SAN JOSE, CA – At the ARM TechCon conference today ARM announced a comprehensive portfolio of products and services that promises to greatly simplify the creation of secure IoT systems. The core, operating system, and cloud-based software-as-a-service (SaaS) collection aims to accelerate IoT chip to cloud development both for ARM manufacturing licensees as well as their design customers. The offerings target low- to mid/high-end applications and aim to make energy-harvesting a viable power option for many designs.
"The next shift in the IoT requires better efficiency, security, and ability to scale," ARM computer group's vice president of strategy Nandan Nayampally told EE Times in a briefing. To address that need in a way that also speeds development, he added, ARM created an integrated offering that enhanced security at each stage of the IoT system. The offering includes processor cores with a TrustZone protected execution environment, a processor bus that extends that TrustZone to memory and peripherals, and CryptoCell hardware that supports secure boot, key management, and the like. Along with these cores, he noted, ARM is offering a sub-one-volt 802.15.4 radio, and pre-designed system IP with operating system software for SoC creation.
The IoT design portfolio announced today starts with two cores based on the new ARMv8-M architecture. The M33 is a general-purpose, 32-bit processor with TrustZone technology, DSP extensions, and floating-point capability. It also offers a coprocessor interface for tightly coupling custom acceleration hardware. The M23 is a more basic core targeting ultra-low-power applications while still offering TrustZone protection. Nayampally noted that the M23 is 75% smaller and 50% more efficient than the M33, and that both processors are suitable for functional safety applications.
The CyptoCell-312 can work with either core to further enhance security. The cell brings secure storage, key management, a true random number generator, and crypto acceleration to a chip design.
Along with the processor cores ARM has developed system IP that extends TrustZone security features beyond the core itself. The CoreLink SIE-200 bus is pre-verified with ARMv8-M processors and builds on the AHB5 bus matrix to provide hardware-enforced isolation between secure and non-secure applications and is configurable to meet a variety of architectural needs. The bus uses the AMBA protocol for per-transaction secure signaling through the system.
ARM has also gone beyond cores with the creation of a complete IoT subsystem out of its core components. The IoT POP IP forms a reference design that outlines both the physical IP and the implementation methodologies developers will need to achieve a design with the appropriate power profile for a given application. Further, ARM has developed the CoreLink SSE-200 subsystem IP, which is based on an M33 processor with CryptoCell. The subsystem includes memory, peripherals, and a sub-one-volt Cordio 802.15.4 radio configurable to work with Bluetooth, ZigBee, and Thread systems. The subsystem has the support of software tailored to the design, including the mbed operating system, protocol stacks for the radio, security software, drivers, and power management features. The subsystem can be configured and implemented in an FPGA for rapid prototyping.
On top of the chip IP and software, ARM is introducing cloud support in the form of software as a service (SaaS). The mbed Cloud provides developers with a simple way of connecting to, securing, provisioning and updating their devices both during manufacturing and after deployment. The service provides secure communications with the IoT device as well as device maintenance, and forwards data to another cloud service of the developer's choice for handling the application and user interaction with the device and its data. While optimized for the ARMv8-M family included in the announcement, Nayampally said, mbed Cloud is able to work with any device architecture and any cloud service.
The completeness of the ARM offering is unusual in the industry, according to Steve Hoffenberg, director of IoT and embedded technology research at industry analyst firm VDC Research. "The bits and pieces are out there," Hoffenberg said in an interview with EE Times. "Having a trusted execution environment at the chip level allows cloud vendors to create agents that work with them. These solutions work, and they're good solutions," he said. "But they're not as integrated as ARM." Hoffenberg pointed to the recent announcement from Microchip regarding its processor working with AWS as an example of chip vendors working in partnership with cloud service providers to help secure IoT designs.
"But ARM has a unique position," Hoffenberg said. "The biggest advantage to a solution like this is that it can tie in the chip technology to the cloud for designing to meet specific application needs and be truly end to end. The sheer number of processor vendors who use ARM technology means there will be a variety of products based on this offering. It's difficult for vendors of security or cloud services to achieve this variety due to their need to create separate agents for each processor family."
Bob O'Donnell, president of market research and consulting firm TechNalysis Research, told EE Times that the ARM offering helps fill a hole in the IoT, as well. "The security piece has been missing in low-power MCUs," O'Donnell said, "and a lot of devices with security aren't being updated. What ARM has described is not the highest security, not enough for critical infrastructure, for instance. But it is pretty good security for a lot of IoT devices and certainly better than lots of IoT devices already out there. So, this announcement from ARM means the security of the IoT is going to get a lot better."
Development may also get faster. According to ARM's Nayampally the availability of a complete, fully verified subsystem design – the CoreLink SSE-200 IP – will help eliminate much of the core subsystem integration work and verification effort. He estimates this will reduce development cycles by six to 12 months.
ARM's M23 and M33 cores are available now for broad licensing, Nayampally said, as is the mbed OS5 operating system. The mbed Cloud service is scheduled to become available in Q1 of 2017.
—Rich Quinnell covers industrial control for EE Times. Contact him at firstname.lastname@example.org,