Arm expects there to be over one trillion connected devices by 2035, and every one of them is going to need security.
The characterization of what is, and isn’t, an embedded system has been debated since the inception of the name. An early definition was, "An embedded system is one you don’t even know is there... until it stops working." This way of thinking colored many aspects of embedded systems, such as security, for example. For a long time, the fact that a system was "embedded" was taken to be tantamount to the fact that no one could access it, which therefore meant it was ipso-facto secure.
In these days of the Internet of Things (IoT), Industrial IoT (IIoT), and Artificial Intelligence of Things (AIoT), in which everything is connected to everything else, either directly or via the cloud, the term "embedded system" is largely synonymous with "IoT Device," nothing can be assumed to be secure, and everything has to be guaranteed to be secure.
The reasons for implementing security are well known. We are surrounded by applications that collect, store, and analyze data, both personal and commercial. We accept this as "the cost of doing business" because we enjoy the benefits that ensue, but we also demand that our data is kept secure. The cost of a security breach can be crippling, both financially and in terms of reputation. If an individual or a business feels that the device manufacturer or service supplier cannot be trusted to keep their data secure, they will take their business elsewhere.
The number of devices connecting to the Internet each year is growing at an exponential rate. In fact, Arm expects there to be over one trillion connected devices by 2035, and the one thing each of these devices is going to need is security. As a result, the developers of embedded and IoT systems are caught between a rock and a hard place. They already have multiple challenges regarding development time and cost, coupled with shrinking time to market windows and decreasing product life cycles. On top of this, they now have to ensure that their devices are secure, and that these devices will guarantee the security of any communications with applications running in the cloud.
The problem is that security is complex. For many developers, it's not completely clear what security is or how to implement it correctly. Fortunately, solutions are available to allow developers to secure their embedded and IoT devices from endpoint to cloud using commercial and open source tools.
Scaling Up IoT Device Development
Today, most designs start with low-cost evaluation boards utilizing reference designs that are based on open-source software. For rapid IoT device development, scaling of these reference designs to cost-optimized and resource-constrained high-volume production is critical. An effective, flexible, easy-to-use software development process is paramount, as engineers will need to optimize, extend, and validate complex software stacks that implement the overall device functionality while maintaining security. A simplified view of the basic software components in a secure embedded system or IoT device is depicted in Figure 1.
Simplified view of the basic software components in a secure embedded system or IoT device (Image source: Arm)
The HAL provides an abstraction layer to the processor and peripherals with hardware-specific configurations. The RTOS provides thread and resource management. The secure network interface provides an encrypted Internet connection using an appropriate interface (e.g., Ethernet, WiFi, low-power radio). The cloud connector is a protocol interface to the cloud solution provider. And, sitting on top of everything, the user application provides the bespoke functionality of the system.
All these various software components are created and maintained by different vendors with teams in various geographic locations. The challenges for the embedded software engineer are to migrate a software reference design from the original evaluation platform to bespoke production hardware; to optimize the resource use to minimize system cost; to manage the various software components over the product lifecycle; and to verify the functionality and security of the complete system.
To address the issues associated with developing and productizing secure embedded systems and IoT devices, Arm has been instrumental in creating standards, tools, and design flows that help developers create secure products faster. Two such initiatives are the Cortex Microcontroller Software Interface Standard (CMSIS) and the Platform Security Architecture (PSA).
CMSIS is a vendor-independent hardware abstraction layer (HAL) that dramatically simplifies software re-use and reduces the learning curve for new software developers. Originally introduced for use with Arm Cortex-M based microcontrollers, CMSIS was later extended to support Cortex-A5/7/9 cores and peripherals. Today, Cortex-M and Cortex-A-based devices from major chip vendors, such as NXP, Microchip, and Renesas, take full advantage of the capabilities offered by CMSIS.
Complementing the CMSIS is the PSA, which is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open-source firmware reference implementation. The PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level. This helps embedded developers to get their designs securely deployed in the field faster.
Furthermore, Arm collaborates with cloud suppliers, like Amazon Web Services (AWS), to further simplify embedded system and IoT endpoint device development. The development process is supported by various software tools ranging from open source to professional commercial offerings. This gives engineers choice while providing all the tools that are required to achieve the stringent security and verification that is becoming mandatory in today's designs.
See it as a live demonstration at Embedded World at Hitex, Hall 4 / booth 360.