The Next Steps in the Evolution of Embedded Processors

Similar documents
The Next Steps in the Evolution of ARM Cortex-M

Implementing Secure Software Systems on ARMv8-M Microcontrollers

ARM TrustZone for ARMv8-M for software engineers

A Developer's Guide to Security on Cortex-M based MCUs

IoT and Security: ARM v8-m Architecture. Robert Boys Product Marketing DSG, ARM. Spring 2017: V 3.1

ARMv8-M Architecture Technical Overview

Designing Security & Trust into Connected Devices

M2351 Security Architecture. TrustZone Technology for Armv8-M Architecture

the ARMv8-M architecture

Designing Security & Trust into Connected Devices

Arm TrustZone Armv8-M Primer

ARM instruction sets and CPUs for wide-ranging applications

TrustZone technology for ARM v8-m Architecture

ARM processors driving automotive innovation

Designing, developing, debugging ARM Cortex-A and Cortex-M heterogeneous multi-processor systems

Designing Security & Trust into Connected Devices

Resilient IoT Security: The end of flat security models

The ARM Cortex-M0 Processor Architecture Part-1

Beyond TrustZone Security Enclaves Reed Hinkel Senior Manager Embedded Security Market Develop

Mobile & IoT Market Trends and Memory Requirements

Trustzone Security IP for IoT

ELC4438: Embedded System Design ARM Cortex-M Architecture II

ARM Security Solutions and Numonyx Authenticated Flash

Securing IoT with the ARM mbed ecosystem

Mobile & IoT Market Trends and Memory Requirements

How to protect Automotive systems with ARM Security Architecture

ARM architecture road map. NuMicro Overview of Cortex M. Cortex M Processor Family (2/3) All binary upwards compatible

M2351 TrustZone Program Development

ARM Processors for Embedded Applications

Beyond TrustZone PSA Reed Hinkel Senior Manager Embedded Security Market Development

Embedded System Design

New ARMv8-R technology for real-time control in safetyrelated

Fundamentals of HW-based Security

Mobile & IoT Market Trends and Memory Requirements

ARM Cortex-M and RTOSs Are Meant for Each Other

Accelerating IoT with ARM mbed

Internet of Things (IoT)

Building mbed Together: An Overview of mbed OS and How To Get Involved

Design and Implementation Interrupt Mechanism

Accelerating IoT with ARM mbed

ARM mbed Technical Overview

Resilient IoT Security: The end of flat security models. Milosch Meriac IoT Security Engineer

Accelerating IoT with ARM mbed

Implementing debug. and trace access. through functional I/O. Alvin Yang Staff FAE. Arm Tech Symposia Arm Limited

Beyond TrustZone PSA. Rob Coombs Security Director. Part1 - PSA Tech Seminars Arm Limited

Innovation is Thriving in Semiconductors

Exploring System Coherency and Maximizing Performance of Mobile Memory Systems

Trusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July IETF 99 th, Prague

ARM mbed mbed OS mbed Cloud

ARM mbed Towards Secure, Scalable, Efficient IoT of Scale

So you think developing an SoC needs to be complex or expensive? Think again

ARM Cortex core microcontrollers

ECE254 Lab3 Tutorial. Introduction to MCB1700 Hardware Programming. Irene Huang

Chapter 5. Introduction ARM Cortex series

Secure software guidelines for ARMv8-M. for ARMv8-M. Version 0.1. Version 2.0. Copyright 2017 ARM Limited or its affiliates. All rights reserved.

Hercules ARM Cortex -R4 System Architecture. Processor Overview

ARM Cortex -M and Java in the Internet of Things. Asim Chaudhry Field Applications Engineer, ARM

New Approaches to Connected Device Security

Beyond TrustZone Part 1 - PSA

ARM Cortex core microcontrollers 3. Cortex-M0, M4, M7

Accelerating intelligence at the edge for embedded and IoT applications

Copyright 2016 Xilinx

ARM mbed: Internet of Possible

ARM mbed Technical Overview

ARM Cortex processors

CISC RISC. Compiler. Compiler. Processor. Processor

Building High Performance, Power Efficient Cortex and Mali systems with ARM CoreLink. Robert Kaye

mbed OS Update Sam Grove Technical Lead, mbed OS June 2017 ARM 2017

RM3 - Cortex-M4 / Cortex-M4F implementation

Kinetis Software Optimization

The Changing Face of Edge Compute

Modular ARM System Design

RISC-V Core IP Products

Provisioning secure Identity for Microcontroller based IoT Devices

High-Performance, Highly Secure Networking for Industrial and IoT Applications

OP-TEE Using TrustZone to Protect Our Own Secrets

New STM32WB Series MCU with Built-in BLE 5 and IEEE

Using Virtual Platforms To Improve Software Verification and Validation Efficiency

WAVE ONE MAINFRAME WAVE THREE INTERNET WAVE FOUR MOBILE & CLOUD WAVE TWO PERSONAL COMPUTING & SOFTWARE Arm Limited

ARM CORTEX-R52. Target Audience: Engineers and technicians who develop SoCs and systems based on the ARM Cortex-R52 architecture.

