This was a big week for both Arm and IoT, as Nordic announced the upcoming release of the nRF9160 System-in-Package (SiP), which is the very first chip to implement the Arm Cortex-M33 processor and Arm CryptoCell-310. It’s the first of Nordic’s upcoming nRF9160 Series – a highly-integrated, low power, global multimode LTE-M/NB-IoT System-in-Package (SiP). By combining hardware-enforced security with LTE-M/NB-IoT cellular connectivity, Nordic is helping pave the way for the deployment of secure IoT solutions at scale.
The nRF9160 takes security for low-power IoT devices to new heights by using a cutting-edge security solution for the hardware and software – enabled by the combination of an Arm Cortex-M33 processor and Arm CryptoCell-310 security IP. The integration of this security solution with the radio in the nRF9160 SiP will enable an entire low-power cellular IoT application to be implemented in a single package.
In Nordic’s words:
"The nRF9160 SiP is based on Nordic’s own nRF9160 Series low power cellular IoT System-on-Chip (SoC). Jointly developed by Nordic’s highly experienced cellular design team in Finland, and low power experts in Norway, the chip is developed from scratch to realize the power, cost and size savings enabled by the new LTE-M and NB-IoT cellular standards. The chip features an unprecedented level of integration by combining a multimode cellular modem and transceiver as well as a host processor, flash memory, RAM and power management on a single chip."
The built-in host Cortex-M33 processor features TrustZone for Armv8-M, helping secure application data, firmware and peripherals using an isolated, trusted execution environment across the CPU and system. Arm CryptoCell-310 provides a comprehensive set of cryptographic and platform security services, which is compliant with major security standards bodies. This solution provides an efficient security foundation, and reduces size, Bill-of-Materials (BOM) and power consumption versus using an external host processor.
Figure 1: The key features of the Arm Cortex-M33 processor
The Cortex-M33 processor is set to become the general-purpose 32-bit MCU processor of choice for securing embedded applications. It is 80% smaller than the Arm Cortex-A5, the smallest TrustZone-capable processor before now. It is the first full-feature implementation of Armv8-M with TrustZone security technology and digital signal processing capability. The processor is versatile, supporting a large number of flexible configuration options to facilitate deployment in a wide range of applications. It also offers a dedicated co-processor interface for accelerating frequently-used, compute-intensive operations, while retaining all of the benefits of a vibrant tools ecosystem. The Cortex-M33 delivers an optimal balance between performance, power, security and productivity.
A vast number of OEMs that previously used a Microcontroller (MCU), together with a separate proprietary, dedicated Digital Signal Processor (DSP), are switching to a single, high performance Digital Signal Controller. The Cortex-M33 is one of Arm’s Digital Signal Controllers, along with the Cortex-M4 and Cortex-M7 processors, to address the need for high performance generic control functions, as well as digital signal processing. This means systems can efficiently process algorithms, yet leverage the advantages of the Cortex-M 32-bit processor family.
To accelerate software development, Arm also delivers a free DSP library in the CMSIS project. The library contains a range of filter, transformation and maths functions (e.g. matrix), and support a range of data types. The CMSIS project is now open source and the development is published in github. Learn more about Arm DSP extensions for Cortex-M here.
Figure 2: A versatile DSP ecosystem for Cortex-M
One of the key features of the Cortex-M33 is the dedicated co-processor interface. This is the first Cortex-M profile processor to offer such an interface that extends the processing capability of the CPU. This new Cortex-M33 co-processor interface is designed to:
For certain applications, tightly coupled special-purpose compute accelerators can make a dramatic difference for power and performance. Yet, it is essential that this is done in a way that maintains all of the benefits of the world’s #1 ecosystem with the widest choice of development tools, compilers, debuggers, operating systems, and middleware. This is what is great about Cortex-M33 and the Arm ecosystem – it saves developers time and cost, and increases productivity.
One example of where this co-processor interface is useful is with a smart sensor, which uses specialised filtering to process the sensor data. These can be processed in software within the CPU, but for frequent, complex operations, custom acceleration integrated via the co-processor interface can be faster and more efficient.
For more on the Cortex-M33, see Diya Soubra’s blog: The 5 key features of the Cortex-M33 Processor.
As well as being equipped with Armv8-M with TrustZone security technology, the Cortex-M33 processor is also Platform Security Architecture (PSA) compliant. PSA is the first common industry framework for building secure connected devices. PSA is a fundamental shift in the economics of IoT security, enabling ecosystems to build on a common set of ground rules to reduce the cost, time and risk associated with IoT security today. For more information on PSA, see the press release: A Common Industry Framework for Protecting a Trillion Connected Devices.
Arm CryptoCell is a complementary product to the Arm TrustZone technology, helping to fortify device security. Arm TrustZone provides isolation to create a secure execution environment, which helps to prevent vulnerabilities in one execution environment, being exploited to gain access into another. Arm CryptoCell goes beyond software isolation, to provide hardware-based security, including additional roots of trust and security mechanisms.
Fig 3: the relationship between Arm TrustZone and Arm CryptoCell
The Arm CryptoCell family is split into two categories, the CryptoCell-700 family is geared towards high-performance, Cortex-A systems, but the Arm TrustZone CryptoCell-300 family is perfectly positioned for the IoT market. It offers high-efficiency systems with emphasis on small footprint and low power consumption. The solution has been designed to get security right, leaving developers the time to focus differentiating your product. This easily integration approach saves you tens of man years, as it’s already optimized to work with Arm IP.
The CryptoCell-300 family offers a complete set of cryptographic and platform security services, designed to target multiple threats. CryptoCell addresses the control and scheduling aspects, data interfaces, cryptography (symmetric and asymmetric) and the various security resources, which turn a cryptographic accelerator into a security solution. The security resources domain is where platform security elements are enabled, including code and debug authentication, secure storage, key provisioning and in-field feature enablement.
Fig 4: the components of an embedded security solution
In short, the combined features and functionality of the Arm Cortex-M33 and the CryptoCell-310 increase developer productivity and allow them to deliver more complex solutions in a shorter period.
Nordic’s leading-edge nRF9160 SiP makes security and LTE-M/NB-IoT cellular connectivity accessible to the extensive base of Cortex-M developers whose creativity and vision will fuel the momentum towards a more connected, more intelligent, and more secure world.
The future is here. Now it is getting into the hands of embedded developers.
Learn more and get started with the Cortex-M33:
[CTAToken URL = "https://community.arm.com/processors/trustzone-for-armv8-m/" target="_blank" text="Join the Arm TrustZone for Armv8-M Community" class ="green"]
Stay up to date with Arm Embedded breaking news and resources:
[CTAToken URL = "https://developer.arm.com/subscribe" target="_blank" text="Subscribe to the monthly Arm Embedded newsletter " class ="green"]