The internet of things (IoT) holds many attractions as we continue connecting everyday objects to each other. But it also raises the spectre of security vulnerabilities. Chip design company ARM is addressing that today with a vision for how to protect a trillion connected devices.
ARM is proposing a common industry framework, dubbed the Platform Security Architecture, which defines a secure foundation for connected devices. It has gained endorsements from a variety of cloud, hardware, and chip manufacturing partners. While it’s a welcome idea, it’s also an acknowledgement that companies have rushed into providing IoT products without thinking about security in the first place. And this oversight has left consumers exposed.
ARM is building the new security technology into its ARM Cortex processors that are used in IoT applications, said company IoT executive Paul Williamson, in a blog post. He stressed that when it comes to security, no device should be left behind.
At the ARM TechCon event a year ago, ARM and SoftBank chairman Masayoshi Son announced his vision for a trillion connected devices by 2035. Ahead of TechCon 2017, ARM is talking about how it plans to secure those trillion devices.
“This trust will need to be earned while battling hackers who relentlessly seek vulnerabilities to find more entry points into our lives,” Williamson said. “This means that security cannot be an afterthought across all parts of the value chain from device to cloud.”
ARM expects to ship 100 billion chips by 2021. The company shipped 50 billion chips in its first 22 years, but it shipped that same number over the past four years, as demand for internet of things devices started to take off. That number will grow as more and more connected devices are created. ARM recognizes that IoT devices will be diverse and will come from different vendors, which is why some kind of common secure foundation is necessary.
The Platform Security Architecture (PSA) provides security analysis, hardware and firmware architecture specifications, and an open-source reference design for implementing the firmware specification, dubbed Trusted Firmware-M.
“PSA is a fundamental shift in the economics of IoT security, enabling ecosystems to build on a common set of ground rules to reduce the cost, time, and risk associated with IoT security today,” Williamson said.
ARM is initially targeting the Trusted Firmware-M at ARMv8-M systems, with source code release expected in early 2018. The company suggested that everyone needs to move faster to secure the internet of things.
“All parts of the value chain need to embrace the guiding principle that security can no longer be optional,” Williamson said.