IoT pushes Arm over the Edge: Mbed Cloud offers to grab gadget gateways

Plus: Magic stuff to spot people sniffing secrets from chips

By Chris Williams, Editor in Chief

Posted in Internet of Things, 24th October 2017 13:01 GMT

TechCon Kicking off its TechCon engineering conference today in Silicon Valley, Arm announced a couple of things: Internet-of-Things gateway wrangling code, and some security measures to potentially prevent secrets leaking electrically from chips.

First, the Brit processor designer's gadget-controlling Mbed Cloud is getting a suite of features called Mbed Edge. This is supposed to run on gateway boxes that sit between equipment – such as sensors, factory machinery and other industrial gear – and the internet, allowing the devices to be monitored and controlled remotely via the gateways.

Obviously, such gatekeepers are crucial in keep potentially dangerous machinery secured from hackers and other prying eyes as well as interfacing the devices to IP networks and keeping them in check.

Mbed Edge is Arm's attempt, in software, to increase the resiliency of these guardians, with notifications of weird behavior, as well as providing an execution environment for applications so programs can continue to control the IoT devices if the connection to the management cloud fails, as well as provide some intelligence close to the gizmos and equipment.

The code can also talk to devices using non-IP protocols, from Modbus to BACnet, and route these communications over IP networks. Mbed Cloud is now available to customers, after being in a closed trial for a while, and if you want to try out the new Edge functions, ask Arm nicely, it seems.

Next, Arm reckons it has come up with techniques for system-on-chip designers and manufacturers to use to prevent miscreants from monitoring power consumption and electromagnetic emissions from packages and working out secrets, such as private keys. These SoC fortifications are supposed to thwart the sort of over-the-air snooping that routinely makes the headlines, it is claimed.

According to Arm:

At the SoC level, there are many classes of threats including those where attackers try to take advantage of the physical characteristics of the silicon implementation manifested during algorithmic execution. Today we’re announcing the availability of highly-efficient on-die threat mitigation technology designed to protect against threats including:

• Simple and Differential Power Analysis (SPA/DPA), where an attacker is trying to compromise confidential information (e.g. a secret cryptographic key) through various analysis methods of the power consumed by an integrated circuit (IC) during operation

• Simple and Differential Electromagnetic Analysis (SEMA/DEMA), where an attacker is trying to compromise confidential information (e.g. a secret cryptographic key) through various analysis methods of the electromagnetic field created during IC operation

The power and electromagnetic analysis mitigation technology relieves designers of the need to worry about this category of non-invasive attacks

This all comes as Arm announced blueprints for secure IoT devices, including a trusted firmware layer for 32-bit ARMv8-M microcontrollers. You can read more about the chip security and Edge announcements here and here, respectively. ®

Sign up to our NewsletterGet IT in your inbox daily

1 Comment

More from The Register

Ancient IETF 'teapot' gag preserved for posterity as a standard

'Error 418: I'm a teapot' scores 'reserved' status in IANA Status Code Registry

Arm isn't saying IoT firmware sucks but it's writing a free secure BIOS for device makers

TechCon Take the hint, manufacturers of weak kit

Retiring IETF veteran warns: Stop adding so many damn protocols

Ross Callon provides departing KISS (keep it simple, stupid)

Facebook gives its 007s license to kill M, its not particularly intelligent AI

Personal assistant that needed human help gets the boot

Brit chip bods ARM quietly piling up cash. Softbank will be happy

Processor design nets £100m in last quarter for Cambridge-based biz

M&S extends customer support contract with, er, Capita

Web chat? On the phone? Online? That'll be UK IT's Mr Nasty you are talking to

ARM embraces Brit and Swedish upstarts in Softbank NB-IoT push

And they've already got an integrated modem to show for it

ARM wants you to jump into mbed with it – IoT open-source OS in beta

Pre-launch open-ish code appears online

'OAuth please do grow up' say IETF boffins

Lightweight token-passing protocol suggested to deliver single sign-on

Google aims disrupto-tronic ray at intercoms. Yes, intercoms

Assistant and Home can now save you shouting at the kids when dinner's ready