Originally posted on Arm Newsroom, and written by John Goodenough - Vice President of Technology Standards and Collaborations, Arm Research.
Intelligent technology has permeated almost every aspect of our lives, revolutionizing healthcare, transportation, and our daily interactions. It is also dramatically expanding the attack surface for hackers. Annual losses from cybercrime are now approaching $6 trillion with 44 attacks occurring every second. With an ever-evolving threat landscape, which includes the need to protect against supply chain and side channel attacks, the benefit of implementing security solutions that protect IoT devices is clear.
However, the complexity of Secure SoC device design, along with multiple challenges in integrating software with Secure hardware, means it is often difficult and time consuming to incorporate security measures while still meeting overall application power and performance objectives.
To address these challenges, Arm Research is working with the U.S. Defense Advanced Research Projects Agency (DARPA) on the Automatic Implementation of Secure Silicon (AISS) program. The four-year AISS program sees Arm Research work as part of a consortium delivering workflow methodologies and the associated design and tool suites. This allows a device integrator to achieve power, performance, area, and security (PPAS) objectives at lower non-recoverable engineering (NRE) costs. The program aims to allow developers to increase their productivity by exploring economic trade-offs, such as power consumption, area, and performance, specific to their application and intent with security designed in.
The work Arm Research focuses on covers three key components: a secure extensible reference platform, a secure verification, and implementation reference flow and a fully attested device management workflow supported by an associated design and provisioning infrastructure. Together these components deliver a secure SoC design, and device provisioning and management by automating the process of incorporating scalable security mechanisms into the chip design, including future cloud-based design.
Meeting DARPA’s program objectives requires a collaborative technology ecosystem working together to deliver a deployable, and well-supported integrated solution of this complexity. Arm is collaborating with Synopsys to ensure all parts of the solution are developed to a common set of SoC architecture, integration workflow, device manufacturing and provisioning assumptions.
We will also be working with several of our academic collaborators to push the envelope of what is possible in areas of extensible secure platform architecture, novel introspection and obfuscation techniques to enhance device security. These include:
Looking ahead, we hope to integrate the outcomes of this research program directly into our own product development, embodied in Arm Corstone and the Arm CryptoIsland family of products. By anchoring Arm contributions alongside those of key ecosystem partners, we can help customers realize compliant SoC devices readied for deployment into secure service solutions.
Arm is constantly looking at better ways to secure devices from chip to cloud, and has a broad program of security innovation underway, from the Platform Security Architecture (PSA) framework to IP protecting against a large spectrum of attacks. Arm Research is also involved in a range of critical security initiatives, including the UK government’s ‘Digital Security by Design’ program.
The AISS program extends Arm’s end-to-end approach to security and will complement its technology including Arm Pelion Device Management, which covers the full lifecycle of a secure SoC device. It also takes us another step closer to a world of a trillion connected devices by improving device security, and ensuring future technology has security built from the ground up. For the IoT to scale, security must be prioritized, and Arm is proud to be playing an essential role in catalyzing the ecosystem to ensure IoT reaches its full potential.
Learn more about AISS
This research was, in part, funded by the U.S. Government. The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the U.S. Government.