Born Secure: ARMv8-M for the Industrial IoT?

In a connected world where everyday devices can be compromised to launch distributed denial of service (DDoS) attacks, these cores offer the IoT something new; Born Secure. The issue of security is far from new to the semiconductor and electronics industry, but what is new is the forecast for the number of devices which are likely to be connected to the internet and thus available to be compromised. Hackers always target the weakest link in any system and as press reports of last year’s Mirai botnet attacks have revealed, many ordinary devices such as home routers, webcams and digital video recorders were used by Mirai to launch DDoS attacks. Often users simply had not changed the default passwords and administrator settings on these devices, highlighting the importance of security for all devices attached to a public network such as the internet. Security is perhaps the most challenging issue for IoT developers because the threats posed to equipment permanently attached to the internet are constantly evolving. Security is a subject which anyone with a PC, tablet or smartphone will be familiar, with the need for regular patches and other updates to the OS to protect against ever changing attacks. If the US Department of Justice and Internal Revenue Service have been unable to master security, nor tech companies such as Cisco, LinkedIn and Yahoo!, then startup makers with limited development and testing budgets, operating on short timescales and with tight profit margins need all the help they can get. With some IoT forecasts now surging towards hundreds of billions of devices, including products as diverse as connected LED lighting, thermostats and toasters, security oversights have the potential to paralyze the development of the IoT. Colin Barnden, Principal Analyst at Semicast Research commented “Security must move from nickel-and-dime to front-and-center in the mindset of all developers and makers if the IoT is to maximize its potential.” “The issue of security must move from the nickel-and-dime list to be front-and-center in the minds of all developers and makers if the IoT is to maximize its potential.” The M23 and M33 cores are the latest building blocks in the development of ARM’s secure off-the-shelf platform for the IoT and were developed with TrustZone built-in and designed to work with ARM’s previously announced mbed OS. In the same way that Apple has successfully built an ecosystem of products that just seamlessly work together (iPad, iPhone, iCloud, iTunes, etc.), so ARM is steadily building a commercial IoT platform which designs-out as many vulnerabilities as possible by providing hardware and software IP that was developed from inception to be secure and integrated. Semicast judges this to be a winning strategy for the IoT, especially in the industrial market, where ARM is by far the leading microcontroller architecture with devices based on the legacy ARMv6 and ARMv7 instruction sets. IoT has been the key focus area for the semiconductor industry for the last five years and it is Semicast’s view that Industrial IoT can be described as intelligence and connectivity being added to ever smaller, distributed, remote industrial devices, all of which must be secured. Barnden explained “Industrial IoT is not viewed by Semicast as a growth application itself; instead this intelligence and connectivity is provided by the addition of sub-$1 32-bit MCUs, together with short-range wireless communications ICs based on standards such as 6LoWPAN, Bluetooth/BLE, LoRa, NFC, Sub-1/2.4 GHz, Thread, Wi-Fi and ZigBee. These intelligent connected industrial devices generate the Little Data which has never previously been captured, to be processed locally or fed straight to the Cloud for Big Data analytics, creating the Industrial IoT of smart buildings, cities, factories, grid, medical, payment and security.” Semicast forecasts shipments of ARM-based microcontrollers in the industrial market to grow to about 9 billion units in 2021, from under 4 billion in 2016 and judges future shipments of M23 to be much higher than for M33 in the industrial market, as legacy low cost and low power M0/M0+ designs transfer to using M23. Publically announced licensees for M23 and M33 include Analog Devices, Microchip, Nuvoton, NXP, Renesas, Silicon Labs and STMicroelectronics. Intel has not previously been a player in the 32-bit microcontroller space, but that changed late in 2015 with the launch of its Quark D1000 and D2000 devices. These are 32-bit Pentium-based microcontrollers running at 32MHz with 8-32KB of on-chip ROM and RAM. Priced in the range of $2-3, these products will certainly help Intel to combat the army of ARM microcontroller suppliers. Whether Intel will commit to the 32-bit microcontroller market with the release of multiple variants of these products, which the market leaders such as Microchip, NXP, Renesas and STMicroelectronics have made a feature of their business models, remains to be seen. Barnden summed up “Intel is the largest semiconductor company and the combination of Intel Security, Wind River and Intel Architecture silicon is a powerful combination to help secure the IoT. In the long term the battle for the Cloud, Things and Fog (CTF) looks set to be dominated by ARM and Intel".