Session ID: SFO17-304
Session Name: Demystifying Security Root of Trust Approaches for IoT/Embedded
- SFO17-304
Speaker: Suresh Marisetty
Track: LHG,LITE,Security
★ Session Summary ★
The current trend of IoT market segment is expected to enable and deploy about 50 billion connected devices by year 2020. IoT devices will be deployed across the board to cater to multiple use cases like Home/building Automation, Automotive, a highly fragmented embedded segment: gateways, set top boxes, security cameras, industrial automation, digital signage, healthcare, etc. This trend will bring about a great challenge of securing the connected end point IoT devices from a myriad of physical and remote attacks ex: DDOS Mirai botnet launched through IoT devices like digital cameras and DVR players
Problem Statement: Each use cases has its own IoT device constraints like: Cost, Power, Performance, memory footprint, security objectives, etc. The fundamental basis for any secure IoT and Embedded solution is the Root of Trust (RoT), which provides assurance of the integrity of the system software from: boot and runtime firmware, to OS loader, to the Kernel, to the user Applications. This poses a serious issue and challenges the one-size fits all RoT solution model.
ARM has taken on this challenge head on to come up with a microcontroller security architecture solution that caters to the various IoT devices constraints, by offering ARM Cortex-M family of processors. ARM’s flexible and scalable architecture solution will allow an OEM or Silicon partner to adapt the base security architecture and to extend it in a seamless way. This caters to the requirements of different market segments through add-on hardware, firmware and software security enhancements.
The session will present the ARM’s base security system and software architecture based on the upcoming Cortex V8M solution that will provide a hardware and firmware assisted Trust Zone based Security RoT aka TBSA-M for a range of markets, to include the highly constrained IoT devices. Furthermore, the session will discuss about how the base RoT capability can be extended in a seamless way with additional hardware assisted mechanisms to offer high levels of functionality and/or robustness for less constrained IoT devises with options like TBSA-M+, TBSA-HSM and platform level security software abstraction framework to decouple the chosen RoT capability for various OSes and the Cloud security frameworks.
---------------------------------------------------
★ Resources ★
Event Page: http://connect.linaro.org/resource/sfo17/sfo17-304/
Presentation:
Video: https://www.youtube.com/watch?v=aIwmRXFOshs
---------------------------------------------------
★ Event Details ★
Linaro Connect San Francisco 2017 (SFO17)
25-29 September 2017
Hyatt Regency San Francisco Airport
Privacy / personal data
Premium content protection (movies, shows)
User identification/
Loose control of device
Credit / payment fraud
Safety / ADAS
Corporate espionage
ss
Lots of definitions for ROT – GlobalPlatform doing some good work in the Security Task Force = ROT Definitions & Requirements
Initial Root of Trust (e.g. CryptoCell) is a computing engine & executable code on same platform
ROT may require data / keys to be securely provisioned at the factory e.g. RSA key pairs and storage of private keys
ROT provides security services to next item in chain of trust e.g. authenticating boot code, crypto, confidential key store/ management
iROT ususally has one identifiable owner e.g updates & controlled mutability
One iROT per platform
Small security boundary
Extended ROT is next level in chain e.g. TrustZone based TEE
Extended ROT is a set of code and data whose integrity can be verified prior to executionProvide additional security functions
Often from different vendor to iROT
iROT & Extended ROT = Primary ROT
Typical security services:
Confidentiality, Integrity, Auth, Identification, Measurement
ss
TrustZone for ARMv8-M helps enforcing various security use cases, that address scenarios/requirements of the different embedde sub-segments.
Go through each 4 quickly, adding whose property it is helping to secure.
ss
Highlight energy efficiency vs M4
Depends on the configuration but at least as an energy efficient as an M4, in some cases more efficient