Upload
chiportal
View
1.556
Download
0
Embed Size (px)
DESCRIPTION
Citation preview
May 4, 2011 1
Evolving Trusted
Platforms
Haydn Povey
Director MarketingProcessor Division
ARM
May 4, 2011 2
Evolving the Mobile Internet“More people in the world will have
their first interaction with the Internet with mobile than with
laptop” Vinton Cerf, Google
“In mobile computing, the opportunities for innovation are particularly exciting.... The fact that more than 3 billion people around the world are connected is unbelievable, yet that is less than half the world’s population.Steve Ballmer, Microsoft
... and malware and software threats are increasing exponentially
May 4, 2011 3
The Issue
Over 350,000 Android handset are shipped every dayApproaching 350,000 apps on Android store
Open mobile OS’s are a blessing... and a curse
Over 350,000 Android handset are shipped every dayApproaching 350,000 apps on Android store
Open mobile OS’s are a blessing... and a curse
May 4, 2011 4
Mobile Client of 2010
OEM/Operator “Store frontWeb 2.0 apps mashupsOpenGL ES 2.0 graphicsContent and its usage in all forms is driving consumer demand
Internet Games
Music Books Video
Cortex™-A8/A945/32nmOpenGL ES 2.0 GPU(Mali-400MP)HD video DVC
TrustZone®
LTE 50Mbps DLMultimode40nmCortex-R4
WVGA AMOLEDscreen
HDMI out
Apps processorDevice trends
Modem
Basic security concepts
introduced
May 4, 2011 5
Mobile Client of 2013
Console gaming performanceAdvanced video capabilityFast broadband
Enterprise applications Advanced multi-
processing drives new consumer paradigms and use
Fast battery charge New technologies
appear in batteries for the first time
New generation MP22nmNew generation GPU
HD video DVC: 60fps+TrustZone and advanced security
LTE 100Mbps DL28nmNew generation processor
Device trends Apps processor
Modem
Advanced system security
capabilities
May 4, 2011 6
Security - Foundation of the Future
Integrated security is the key capability to enable the next generation of services and applications across
many market segmentsSeamless Payment Services
Integrated Content ManagementThe Internet of Things
May 4, 2011 7
Traditional Security Solutions
Security traditionally seen as separate and distinct
Enables the development of physical and electrical countermeasures
These applications remain vitally important, however the technology significantly limit the functionality of those high performance applications which demand security
In excess of 4 Billion devices per year Secure Elements are shippedIn excess of 4 Billion devices per year Secure Elements are shipped
May 4, 2011 8
SoC Platform Security Challenges Definitions – Are we fighting the same battles?
Advanced threat models Device-centric Malware vs. Class Breaks (iOS cracking)
Social engineering viruses vs significant Lab Attacks Attack goals – gifted amateur or $$$mulit-million threat
Varying definitions of “security” creates significant market fragmentation
HardwareGuidance & standard HW foundations required to enable SW ecosystem
Secure boot integration with UEFI, etc. Processor requirements to enable best-in-class trust and security
System IP to deliver holistic security across the SoC Role of secure element
Certification methodology
May 4, 2011 9
SoC Platform Security Challenges SoftwareLack of standards & low portability of code restricts ecosystem
Move to standard HW framework promotes code reuse Enables the development of standard API within industry groups ,
e.g. Global Platform (www.globalplatform.org) Simplifies integration into rich OS WM, Android, etc.
Who cares about security?End users are typically ignorant of security risksHence it falls to the content owners or banks to cover the risk
The stakeholder differ by market segment but have some common members
May 4, 2011 10
Who Cares About Mobile Security?
