Milosch Meriac, ARM IoT Security Engineer, talks about the strategy ARM is working on to make Internet of Things secure. ARM is convinced that many IoT security problems can be solved with standardised building blocks. ARM is developing the uVisor, a self-contained software hypervisor that creates independent secure domains on ARM Cortex-M3 and M4 microcontrollers (M0+ will follow). Its function is to increase resilience against malware and to protect secrets from leaking even among different modules of the same application. The uVisor is one of these basic building blocks – complementary to other important blocks like robust communication stacks, safe firmware updates and secure crypto libraries. The design philosophy of uVisor is to provide hardware-enforced compartments (sandboxes) for individual code blocks by limiting access to memories and peripherals using the existing hardware security features of the Cortex-M microcontrollers. Breaking the established flat security model of microcontrollers into compartmentalised building blocks results in high security levels, as the reach of flaws or external attacks can be limited to less sensitive function blocks. A basic example of uVisor is preventing unauthorised access to flash memory from faulty or compromised code. This not only prevents malware from getting resident on the device, but also enables protection of device secrets like cryptographic keys. Services built on top of ARM's security layer can safely depend on an unclonable trusted identity, secure access to internet services and benefit from encryption key protection.
https://github.com/ARMmbed/uvisor (uVisor documentation and sources)
https://github.com/ARMmbed/uvisor-lib/blob/master/DOCUMENTATION.md (API docs)
https://github.com/ARMmbed/uvisor-lib (integration in ARMmbed)
Slideshow Milosch Meriac presented at ARM TechCon: Resilient IoT Security The end of flat security models