IoT pushes Arm over the Edge: Mbed Cloud offers to grab gadget gateways
Plus: Magic stuff to spot people sniffing secrets from chips
TechCon Kicking off its TechCon engineering conference today in Silicon Valley, Arm announced a couple of things: Internet-of-Things gateway wrangling code, and some security measures to potentially prevent secrets leaking electrically from chips.
First, the Brit processor designer's gadget-controlling Mbed Cloud is getting a suite of features called Mbed Edge. This is supposed to run on gateway boxes that sit between equipment – such as sensors, factory machinery and other industrial gear – and the internet, allowing the devices to be monitored and controlled remotely via the gateways.
Obviously, such gatekeepers are crucial in keep potentially dangerous machinery secured from hackers and other prying eyes as well as interfacing the devices to IP networks and keeping them in check.
Mbed Edge is Arm's attempt, in software, to increase the resiliency of these guardians, with notifications of weird behavior, as well as providing an execution environment for applications so programs can continue to control the IoT devices if the connection to the management cloud fails, as well as provide some intelligence close to the gizmos and equipment.
The code can also talk to devices using non-IP protocols, from Modbus to BACnet, and route these communications over IP networks. Mbed Cloud is now available to customers, after being in a closed trial for a while, and if you want to try out the new Edge functions, ask Arm nicely, it seems.
Next, Arm reckons it has come up with techniques for system-on-chip designers and manufacturers to use to prevent miscreants from monitoring power consumption and electromagnetic emissions from packages and working out secrets, such as private keys. These SoC fortifications are supposed to thwart the sort of over-the-air snooping that routinely makes the headlines, it is claimed.
According to Arm:
At the SoC level, there are many classes of threats including those where attackers try to take advantage of the physical characteristics of the silicon implementation manifested during algorithmic execution. Today we’re announcing the availability of highly-efficient on-die threat mitigation technology designed to protect against threats including:
• Simple and Differential Power Analysis (SPA/DPA), where an attacker is trying to compromise confidential information (e.g. a secret cryptographic key) through various analysis methods of the power consumed by an integrated circuit (IC) during operation
• Simple and Differential Electromagnetic Analysis (SEMA/DEMA), where an attacker is trying to compromise confidential information (e.g. a secret cryptographic key) through various analysis methods of the electromagnetic field created during IC operation
The power and electromagnetic analysis mitigation technology relieves designers of the need to worry about this category of non-invasive attacks
This all comes as Arm announced blueprints for secure IoT devices, including a trusted firmware layer for 32-bit ARMv8-M microcontrollers. You can read more about the chip security and Edge announcements here and here, respectively. ®