Accelerating the deployment of secure IoT: From chip to cloud

A great deal of cyber ink has been spilt on the subject of Internet of Things - on the promise, the hype, the frustration that it’s not quite there yet. The entire concept of IoT combines sensory, connected embedded intelligence with an enhanced learning in the cloud to deliver increasingly intelligent services in increasingly diverse fields.

This connected embedded intelligence is already an integral part of people’s lives at various levels. At a personal level – where devices or widgets can do substantially more insightful analysis. At an industrial level, with smarter control and automation. And finally, at a societal level – where it’s not just smarter cities and buildings, but a capture of anonymous - yet relevant - data that can help point to trends, efficiencies to make all our lives better.

15 billion ARM-based chips shipped from sensors to servers in 2015

IoT today, runs on ARM. Over 15 billion ARM-based chips shipped last year, from all points in that spectrum, from the sensor to the server. For the IoT experience to deliver its its next transformative shift, the industry needs better efficiency, greater security and the ability to deliver scale for every portion of the supply chain - from device to software and service.

ARM has introduced the industry’s most comprehensive offering of scalable, secure, efficient technology for the next phase of the IoT, enabling fast and secure deployment from chip to cloud. ARM and its ecosystem are ready to deliver the breadth of technology that will change billions of lives for the better.

Introducing a faster route to a secure IoT from chip to cloud

ARM’s new IoT technologies (announced here) work seamlessly together for rapid deployment IoT solutions and services. This is particularly in constrained nodes, where deployment often outpaces that of the smartphones they often connect to.

This consists of a number of firsts:

The new Cortex-M processors – Cortex-M33 and Cortex-M23

Licensed by the majority of the top 10 global MCU suppliers and backed by the world’s #1 embedded ecosystem, Cortex-M23 and Cortex-M33 are set to become the processors of choice for microcontrollers. These are the first processors to be based on the ARMv8-M architecture, and bring TrustZone security to even the smallest of Embedded devices, as thomasensergueix shares in Cortex-M23 and Cortex-M33 - Security foundation for billions of devices. TrustZone for ARMv8-M provides a standard on which secure software and secure debug solutions can be more easily developed, further enhancing the range of security software and tools available within the Cortex-M ecosystem. Learn more about TrustZone technology.

Cortex-M33: Efficiency, security and flexibility

The general-purpose 32-bit MCU processor of choice for secure embedded applications

The Cortex-M33 core will be the general-purpose 32-bit MCU processor of choice for secure embedded applications. It is 80% smaller than the ARM Cortex-A5, the smallest TrustZone-capable processor before now. It is also highly versatile – a single processor, spanning wide capabilities. It provides configurable support for TrustZone, DSP, and floating point computation to support advanced audio and connectivity stacks. Its new co-processor interface enables tightly-coupled custom processing to be added, while retaining all of the benefits of a vibrant tools ecosystem. diyasoubra explains more here: Five key features of the ARM Cortex-M33 Processor.

Cortex-M23: Security in the smallest footprint

Built for small, energy-sipping IoT and embedded products

Cortex-M23 is even smaller - in fact, 75% smaller than the new Cortex-M33. It is also 50% more efficient than Cortex-M33, meaning that it can run on even less energy and for even longer. It is built for small, energy-sipping IoT and embedded products. It extends the capability of the smallest, lowest-power devices, providing security, enhanced efficiency, performance and scalability for deployment even in the most constrained contexts. Tim Menasveta explains more here: Five key features of the ARM Cortex-M23 Processor

CoreLink SIE-200: System IP for embedded

Providing manufacturers with a single solution that can be used across multiple markets

Security requires not just a CPU, but a system solution. CoreLink SIE-200 system IP for embedded provides IP blocks built on top of the AMBA 5 AHB5 interface that extends TrustZone security to the system. The configurable interconnect and TrustZone controllers provide a hardware-enforced isolation between secure and non-secure applications and can support multiple system architectures, enabling designers to tailor each design to suit a specific application.

TrustZone CryptoCell-312: Enabling platform security

For fast boot times and a smooth, responsive end-user experience

CryptoCell-312 enhances the offering to make it a comprehensive security solution, serving a variety of use cases and allowing the supply chain to establish trust in a broad spectrum of power and area-constrained devices.

