Arm Community
Arm Community
  • Site
  • User
  • Site
  • Search
  • User
  • Groups
    • Arm Research
    • DesignStart
    • Education Hub
    • Graphics and Gaming
    • High Performance Computing
    • Innovation
    • Multimedia
    • Open Source Software and Platforms
    • Physical
    • Processors
    • Security
    • System
    • Software Tools
    • TrustZone for Armv8-M
    • 中文社区
  • Blog
    • Announcements
    • Artificial Intelligence
    • Automotive
    • Healthcare
    • HPC
    • Infrastructure
    • Innovation
    • Internet of Things
    • Machine Learning
    • Mobile
    • Smart Homes
    • Wearables
  • Forums
    • All developer forums
    • IP Product forums
    • Tool & Software forums
  • Support
    • Open a support case
    • Documentation
    • Downloads
    • Training
    • Arm Approved program
    • Arm Design Reviews
  • Community Help
  • More
  • Cancel
Processors
  • Developer Community
  • IP Products
  • Processors
  • Jump...
  • Cancel
Processors
Processors blog New FIPS 140-2 certification provides time savings for Arm security partners
  • Blogs
  • Leaderboard
  • Forums
  • Videos & Files
  • Mentions
  • Sub-Groups
  • Tags
  • Jump...
  • Cancel
  • New
More blogs in Processors
  • DesignStart blog

  • Machine Learning IP blog

  • Processors blog

  • TrustZone for Armv8-M blog

Tell us what you think
Tags
  • CryptoCell-700
  • Security
  • Security IP
  • TrustZone
Actions
  • RSS
  • More
  • Cancel
Related blog posts
Related forum threads

New FIPS 140-2 certification provides time savings for Arm security partners

Udi Maor
Udi Maor
September 18, 2018

Security is a top priority for the technology industry, especially now that mobile devices are used for payment and hold valuable private information. With so much sensitive data flying around our devices, platforms and systems, it becomes more and more vital for device manufacturers to be able to reassure both customers and regulators that they’re doing everything they can to protect this data.

What is FIPS 140-2?

FIPS 140-2 is one of the many standards introduced to help provide this reassurance. Owned by the National Institute of Standards and Technology (NIST), FIPS 140-2 specifies Security Requirements for Cryptographic Modules. Some items covered by FIPS 140-2 include:

  • the proper ways to handle sensitive encryption keys (e.g. disk encryption keys); and
  • the allowed algorithms for encrypting and authenticating code and/or data (for example, prohibiting the use of deprecated algorithms, which were found to be too weak).

As an IP provider, silicon designer or OEM, you are expected to identify the services your product is offering to customers, and then test these services against a specific set of rules set by the standards body.

What Arm is doing with FIPS 140-2

With this in mind, Arm took CryptoCell-712 through the FIPS 140-2 certification process, ensuring that certification is something partners can get directly from Arm before beginning their own engineering efforts. This means that with Arm IP, not only do partners get the best in class for hardware, software and firmware, they also get a pre-certified security sub-system that allows them to cut out years of engineering effort and get their products to the market faster. Moreover, Arm offers a comprehensive certification package including documentation that is free to reuse, as well as best practices on how best to utilize our certification for specific needs.

Arm CryptoCell FIPS certification boundaries

The certified services offered by Arm (full list available on the NIST website, notably table six) are much more than just crypto primitives – usable platform security services such as code loading (a.k.a. Secure Boot), authenticated debug, secure timer and others have all been included. Silicon designers or OEMs would be able to reuse these certified services as part of a more complicated feature that they want to certify, for example, user authentication required by an enterprise’s BYOD policy (see figure 2 for the high-level description). The comprehensiveness of this certification could also come in handy in case the plan is to certify the entire Trusted Execution Environment (TEE), such as one built around TrustZone.      

Processes running on Android device  

Huge savings and added reassurance

By joining the Arm ecosystem, all of our partners from SIPs to OEMs can capitalise on the efforts we’ve made to simplify the certification process, bringing huge savings to the customer and an added level of reassurance right down the line to the end user. This means that they can rest easy that their data has the best possible protection that the industry has to offer.

Learn more about Arm's security solutions

Anonymous
Processors blog
  • Learning from StaffPad: How to deploy apps with the Universal Windows Platform

    Ben Clark
    Ben Clark
    This blog explores how StaffPad, a music notation app, was deployed on Windows on Arm devices through the Universal Windows Platform.
    • January 18, 2021
  • Time to get excited about the growing Windows on Arm Ecosystem

    Rahoul Varma
    Rahoul Varma
    This blog highlights the latest developments with the growing Windows on Arm ecosystem.
    • November 30, 2020
  • Parallel heterogenous computing for IoT-boards and nanocomputers with Armv8 and AArch64 hardware architecture

    Arthur Ratz
    Arthur Ratz
    Read this guest blog by Arthur Ratz about computing for IoT-boards and nanocomputers with Armv8-A and AArch64. This is a guest blog contribution from Arthur Ratz Build and run a modern parallel code…
    • November 20, 2020