Security and Performance Benefits of Virtualization

EDGE COMPUTING & IOT MAKING IT SECURE AND MANAGEABLE FRANCK ROUX MARKETING MANAGER, NXP JUNE PUBLIC

Each Milliwatt Matters

ARM Server s Firmware Security

A Secure and Connected Intelligent Future. Ian Smythe Senior Director Marketing, Client Business Arm Tech Symposia 2017

DesignWare IP for IoT SoC Designs

Cortex-A75 and Cortex-A55 DynamIQ processors Powering applications from mobile to autonomous driving

ARM Cortex -M7: Bringing High Performance to the Cortex-M Processor Series. Ian Johnson Senior Product Manager, ARM

Connecting Securely to the Cloud

Bringing the benefits of Cortex-M processors to FPGA

ARMv8-A Software Development

Titan silicon root of trust for Google Cloud

Building Ultra-Low Power Wearable SoCs

AN4838. Managing memory protection unit (MPU) in STM32 MCUs. Application note. Introduction

ARM Processor Architecture

Measuring Interrupt Latency

Practical real-time operating system security for the masses

ECE 471 Embedded Systems Lecture 2

智能互联推动嵌入式系统创新. March 2015

Profiling and Debugging OpenCL Applications with ARM Development Tools. October 2014

Transcription:

The Next Steps in the Evolution of Embedded Processors Terry Kim Staff FAE, ARM Korea ARM Tech Forum Singapore July 12 th 2017

Cortex-M Processors Serving Connected Applications Energy grid Automotive Environmental Home automation Healthcare Enterprise Retail Smart city Wearables Farming Identity & tracking VR / AR Building automation Connected clothing Robotics Sensor Industrial IoT Smart lighting Smart watch Space 2

The Needs for Security in the connected devices Communication Protection Cryptography, authentication Data Protection Secret data (keys, personal information) Firmware Protection IP theft, reverse engineering Operation Protection Maintaining service and revenue 3 Anti-tamper Protection Related to all other protections

So, we will talk about the new architecture for the Smart Connected Era ARM TrustZone for the ARMv8-M Security regions Cross-domain function calls Gateway entry ARMv8-M based micro-architecture Cortex-M23 Cortex-M33 https://community.arm.com/processors/trustzone-for-armv8-m/ Central Station for all things TrustZone for ARMv8-M 4

ARM Cortex-M Processors and the ARM Architecture Architecture Instruction Set Programmer s Model Memory Model Exception Model Debug Architecture 5

Target: Security for all embedded applications Root of trust applications - IoT Crypto Trusted software Trusted hardware system storage TRNG* IP Protection Valuable firmware Trusted drivers Trusted hardware Untrusted Trusted Sandboxing Certified OS / functionality Trusted drivers Trusted hardware * True random number generator Standard, affordable Developer friendly Ecosystem friendly 6

TrustZone for ARMv8-M Separation and access control Isolate trusted software and resources Reduce attack surface of key components Trusted software Provision of security services Small, well-reviewed code Untrusted Trusted Trusted hardware Hardware assist for cryptography -access validation built into SoC TRNG* Hardware system Software storage Crypto 7 *True Random Number Generation

Part 1: TrustZone security defined by address All addresses are defined either or Non-secure Policing managed by Security Attribution Unit (SAU) Internal SAU similar to MPU Supports use of external system-level definition (IDAU*) Non-secure MPU Request from CPU Security Attribution Unit System level control MPU Banked MPU configuration Independent memory protection per security state Request to system 8 *Implementation defined attribution unit

Same address map, different access permissions Configured into and Non-secure regions Defines access control to all regions including peripherals and memory No change for developers on the Non-secure side 0xFFFFFFFF 0xE0000000 0xA0000000 0x60000000 0x40000000 0x20000000 0x00000000 Cortex-M standard 4GB linear address map System region Device region RAM region Peripheral region SRAM region CODE region System components and debug Off-chip peripherals Off-chip memory Peripherals SRAM Program flash Example partition with TrustZone Various, CPU controlled Non secure Non secure Non secure Non secure Non secure 9

