Designing Secure IoT Devices with the Arm Platform Security Architecture and Cortex-M33
Trevor Martin, B.Sc. (Hons), CEng., MIET
Arm Technical Specialist, Hitex (UK) Ltd, Coventry, West Midlands, United Kingdom
Copyright
Newnes is an imprint of Elsevier
The Boulevard, Langford Lane, Kidlington, Oxford OX5 1GB, United Kingdom
50 Hampshire Street, 5th Floor, Cambridge, MA 02139, United States
Copyright 2022 Elsevier Ltd. All rights reserved.
No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publishers permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions.
This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein).
Notices
Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods, professional practices, or medical treatment may become necessary.
Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information, methods, compounds, or experiments described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility.
To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein.
ISBN: 978-0-12-821469-5
For information on all Newnes publications visit our website at https://www.elsevier.com/books-and-journals
Publisher: Mara Conner
Acquisitions Editor: Tim Pitts
Editorial Project Manager: Franchezca Cabural
Production Project Manager: Sojan P. Pazhayattil
Cover Designer: Victoria Pearson Esser
Typeset by STRAIVE, India
Foreword
The world is undergoing an unprecedented technological transformation, evolving from isolated systems to ubiquitous Internet-enabled things. This novel paradigm, commonly referred to as the Internet of Things (IoT), is a new reality that is enriching our everyday life, increasing business productivity, and improving government efficiency.
IoT devices are being deployed in massive numbers. Arm estimates that a trillion IoT devices will be produced until 2035. IoT devices are powering industries and market sectors around the globe, generating and sharing large amounts of security- and privacy-sensitive data. The success of this new wave of the Internet is heavily dependent upon the trust built into these billions of connected devices. Notwithstanding, recent attacks on IoT devices have shown that poorly designed connected devices have the ability to bring down critical parts of our infrastructures or even affect our safety. The problem is that designing secure IoT devices can be a quandary, with numerous technologies, requirements, and constraints pushing different design directions.
This book is a remarkable effort in such a direction. Completely in line with the Platform Security Architecture (PSA) vision and principles, the book definitely strives for building security from the ground up. It starts by covering the Arm Platform Security Architecture and overviews the development tools and platforms. The book then focuses on the basics of cryptography and why it is paramount for securing communication and networking from the edge to the cloud. The subsequent chapters provide insights on software attacks and threat models and highlight the fundamentals to build defenses with the PSA security model. With Arm TrustZone providing the perfect foundation for establishing a device root of trust based on PSA guidelines, the latest chapters take as a reference a TrustZone microcontrollerNXP LPC55S59and break down the different software components of an open-source secure IoT stack, including bootloader, Trusted Firmware, and Trusted Services. All these topics are explained and accompanied by application examples and hands-on exercises, helping readers to easily understand theory with practice.
I strongly recommend this book to a large spectrum of profiles and broad audience: from students and hobbyists with very little knowledge and experience to well-established system designers and architects with proven expertise. The book is a must-read for those looking for theory and practice. Security is a shared responsibility, where all of us shall play a significant role. Johann Wolfgang von Goethe once said: Knowing is not enough; we must apply. Willing is not enough; we must do.
Enjoy reading this book!
Sandro Pinto
Chapter 1: Introduction
Abstract
As embedded systems designers, we are all aware that many everyday devices contain microcontrollers. Much of the critical infrastructure that is relied on by modern society rests on functioning computer networks. The growing adoption of IoT networks offers the potential for new services and business models, which will also increase our dependency on these networks. When everything is a computer, the world becomes a computer. For the purposes of this book, we have to consider the potential negative consequences of badly designed IoT networks. The horror stories are not hard to find. Of particular interest was a Nation State-sponsored attack against a Ukrainian power station and substation network in 2015. This was well planned and expertly executed. The attackers not only disrupted the power station IT system but used the power station SCADA system to switch off substations and reprogrammed the station PLCs with malware to damage the generators. Not a good day at the office. It took months to recover the system. Even as I am writing this Introduction, a major attack against the colonial pipeline in the United States is unfolding. Although this seems to involve the IT system rather than the pipeline itself, it is still causing widespread disruption, panic buying, and fuel shortages. At the other end of the scale while researching this book, I also came across the acronym SIMAD, Single Individual MAssively Destructive. The concern is that the increasing availability of advanced technology would enable individuals and small groups to develop weapons of mass destruction. It would only be a matter of time before a Lone Wolf attack would result in a huge loss of life. The growth of insecure IoT networks will ensure that even if we are not quite doing their job for them, we are certainly enabling them to do it easily and quickly.
Keywords
Arm platform security architecture; PSA certification; Cryptography; Secure communications; IoT devices; Device security