IoT Security, Software Are Highlighted at ARM TechCon
Many people are aware of the Internet of Things concept. What they want to know now is how to secure the IoT and how to develop code for it.
Plenty of vendors on hand for the ARM TechCon conference and exposition in Santa Clara, Calif. this week were offering solutions on both counts. And there were multiple presentations in the three-day conference program devoted to both subjects.
Mentor Graphics, for instance, spoke about “Use Cases for ARM TrustZone Benefits of HW-Enforced Partitioning and OS Separation.” MediaTek presented on “Secured Communication Between Devices and Clouds with LinkIt ONE and mbedTLS.” And so on.
ARM CEO Simon Segars said in his keynote address that security and trust are one of the key principles in the Internet of Things (the others being connectivity and partnership across the ecosystem). Security and trust, he asserted, must be “at every level baked into the hardware, before you start layering software on top.”
James Bruce, ARM’s director of mobile solutions, addressed the security topic at length in an interview at the conference. ARM is taking a holistic approach to security through its TrustZone technology, he said, describing it as “a great place to put [network] keys.”
With microcontrollers, the chips often used in IoT devices, TrustZone makes sure sensitive data is “inaccessible to normal software,” Bruce said. At the same time, “you want to make devices easy to update,” he added.
ARM wants to enable its worldwide ecosystem of partners to stay ahead of cyberattacks and other online dangers, according to Bruce. “That’s why we’re doing the groundwork now,” he said.
The reaction of ARM partners to the introduction of TrustZone CryptoCells and the new ARMv8-M architecture for embedded devices has been “very positive,” Bruce said, adding, “Security can’t be an afterthought.”
Ron Ih, senior manager of marketing and business development in the Security Products Group at Atmel, described standard encryption as “only a piece” of security measures. “Authentication is a key part,” he said.
Atmel was touting its Certified-ID platform at ARM TechCon, featuring the ATECC508A cryptographic co-processor. Ih cited the “made for iPhone” chips that Apple requires of its partners developing products to complement the smartphone, ensuring ecosystem control. “You either have the chip or you don’t,” he said.
“People don’t care about the devices,” Ih concluded. “They care about who the devices are connected to.”
Simon Davidmann, president and chief executive officer of Imperas Software, is a veteran of the electronic design automation field, and he brings his experience to bear in the area of embedded software development.
Software, especially for the IoT, is “getting so complex, you can’t do what you used to do,” he said. “The software world has to change. Nobody should build software without simulation.”
At the same time, simulation is “necessary but not sufficient” in software development, he said. Code developers should be paying attention to abstractions, assertions, verification, and other aspects, according to Davidmann.
“Our customers are starting to adopt virtual platforms,” he added.
Jean Labrosse, president and CEO of MIcrium, a leading provider of real-time operating system kernels and other software components, said “the industry is changing” with the onset of the Internet of Things. Multiple-core chips are entering into the mix – not only for their low-power attributes, but for the safety and security they can provide, he noted.
Jeffrey Fortin, director of product management at Wind River and a specialist in IoT platforms, spoke on the last day of the conference on “Designing for the Internet of Things: The Technology Behind the Hype.”
Wind River, now an Intel subsidiary, has been around for more than three decades, developing “an embedded operating system that could be connected to other systems,” he said.
There are two business interests driving IoT demand, according to Fortin – business optimization and business transformation. He described the IoT as “using data to feed actionable analytics.”
The foundation of the IoT is hardware and software that provides safety and security, Fortin said.
In the final keynote of ARM TechCon, Google developer advocate Colt McAnlis spoke on “The Hard Things About the Internet of Things.”
IoT technology, at present, is “not optimizing the user,” he said in a frequently funny and witty presentation. Networking and battery issues are bedeviling the IoT ecosystem, he asserted.
By draining the batteries of mobile devices with near-constant signals, such as setting location via GPS, companies are imposing “a taxation system for every single thing [IoT] does,” McAnlis said. “We’re talking about how often we’re sampling. People are already realizing this sucks.”
Beacons installed in a shopping mall can bombard smartphone users with advertising and coupons, he noted, while the property management gets data on specifics of foot traffic. “Imagine this at scale,” installed on every block of San Francisco, he added.
“We have a chance to not make this a reality,” McAnlis asserted. “We need IoT technology to make this not suck for users.”
At the end of his keynote, McAnlis asked the attendees to hold up their smartphones and vow, “I solemnly agree not to screw this up.”