Security extends to the whole system IDAU ARMv8-M Processor IDAU TrustZone aware bus master IDAU Legacy bus master (Non-) Security wrapper Legacy bus master () Security wrapper IDAU regions Non-secure regions System IP AMBA 5 AHB5 interconnect 10 access only Boot loader Memory Protection Controller Flash (Page based partitioning) Memory Protection Controller SRAM (Watermark level based partitioning) System Security Controller Peripheral Protection Controller AHB Peripherals AHB5 to APB bridge Peripheral Protection Controller APB Peripherals

Part 2: Additional states and Non-secure code run on a single CPU For efficient, embedded implementation state for trusted code New stack pointers for robust operation Addition of stack-limit checking Non-secure handler mode Non-secure thread mode ARMv8-M handler mode thread mode Dedicated resources for isolation between domains Separate memory protection units for and Non-secure Private SysTick timer for each state side can configure target domain of interrupts Handler mode Thread mode ARMv7-M 11

High performance cross-domain calls Direct function calls across boundary High performance and high security Multiple entry points No need to go via monitor for transitions Uses Gateway (SG) instruction Only permitted in special memory with Non-secure callable (NSC) attribute Dedicated stack for each domain and privilege level 12

Cross-domain function calls An assembly code level example Non-secure memory NonFunc: BL Func <Non-secure code> memory (Non-secure callable) Func: SG < code> BXNS lr Gateway (SG) polices entry point Placed at the start of function callable from Non-secure code Non-secure branch faults if SG isn t at target address Branch into the middle of functions is not allowed Calling internal functions is not allowed Code on Non-secure side identical to existing code Call Return to NS Enter state Memory Non-secure callable Non-secure SG API Non-secure applications 13

Interrupt Handling in ARMv8-M Each interrupt can be assigned as or Non- SysTick (NS) Some system exceptions are banked e.g. SysTick timer is banked interrupts can be programmed to have higher priority than Non- IRQs IRQs SysTick (S) Priority NVIC Nested Vectored Interrupt Controller Processor core Same operation as in ARMv7-M in most cases (no extra latency) IRQs Non- IRQs or IRQs Non- IRQs 14

ARMv8-M Interrupt Security High-performance interrupt handling with register protection Subject to priority, can interrupt Non- and vice versa can boost priority of own interrupts Uses current stack pointer to preserve context Running Code Non- Interrupt Uses ARMv7-M exception stacking mechanism Hardware pushes selected registers Interrupt handlers programmable in C Non- interruption of code CPU pushes all registers and zeroes them Removes ability for Non- to snoop on register values Pop All Registers Switch to Return from Interrupt Push All Registers Zero All Registers Switch to Non- Run Non- Handler 15

The result: an efficient TrustZone security isolation Comprehensive, holistic protection across the entire processor and system Two worlds - one CPU Real-time transition* Simple to use Transparent to software developer Same programmers model Non-trusted view Non-trusted Trusted Trusted view Optimized for small embedded Hardware-enforced isolation No hypervisor code or memory overhead Deterministic, low-latency interrupts services Firmware firmware Data data Peripherals Memory CPU resources 16 * 2 cycles

Bringing TrustZone to the Cortex-M family Cortex-M7 Maximum performance, control and DSP 25Bn Total units shipped * TrustZone High performance Cortex-M3 Performance efficiency Cortex-M4 Mainstream control and DSP Cortex-M33 Flexibility, control and DSP Performance efficiency Cortex-M0 Lowest cost, low power Cortex-M0+ Highest energy efficiency Cortex-M23 Smallest area, lowest power Lowest power & area ARMv6-M ARMv7-M ARMv8-M *Data as of Dec. 2016 17

Cortex-M33: Security for diverse embedded markets 32-bit processor of choice Optimal balance between performance and power 20% greater performance than Cortex-M4 With TrustZone, same energy efficiency as Cortex-M4 Digital signal control Bring DSP to all developers FPU offering up to 10x performance over software Extensible compute Coprocessor interface for tightly-coupled acceleration Security foundation System-wide security with TrustZone technology Enhanced memory protection Easy to program Dedicated protection for both and Non-secure states Enhanced & secure debug Security-aware debug Simplified firmware development 18

Ever-expanding world s #1 embedded ecosystem Public silicon lead partners Public ecosystem lead partners 19

Summary Think system! TrustZone is proven Programmers model is preserved Tools are ready Issues are identified Happy coding! https://community.arm.com/processors/trustzone-for-armv8-m/ Central Station for all things TrustZone for ARMv8-M 20

The trademarks featured in this presentation are registered and/or unregistered trademarks of ARM Limited (or its subsidiaries) in the EU and/or elsewhere. All rights reserved. All other marks featured may be trademarks of their respective owners. Copyright 2017 ARM Limited

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback