Embedded Basics – The Arm Security Manifesto
Last week I attended Arm TechCon and a major theme through-out was embedded security. During the conference, Arm released their Security Manifesto which provides developers with Arm’s vision for how the IoT will be protected. Let’s briefly discuss a few highlights.
First, I found the Arm Security Manifesto to be an interesting read. The document is only 14 pages but contains several articles focusing on security strategies still in development such as:
- Digital Immune Systems
- Walling off attacks
- AI distributed security
The manifesto is free to download but does require that a developer enter their contact information which by this point I think we are all used to. The document can be downloaded here.
The security manifesto focuses on security from what I felt was a network or fairly resource available device. For example, the manifesto discusses software monitoring and control with capabilities that would require 128 or possibly even 256 kilobytes of flash to implement. Not exactly well fitting for a resource constrained edge node. Despite this shortcoming, the document did introduce several very interesting ways to think about security.
First, the idea that IoT networks and devices could be developed so that they could mimic the human immune system to detect potential infections and threats. The ability to automatically plug holes and immunize software is intriguing and could be widely applicable. There are several important technological hurdles that need to be vaulted such as:
- Energy usage
- Infrastructure capabilities such as bandwidth
- Common software architecture or platform throughout
Next, the concept that artificial network intelligence could be used to detect and identify typical node behavior. When a device “goes off the rails”, the network monitor could not just detect the misbehaving device but also isolate or even revoke network privileges. The interplay between the device and the network appears to be an important strategy in automating security capabilities. Once again though, I feel like there is an underlying theme that there is a well accepted standard for security or device communication from which the security strategy is implemented.
Conclusions
Whether we like it or not, security is going to become a design centerpiece for developers that are looking to connect their device to the internet. These devices in a very short time will be required to interact with system monitors on the network and even within the silicon itself. The new strategies that may one day protect us from hackers are on the horizon but quickly becoming a reality. Whether you buy into Arm’s Security Manifesto or not, I would encourage you to start thinking about security and what steps you can take to start protecting our products.
Struggling to keep your development skills up to date or facing outdated processes that slow down your team, raise costs, and impact product quality?
Here are 4 ways I can help you:
- Embedded Software Academy: Enhance your skills, streamline your processes, and elevate your architecture. Join my academy for on-demand, hands-on workshops and cutting-edge development resources designed to transform your career and keep you ahead of the curve.
- Consulting Services: Get personalized, expert guidance to streamline your development processes, boost efficiency, and achieve your project goals faster. Partner with us to unlock your team's full potential and drive innovation, ensuring your projects success.
- Team Training and Development: Empower your team with the latest best practices in embedded software. Our expert-led training sessions will equip your team with the skills and knowledge to excel, innovate, and drive your projects to success.
- Customized Design Solutions: Get design and development assistance to enhance efficiency, ensure robust testing, and streamline your development pipeline, driving your projects success.
Take action today to upgrade your skills, optimize your team, and achieve success.