Security is a Continuous Evolution – not a one time task
AppMNO ServiceOSOEMSoC User
SECURITY ATTENTION METER
May 4, 2011 11
Building Secure PlatformsThree fundamental alternatives
#1 – Integration of separate secure element Very low risk as SE are well trusted (EAL 5+)
Limited integration and low speed make them of limited use
#2 – Integration of secondary secure processor Provides a higher performance and focused alternative
Challenges around area cost, HW design, and separate SW code base and integration with main application processor, OS and apps
#3 – Leverage existing application processor High performance and naturally integrated
May 4, 2011 12
Delivering A Trusted Virtual ProcessorTrustZone has major advantages over separate secure processor solutions:
Performance Security at full core MHz
All resources dynamically shared
Cost The two isolated domains are
implemented in the same machine with no HW duplication
System Approach Security extends to entire
memory and peripheral systems
May 4, 2011 13
TrustZone Enabled ProcessorsTrustZone is in the DNA of all ARM Application Processors
Cortex-A5 MPCore Cortex-A8 & Cortex-A9 MPCore
Cortex-A15 MPCore
Cortex-A15
Cortex-A9Cortex-A5
May 4, 2011 14
Enabling Payment SolutionsOn-Chip Secure RAM area protected with TrustZone Memory AdaptorKeyboard and screen secured dynamically to protect PIN entry
Example solution based on ARM IP
May 4, 2011 15
Enabling Fully Secured PlatformsAddition of Crypto, Media Accelerators & DMA Controller for media handlingProtection of RAM and off-chip decode
Example solution based on ARM IP
May 4, 2011 16
TrustZone “Virtual” Secure Processor
Certification is traditionally a very lengthy and expensive process for complex SoC designs
Certification is traditionally a very lengthy and expensive process for complex SoC designs
Picture courtesy of Texas Instruments
May 4, 2011 17
TrustZone “Virtual” Secure Processor
TrustZone provides a smaller virtual processor significantly reducing complexity & cost
TrustZone provides a smaller virtual processor significantly reducing complexity & cost
Picture courtesy of Texas Instruments
May 4, 2011 18
Virtualization and SecurityVirtualization often offered as a solution for security
Virtualization focused on sharing of resources across many threads TrustZone solutions focus on simplicity to enable certification
Future systems will require Virtualization and TrustZone
Hypervisor Secure Kernel
Secure BootS
ecu
re A
pp
Normal Secure
Host OSSecure Driver
Secure Driver
Guest OSSecure Driver
Ap
p
Ap
p
Ap
p
Guest OSSecure Driver
Ap
p
Ap
p
Ap
p
Guest OSSecure Driver
Ap
p
Ap
p
Ap
p
Sec
ure
Ap
p
Sec
ure
Ap
p
Monitor
Ap
p
Ap
p
Ap
p
May 4, 2011 19
P0 P1 P2 P3
SMP OS
Multi-Core Software ModelAll cores in multi-core processors inherently contain TrustZone H/W
Simplicity equals security – reduced attack vectors Single implementation of SecureOS on P0 – small footprint & blocking operation
P1, P2, P3 implement simple stub to redirect secure requests to P0
It is possible to have multiple SecureOS instantiations however certification complexity grows exponentially.
Normal World
SecureOSSecure World
TrustZone Device Driver
Applications
Stub Stub Stub
May 4, 2011 20
SEPIA – EU Funded research program
Secure, Embedded Platform with advanced Process Isolation and Anonymity capabilities
EU-funded research project in the 7th FRP
5 Research Partners:Hardware & Infrastructure Lead
Software & Security Lead
Certification Lead
Secure Element & Systems Lead
Threat Analysis & Project Lead http://www.sepia-project.eu/
May 4, 2011 21
Delivering Secure Applications
Tamper Resist Storage
Secure Crypto Exe
EAL 5+ Certification
Trusted PeripheralsGPS, UI, Clock etc
Authenticated Debug
Trusted Boot
Tru
sted
Ap
ps
Pro
cess
or
+S
ecu
re E
lem
ent
Mobile
Adve
rtisi
ng
Loyalty
applic
atio
ns
Emai
l Encr
yptio
nDRM
Super D
istri
bution
One Tim
e Pas
sword
Data
Prote
ctio
n
Acces
s Contro
l
Secure
FOTA
Licen
se M
anag
emen
t
Ticke
ting
Mobile
TV
Mobile
Pay
men
t
Mobile
Ban
king
“EMV” Certification
Trusted RTE
May 4, 2011 22
ConclusionSecurity must be a major focus for the entire SoC industry
In an increasingly connected world, and the Internet of Things it is critical to focus on the “who” as well as the “how”
In power constrained devices we have to build security in from the ground up – not as an afterthought with layers of anti-virus software
All platforms in the future are power constrained – from the connected washing machine to the green cloud-server
May 4, 2011 23
And Finally.....