New-Tech Europe Magazine | February 2019

Previous Page

Next Page

Page Background

Securing a m icrocontro ll er-based

application for the IoT can be tricky.

Security starts at the hardware level

and then scales into the embedded

software. To successfully secure the

software, developers require that the

underlying hardware support critical

features such as:

Secure boot

Memory protection

Cryptographic engine accelerators

True ran do m number generator

(TRG)

Secure pin multiplexing

Software isolation

While some of these features are

supported in the Arm® Cortex®-M

processors such as the M0+, M3/4/7

series, it can be difficult and time

consuming to create a successful

solution.

A new solution that developers

can leverage at the hardware level

is to use the new Cortex-M23/33

high-performance variant, and the

recently announced M35P which is a

high-performance, physical security

(think tamper-resistance) processor

(Figure 1).

While the Armv8-M architecture

does improve performance from

previous architecture generations,

several critical improvements to note

include:

Instruction set enhancements

Flexible breakpoint configuration

Dynamic reprioritization of interrupts

Enhanced trace support

Simpler Memory Protection Unit

(MPU) setup

The biggest and most interesting

improvement to the architecture is

the ability to use Arm TrustZone.

TrustZone is a security extension

to the architecture that allows

a developer to physically isolate

executing code and memory regions

such as RAM, code space, and

Improving Embedded Security with the Armv8-M

Architecture and TrustZone

Rich Miron, Digi-Key Electronics

series of microcontrollers which are

based on the Armv8-M architecture.

These processors are designed with

security in mind and contain many

security features like those listed

earlier, including Arm TrustZone® for

microcontrollers. In this article we

will become more familiar with the

Armv8-M architecture and explore

how we can improve embedded

security using TrustZone.

Introduction to the

Armv8-M architecture

The first thing to realize about

the Armv8-M architecture is that

it is the latest microcontroller

architecture from Arm that targets

low cost, deeply embedded real-time

embedded systems. There are three

new processor types that are joining

the family. The M23, which is a low-

power variant, the M33, which is a

40 l New-Tech Magazine Europe