Embedded Basics – The Arm Security Manifesto

Last week I attended Arm TechCon and a major theme through-out was embedded security. During the conference, Arm released their Security Manifesto which provides developers with Arm’s vision for how the IoT will be protected. Let’s briefly discuss a few highlights.

First, I found the Arm Security Manifesto to be an interesting read. The document is only 14 pages but contains several articles focusing on security strategies still in development such as:

  • Digital Immune Systems
  • Walling off attacks
  • AI distributed security

The manifesto is free to download but does require that a developer enter their contact information which by this point I think we are all used to. The document can be downloaded here.

The security manifesto focuses on security from what I felt was a network or fairly resource available device. For example, the manifesto discusses software monitoring and control with capabilities that would require 128 or possibly even 256 kilobytes of flash to implement. Not exactly well fitting for a resource constrained edge node. Despite this shortcoming, the document did introduce several very interesting ways to think about security.

First, the idea that IoT networks and devices could be developed so that they could mimic the human immune system to detect potential infections and threats. The ability to automatically plug holes and immunize software is intriguing and could be widely applicable. There are several important technological hurdles that need to be vaulted such as:

  • Energy usage
  • Infrastructure capabilities such as bandwidth
  • Common software architecture or platform throughout

Next, the concept that artificial network intelligence could be used to detect and identify typical node behavior. When a device “goes off the rails”, the network monitor could not just detect the misbehaving device but also isolate or even revoke network privileges. The interplay between the device and the network appears to be an important strategy in automating security capabilities. Once again though, I feel like there is an underlying theme that there is a well accepted standard for security or device communication from which the security strategy is implemented.

Conclusions

Whether we like it or not, security is going to become a design centerpiece for developers that are looking to connect their device to the internet. These devices in a very short time will be required to interact with system monitors on the network and even within the silicon itself. The new strategies that may one day protect us from hackers are on the horizon but quickly becoming a reality. Whether you buy into Arm’s Security Manifesto or not, I would encourage you to start thinking about security and what steps you can take to start protecting our products.

 

Leave a Reply

Your email address will not be published. Required fields are marked *