At Arm, we have a unique perspective on the infrastructure market, which is that it's built to enable and serve the billions of connected devices that we use every day. Increasingly these devices form part of an Internet of Things (IoT) which will collect data and use analytics to drive process improvements and optimizations to everything from agriculture, smart cities, industrial sites and transportation.
A key challenge to the IoT is security. Back in 2017, Arm announced the Platform Security Architecture (PSA) which is transforming the economics around security for constrained IoT devices. Security is fundamentally a cost trade off: You are never 'done', so how much can you spend to defend against attackers? By providing security requirements, architecture, reference software and a compliance scheme we are amortizing that cost over a huge ecosystem, improving security for everyone.
The Platform Security Architecture provides a security framework and independent certification scheme through PSA Certified.
But the device is just the starting point. It is not possible to process all of the data generated by IoT on the endpoints, nor is it possible to back haul that data to the cloud. We estimate that only 500M image sensors would saturate all near-future edge network capacity, let alone the back haul capacity to the cloud. This means that a new compute point must emerge, where the metric that matters is how much analytics throughput you can accomplish within proximity to the data, and that means operating outside of the (secure) data center. Since this compute tier is processing the data, it must be secure and as it emerges, we are seeing companies stepping up and working to define software abstractions and models that put compute applications into the heart of the edge deployed devices. We see our role in building the platform for that innovation and ensuring that it is built on the same robust secure foundations as the devices.
Today, we are publishing a white paper that sets out our vision for the 'Infrastructure Edge' and how we are planning to provide resources which will allow you to use PSA in this emerging segment, including security requirements, architecture specifications and reference software. This white paper was created with feedback from our key partners, which we're incredibly grateful for. We're still open to more feedback, please see the white paper for details to get in touch so that we can evolve our plans to meet your needs in secure deployment of IoT.
At Arm TechCon, I'm presenting with Docker's Adam Parco covering some work we've been collaborating on in the security space. Arm chose to work with Docker because they are one of the developer tools of choice for deploying their software, and they had a strong customer need for accessing Root of Trust (RoT) services on a wide range of devices and development environments. We have a longstanding collaboration with Docker and recently they announced support for native Arm container building on a laptop using the Docker Desktop tooling.
Adam and I will be presenting PARSEC (Platform Abstraction for SECurity) which is a micro-service that surfaces the PSA APIs on an infrastructure edge platform. The PSA APIs are modern, developer and multi-language friendly, open source and familiar to constrained IoT developers. PARSEC provides abstraction so that different root of trust service implementations (for example a secure element like a TPM, a trusted application in a TEE such as Arm TrustZone) can be targeted and used at different points of a developer lifecycle. PARSEC also does attribution so that multiple applications and runtimes can use the hardware security capabilities of a device.
In the early stages of doing this work with Docker, it has become clear through both of our partner conversations that there is broad interest in having a solution like PARSEC for the industry. For this reason, we have decided to open up the design and early prototype under an Apache v2 license, with a view to eventually seeding a community project. We're excited to collaborate to add support for new applications, or new capabilities in hardware. PARSEC is part of a portfolio of reference Open Source Software we are building around PSA, which includes Trusted Firmware for the A-profile architecture.
By open sourcing the project, it will allow PARSEC to align and add support to related open source projects. Arm is working to ensure that PSA aligns with other industry standards and open source projects relevant to the infrastructure. To this end, we recently joined the Trusted Computing Group and the Confidential Compute Consortium as a founder member.
This is just the beginning of Arm's efforts to secure the emerging infrastructure edge market, watch this space as things mature. If you'd like more information about our efforts, read our new white paper: Why Security for the Infrastructure Edge is So Important.
Read our Security for the Infrastructure Edge white paper