Watch now: How to protect your systems with Arm CryptoCell

Yesterday we ran our live webinar covering our Arm CryptoCell technology. We covered how attacks on devices are becoming more sophisticated and the impact this has on your security solution. We also gave viewers an introduction to platform security and the benefits of hardware-based security. We learnt how security delivers improvements on power and performance, whilst offering new use cases and business models. Thanks to everyone who joined us for the webinar, we had a great attendance and some insightful questions.

If you missed the webinar the good news is that you can still catch up, just click the link below. Keep reading to catch up on some of the questions you may have missed.

Watch webinar

If you are interested in other security related webinars, check out:

Meet the Experts: Arm TrustZone - understanding system security -webinar

How to Build Trust and Security into your Embedded Device -webinar series

What use cases do you see for security in IoT?

We see that use cases are split into two categories:

  • The first is horizontal security services that are applicable everywhere and are application agnostic. These are aimed at protecting brand-name and protecting the R&D investment from different stakeholders.
  • The second use case refers to specific security needs. This could be the protocols of certain home automation ecosystem that prescribes specific crypto constructs and specific assets to protect, or a payment scheme requiring certain processing over a datagram.

Can you use CryptoCell without TrustZone?

Yes, CryptoCell can be used with any execution environment capable of running code (for example a processor dedicated for security tasks or even the main application processor). The decision of where to execute the CryptoCell code from (i.e. security related SW) should take into consideration both PPA and threat model considerations.

We believe the combination of CryptoCell with TrustZone isolation technology (for both Cortex-A and Cortex-M CPUs) provides an excellent “operation point”, addressing many use cases.

If I implement CryptoCell does this mean I won’t get hacked?

Unfortunately, such guarantees cannot be made. At the end of the day, the robustness depends on the threat model that is addressed (and mainly – what is not addressed within the assumptions constructing the threat model) and how well designed, tested and reviewed the system is. As there is lots of code going into today’s devices, it is almost impossible to assure there are no flaws through which hackers can gain privileges they were not supposed to get. However, within the applicable threat model (i.e. a reasonable set of assumptions on the attackers funding and expertise), CryptoCell can assure the security of critical assets and operations.

Real randomness plays a big part in security. How do you address that?

The ability to provide an unpredictable stream of bits or numbers, is important for multiple security needs. This includes generation of keys or assuring that stale messages are not being replayed over a communication channel. Nowadays there are different sources of entropy and different ways to extract entropy from a given source. In the CryptoCell case the TRNG is completely digital and made out of standard library cells. When it comes to entropy, some standards require “the statistical behaviour of the digitized noise signal to be inconspicuous". Others omit this requirement for perfect statistical properties of the generated data and emphasize the entropy contained in that data and how to extract it. CryptoCell offers support for different standards and drafts like the NIST800-90B draft and the German AIS-31 standard.

The IoT ecosystem is quite fragmented, and in many cases there are no relationships between the suppliers (chip vendor and a module maker or a device maker). How can trust be established in such cases?

This is a very fragmented ecosystem and different organizations are involved in the creation of a device and a service, these organizations often don’t even know each other, let alone trust each other. However, they still own execution environments and assets on the final device. Naturally these organizations want to protect their assets, against the other parties involved in forming the device. Arm allows secure multiple ownership of assets in CryptoCell, by having multiple sets of roots of trust, owned by different entities. Let’s take debug as an example - the scheme we support allows separation of debug and access rights, where one entity cannot grant debug rights related to domains and assets belonging to another entity. In this example, an OEM can own the execution space where market applications execute and a chip vendor can own the execution environment running the communication stacks.

Can I use CryptoCell-3xx for larger designs as well?

Yes, larger SoCs tend to have “control plane” security needs as well (for example - not only data intensive use cases) and CryptoCell-3xx can be used in that context. As both families of CryptoCell - the 300 aimed at efficiency and the 700 aimed at performance – offer the same set of services, they are interchangeable, based on the desired performance grade.

Can only Cortex-M cores be used for IoT and Cortex-A cores be used for client and server systems?

Although this does seem a fit for the different profiles, there is enough variance in the Cortex-A families and Cortex-M families to ensure there is overlap. A good example of this is the Cortex-M7 processor, which has a cache and a good PPA. This processor may have the required performance for some wearable devices, equally as much as the lower end Cortex-A processors such as the Cortex-A5 or Cortex-A32 processors.

You mention the RTOS available in the IoT space as the mbed OS and uVisor, are there any examples of TEE for the Cortex-A processors?

Yes, there are a number of Trusted OS’es available for Cortex-A processors, there are open source developments such as the Linaro OP TEE (Open source TEE), as well as commercial TEEs such as the TEEs from Trustonic and Sierrawear. The development of TrustZone systems is bringing a lot of TEE’s from many vendors.

Anonymous