The advent of the Internet of Things (IoT) is shifting the IT security paradigm from predominantly software-centric solutions to a trusted execution environment based on dedicated chips. The diverse world of IoT products spans from self-driving cars to kitchen appliances to garage door openers, so the exponential rise in the number of network access points makes it hard to manage security through software alone.
Unlike the current consumer and enterprise computing environments, where humans memorize access credentials like usernames and passwords, the IoT world operates in a highly constrained environment where sensors and other autonomous devices log in automatically with little or no human assistance. Hence, the IoT devices are required to authenticate themselves. Moreover, hackers and spoofs can exploit software bugs and access the encryption keys as well as other sensitive data that are stored in software in the memory area.
However, techniques like artificial intelligence (AI) and behavior analysis in security applications require more processing power to crunch data and make effective decisions before an attack does any damage. And all this asks for secure processors that can be embedded in the IoT devices.
1. AMD’s hardware security segments the CPU into secure and standard portions.
AMD, which introduced the concept of the accelerated processing unit (APU), incorporating a coherent memory structure for both the CPU and GPU inside the processor, is now taking another out-of-the-box approach to secure the processor. The company has a dedicated co- processor on its latest SoCs that’s extra secure and runs security functions while offloading them from the main CPU core.
AMD is integrating the co-processor for embedded and IoT applications by taking a system-wide approach to security. The co-processor creates a secure environment by partitioning the CPU into two virtual parts; the security-sensitive tasks run on the secure processor while other tasks are carried out by regular operation.
Here, AMD is taking a standards-based approach by leveraging the ARM TrustZone security ecosystem. That allows AMD to explore a large ecosystem of hardware and software partners. TrustZone is a hardware-based security technology that’s built into system-on-chips (SoCs) to help ensure secure end-points and the root of trust.
2. AMD secure processors integrate a dedicated security subsystem within an APU.
AMD has licensed the ARM Cortex-A5 core—integrating it inside SoCs alongside CPUs and GPUs—which is AMD’s entrée into the TrustZone capabilities. The Cortex-5 CPU core is generally used for entry-level and low-performance applications. But here, AMD isn’t using it as a primary application processor, but rather for implementing security features.
AMD initially introduced its secure co-processor in its notebook product lines. Now, the company offers it in its embedded and IoT products as well. Hence, AMD has a very robust toolbox at its disposal, one that combines software and hardware security, along with user training and behavioral analysis. Such innovative combinations will allow technological progress to continue in a secure fashion.
Colin Cureton is the director of embedded product management at AMD. He has more than 15 years of experience in the embedded industry, most recently, leading AMD’s embedded APU, CPU and GPU product portfolio and roadmaps. Colin graduated with a BEng (Hons) 1st Class in information systems engineering from Heriot-Watt University, Edinburgh, Scotland.