IoT pushes Arm over the Edge: Mbed Cloud offers to grab gadget gateways

Plus: Magic stuff to spot people sniffing secrets from chips

By Chris Williams, Editor in Chief

Posted in Internet of Things, 24th October 2017 13:01 GMT

TechCon Kicking off its TechCon engineering conference today in Silicon Valley, Arm announced a couple of things: Internet-of-Things gateway wrangling code, and some security measures to potentially prevent secrets leaking electrically from chips.

First, the Brit processor designer's gadget-controlling Mbed Cloud is getting a suite of features called Mbed Edge. This is supposed to run on gateway boxes that sit between equipment – such as sensors, factory machinery and other industrial gear – and the internet, allowing the devices to be monitored and controlled remotely via the gateways.

Obviously, such gatekeepers are crucial in keep potentially dangerous machinery secured from hackers and other prying eyes as well as interfacing the devices to IP networks and keeping them in check.

Mbed Edge is Arm's attempt, in software, to increase the resiliency of these guardians, with notifications of weird behavior, as well as providing an execution environment for applications so programs can continue to control the IoT devices if the connection to the management cloud fails, as well as provide some intelligence close to the gizmos and equipment.

The code can also talk to devices using non-IP protocols, from Modbus to BACnet, and route these communications over IP networks. Mbed Cloud is now available to customers, after being in a closed trial for a while, and if you want to try out the new Edge functions, ask Arm nicely, it seems.

Next, Arm reckons it has come up with techniques for system-on-chip designers and manufacturers to use to prevent miscreants from monitoring power consumption and electromagnetic emissions from packages and working out secrets, such as private keys. These SoC fortifications are supposed to thwart the sort of over-the-air snooping that routinely makes the headlines, it is claimed.

According to Arm:

At the SoC level, there are many classes of threats including those where attackers try to take advantage of the physical characteristics of the silicon implementation manifested during algorithmic execution. Today we’re announcing the availability of highly-efficient on-die threat mitigation technology designed to protect against threats including:

• Simple and Differential Power Analysis (SPA/DPA), where an attacker is trying to compromise confidential information (e.g. a secret cryptographic key) through various analysis methods of the power consumed by an integrated circuit (IC) during operation

• Simple and Differential Electromagnetic Analysis (SEMA/DEMA), where an attacker is trying to compromise confidential information (e.g. a secret cryptographic key) through various analysis methods of the electromagnetic field created during IC operation

The power and electromagnetic analysis mitigation technology relieves designers of the need to worry about this category of non-invasive attacks

This all comes as Arm announced blueprints for secure IoT devices, including a trusted firmware layer for 32-bit ARMv8-M microcontrollers. You can read more about the chip security and Edge announcements here and here, respectively. ®

Sign up to our NewsletterGet IT in your inbox daily

1 Comment

More from The Register

Hands off! Arm pitches tamper-resistant Cortex-M35-P CPU cores

Sneaky processors look to keep lid on sensitive IoT data

Microsoft has designed an Arm Linux IoT cloud chip. Repeat, an Arm Linux IoT cloud chip

And it talks to Azure. Cortana probably spotted lurking nearby

Ancient IETF 'teapot' gag preserved for posterity as a standard

'Error 418: I'm a teapot' scores 'reserved' status in IANA Status Code Registry

Good luck saying 'Sorry I'm late, I had to update my car's firmware'

This is why the IETF's SUITs squad wants to make IoT firmware updates fast and easy

Arm isn't saying IoT firmware sucks but it's writing a free secure BIOS for device makers

TechCon Take the hint, manufacturers of weak kit

I'm anti-Google, please elect me: Senate hopeful rides tech backlash

Missouri attorney general Hawley hopes to tap into ire against Silicon Valley

Retiring IETF veteran warns: Stop adding so many damn protocols

Ross Callon provides departing KISS (keep it simple, stupid)

Facebook gives its 007s license to kill M, its not particularly intelligent AI

Personal assistant that needed human help gets the boot

Brit chip bods ARM quietly piling up cash. Softbank will be happy

Processor design nets £100m in last quarter for Cambridge-based biz

M&S extends customer support contract with, er, Capita

Web chat? On the phone? Online? That'll be UK IT's Mr Nasty you are talking to