It augments TrustZone and is an order of magnitude faster and more secure than software-only based solutions, which are essential both for fast-boot times and for consuming less energy in these energy-sipping devices. Together with TrustZone, CryptoCell-312 can enable platform security, with capabilities such as true random number generation, key management, secure boot and various roots of trust. You can learn more about TrustZone CryptoCell technology in this webinar.

Cordio radio: Flexible, portable and design-ready

Part of the ARM family of standards-based, low-power wireless IP solutions

ARM Cordio radio IP extends support for the new Bluetooth 5 standard and 802.15.4 on which the fast growing Zigbee and Thread devices are based. It’s a comprehensive solution - providing a low-power RF to software stack solution supported on multiple foundries and nodes. It’s a new, flexible, configurable architecture that enhances it’s signature energy-efficient sub-one-volt radio. philippe_bressy shares more in his blog ARM Cordio radio IP: Flexible Bluetooth 5 and 802.15.4 connectivity architecture for IoT edge devices.

Artisan IoT POP IP: Optimized implementations

Simplify SoC design and implementation; reduce time from silicon to device enablement

ARM IoT POP IP accelerates the implementation of IoT SoCs via physical IP and reference designs with the know-how to develop a design that has optimal performance with minimum area. Design teams will be able to balance the twin requirements of low leakage and dynamic power within the processor domain, always-on subsystem and the rest of the system. The IoT POP IP has been designed for use with Cortex-M33 and CoreLink SSE-200 at TSMC 40ULP, with an easy-to-use reference design that outlines the necessary physical IP, as well as layout suggestions for optimal power profiles.

CoreLink SSE-200 subsystem: Pre-integrated hardware and software

Everything a system developer needs to make configuration and implementation easier

Bringing it all together, the CoreLink SSE-200 subsystem for embedded is the foundation on which SoC designers will build a new generation of secure IoT products. It has been tested and pre-integrated the Cortex-M33 processor, CoreLink SIE-200, Cordio Bluetooth radio, TrustZone CryptoCell-312, Artisan IoT POP IP, as well as the mbed OS and Cordio radio software stacks.

To ensure fast integration of the subsystem in a SoC, a set of scripts and manuals make configuration and implementation easier. Since CoreLink SSE-200 is a fully verified IP, there is no need to spend expensive verification time on checking its internal behaviour; designers can focus on the design tasks that add real value to their application.

Scaling connected deployment: The device management conundrum

As IoT projects scale further, IoT players – 86% of them – believe that device management, i.e. the detection, connection, provision and operation devices at different times in their product lifecycle, is a key obstacle to success. ARM’s familiarity with end devices and the embedded ecosystem puts us in a unique position to solve this problem. Built on the virally successful ARM mbed IoT Device Platform, mbed Cloud is a device-side cloud, independent of analytics, offering the capability to securely manage any device with any data cloud.

mbed Cloud consists of packages that allow developers to simplify the challenges in securely connecting, provisioning and updating devices from end-to-end.

Over 1 million compiles per month and a developer community of 200,000 globally

mbed Cloud allow enterprises to:

  • Connect the devices together irrespective of a particular IP connectivity technology. Being standards-based, it implements CoAP, LWM2M+ (plus) and provides additional optimizations for efficient caching of devices in the networks
  • Identify and trust devices across different stages of their lifecycle
  • Orchestrate how different trusted parties and devices can access sensor data
  • Simplify how devices can be updated across mesh or star networks with firmware
  • Ensure that such updates are done in a fail-safe and energy-efficient manner

Device-side capabilities are enhanced with mbed OS 5, the new Platform OS built for IoT that brings 10x increase in developer productivity. It boast of over 1 million compiles per month and a developer community of 200,000 globally. Discover more about the mbed Cloud here.

Get latest version of mbed OS v5.2 on www.mbed.com.

IoT Unbound

ARM’s IoT offering allows start ups, OEMs, service providers and even experienced Silicon vendors an optimized, secure starting point that mitigates risk and accelerates time to market. The mbed Cloud offering delivers a similar critical ingredient service platform on which a lot of value added IoT services can be delivered. Just like TrustZone added security with a standard API simplifying and broadening the use of security, similarly TrustZone for ARMv-M and mbed Cloud deliver platform to scale solutions and services to deliver on the promise of IoT

Find out more!

I’ve mentioned each of these new technologies briefly, but watch this space over the coming weeks and months as we go into more detail on how each one is well-suited to delivering a secure IoT.