to detect the consequences of induced faults.
According to the company, it has IP to support non-invasive tampering such as clock and power glitching, as well as more invasive techniques that involve probing a decapped IC. A spokesperson for Arm said:
“On the Cortex-M35P side, there are many different internal checks built into the operation of the processor that either prevent or report an invasive attack. The chip architect is supposed to design the system such that it reacts to the indications from the processor and responds accordingly. For example, if the parity check fails then it could be that the the chip erases memory and resets.”
The company claims to have a novel approach to dealing with side-channel attacks on protected versions of its CryptoIsland and CryptoCell IP cores. Shen said: “This is quite different to some of the traditional approaches.”
Rather than employ countermeasures based on disguising activity under artificial noise or using symbolic analysis to flatten the differences between types of operation, ARM has focused on the power supply to the core. The company’s spokesperson claimed: “Arm’s technology protects against [side-channel attacks] by creating a secure power domain and changing the way the power is delivered to the protected blocks. This is implemented using standard EDA tools, processes, and design methodology.”