ARM Announces PSA Architecture To Secure IoT Devices From Hackers And Botnets

There's no question that our connected devices are increasingly coming under attack, as we witnessed with the Mirai botnet that made the rounds late last year. In an effort to shore up the defenses of these IoT devices, ARM is pushing forwards with what it calls its Platform Security Architecture (PSA).

With PSA, ARM is providing what it calls the first common framework for building connected devices that are more secure. ARM views PSA as "a fundamental shift in the economics of IoT security" by providing clear guidelines to help make securing our devices more efficient and cost effective from a developer’s perspective. To help energize these efforts, ARM will introduce an open source reference implementation of its firmware specification, which is being called Firmware-M. Firmware-M will initially be aimed at ARMV8-M systems, while the source code will be released into the open early next year.

security arm

PSA will also encompass threat models and security analysis, is OS agnostic, supports ARM RTOS and even ARM Mbed OS.

ARM has become the dominant processor architecture for the mobile revolution, with over 100 billion connected devices shipped to-date. By 2021, ARM sees that number doubling to over 200 billion. Over one trillion devices are expected to be connected to the internet by the year 2035.

"Achieving this vision will require that we, the global population, become more knowledgeable in protecting our devices, while trusting the technology industry is doing everything it can to protect them and our data," wrote Paul Williamson, ARM's vice president and general manager for IoT Device IP. "No easy task as this trust will need to be earned while battling hackers who relentlessly seek vulnerabilities to find more entry points into our lives."

In addition to PSA, ARM also announced two proprietary secure IP components to help secure IoT devices. The first is TrustZone CryptoIsland, which is a highly integrated security subsystem that delivers on-die, smartcard-level security. The other is CoreSight SDC-600, which is used for debugging purposes.