Securing a m icrocontro ll er-based
application for the IoT can be tricky.
Security starts at the hardware level
and then scales into the embedded
software. To successfully secure the
software, developers require that the
underlying hardware support critical
features such as:
Secure boot
Memory protection
Cryptographic engine accelerators
True ran do m number generator
(TRG)
Secure pin multiplexing
Software isolation
While some of these features are
supported in the Arm® Cortex®-M
processors such as the M0+, M3/4/7
series, it can be difficult and time
consuming to create a successful
solution.
A new solution that developers
can leverage at the hardware level
is to use the new Cortex-M23/33
high-performance variant, and the
recently announced M35P which is a
high-performance, physical security
(think tamper-resistance) processor
(Figure 1).
While the Armv8-M architecture
does improve performance from
previous architecture generations,
several critical improvements to note
include:
Instruction set enhancements
Flexible breakpoint configuration
Dynamic reprioritization of interrupts
Enhanced trace support
Simpler Memory Protection Unit
(MPU) setup
The biggest and most interesting
improvement to the architecture is
the ability to use Arm TrustZone.
TrustZone is a security extension
to the architecture that allows
a developer to physically isolate
executing code and memory regions
such as RAM, code space, and
Improving Embedded Security with the Armv8-M
Architecture and TrustZone
Rich Miron, Digi-Key Electronics
series of microcontrollers which are
based on the Armv8-M architecture.
These processors are designed with
security in mind and contain many
security features like those listed
earlier, including Arm TrustZone® for
microcontrollers. In this article we
will become more familiar with the
Armv8-M architecture and explore
how we can improve embedded
security using TrustZone.
Introduction to the
Armv8-M architecture
The first thing to realize about
the Armv8-M architecture is that
it is the latest microcontroller
architecture from Arm that targets
low cost, deeply embedded real-time
embedded systems. There are three
new processor types that are joining
the family. The M23, which is a low-
power variant, the M33, which is a
40 l New-Tech Magazine Europe