SlideShare a Scribd company logo

Right-sized security for IoT - ARM

P
Phil Hughes

A visual look at what to consider when designing secure chips for IoT from ARM

Technology
1 of 1
Download to read offline
Right-sized Security for IoT Mike Eftimakis IoT Product Manager, ARM Case study – Tape-out a secure IoT chip in 3 months! Selecting the “Right Size” for IoT security HW Attacks  Physical access to device – JTAG, Bus, IO Pins  Well resourced and funded  Time, money & equipmentSoftware Attacks  Buffer overflows  Interrupts  Malware Communication Attacks  Man In The Middle  Weak RNG  Code vulnerabilities Cost/Effort To Attack Cost/Effort to Secure Non scalable IoT Subsystem for Cortex-M eFlash Interconnect Flash Cache eFlash Flash Cntl SRAM Controller APB PeripheralsSRAMSRAMSRAMSRAM ProcessorCortex-M CoreSightSoC mbed OS Device Drivers Application Beetle Test chip Power Management TRNG APB Bridge Cordio Radio ARM® mbed™ OS (including mbedTLS, mbed uVisor) TRNG (from ARM TrustZone® CryptoCell) ARM IoT Subsystem for Cortex®-M ARM Cortex-M3 ARM Cordio® Radio  Device management  Support for bootstrapping / provisioning / refurbishing / decommissioning  Behaviour monitoring  Device integrity  Protect from untrusted software  Allow recovery from attack  Asset protection  Prevent access to certain resources  Data Security  Keep data confidential  Prevent data alteration  Physical Security  Anti-tampering protection  Future-proofing  Keep firmware up-to-date Device security Communications security Lifecycle security  Link encryption  Prevent eavesdroppers to listen  Authentication  Guarantee identity of endpoint / server  Anonymity/Confidentiality  Keep identity unknown to eavesdroppers  Prevent traceability Implement OMA LWM2M ImplementTLS Root of Trust + Chain ofTrust HW backed partitioning (MPU) Implement Dual Flash bank + Secure FoTA HW backed partitioning (MPU) Partition SW Resource IoT node Cloud Disrupt device Observe / corrupt data Access protected network Damage cost = value of lost data or side information (presence…) Damage cost = value of lost cloud data or value of the network infrastructure Damage cost = value of disabled node or value of lost node data × Scale of network!!! Estimate threats for your application “Security” has different meanings Device management Support for bootstrapping / provisioning / refurbishing / decommissioning Behaviour monitoring Device integrity Protect from untrusted software Allow recovery from attack Asset protection Prevent access to certain resources Data Security Keep data confidential Prevent data alteration Physical Security Anti-tampering protection Future-proofing Keep firmware up-to-date Device security Communications security Lifecycle security Link encryption Prevent eavesdroppers to listen Authentication Guarantee identity of endpoint / server Anonymity/Confidentiality Keep identity unknown to eavesdroppers Prevent traceability Select the “right-sized” security!  Security is expensive  Need to understand the threats  Use threat model adapted to IoT

Recommended

Hardware Security
Hardware SecurityHardware Security
Hardware SecurityMani Rathnam
 
Hardware security
Hardware securityHardware security
Hardware securityRajKumar4943
 
Presentation1 new (1) (1)cf
Presentation1 new (1) (1)cfPresentation1 new (1) (1)cf
Presentation1 new (1) (1)cftoamma
 
Hardware, and Trust Security: Explain it like I’m 5!
Hardware, and Trust Security: Explain it like I’m 5!Hardware, and Trust Security: Explain it like I’m 5!
Hardware, and Trust Security: Explain it like I’m 5!Teddy Reed
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network securityIGZ Software house
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewMohamed Loey
 
Network Security
Network Security Network Security
Network Security Abdul Qadir Pattal
 
Network security
Network securityNetwork security
Network securityHarsh Kishore Mishra
 

Recommended

Hardware Security
Hardware SecurityHardware Security
Hardware SecurityMani Rathnam
 
Hardware security
Hardware securityHardware security
Hardware securityRajKumar4943
 
Presentation1 new (1) (1)cf
Presentation1 new (1) (1)cfPresentation1 new (1) (1)cf
Presentation1 new (1) (1)cftoamma
 
Hardware, and Trust Security: Explain it like I’m 5!
Hardware, and Trust Security: Explain it like I’m 5!Hardware, and Trust Security: Explain it like I’m 5!
Hardware, and Trust Security: Explain it like I’m 5!Teddy Reed
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network securityIGZ Software house
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewMohamed Loey
 
Network Security
Network Security Network Security
Network Security Abdul Qadir Pattal
 
Network security
Network securityNetwork security
Network securityHarsh Kishore Mishra
 
Cyber tooth briefing
Cyber tooth briefingCyber tooth briefing
Cyber tooth briefingAndrew Sispoidis
 
Network security
Network securityNetwork security
Network securitySimranpreet Singh
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Hardwar based Security of Systems
Hardwar based Security of SystemsHardwar based Security of Systems
Hardwar based Security of SystemsJamal Jamali
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Network Security
Network SecurityNetwork Security
Network SecurityTechknow Book
 
Cryptppt1
Cryptppt1Cryptppt1
Cryptppt1Anu Chaudhry
 
Information System Security introduction
Information System Security introductionInformation System Security introduction
Information System Security introductionShu Shin
 
Network security
Network security Network security
Network security Madhumithah Ilango
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityShafaan Khaliq Bhatti
 
Network security
Network securityNetwork security
Network securityNkosinathi Lungu
 
xDEFENSE: An Extended DEFENSE for mitigating Next Generation Intrusions
xDEFENSE: An Extended DEFENSE for mitigating Next Generation IntrusionsxDEFENSE: An Extended DEFENSE for mitigating Next Generation Intrusions
xDEFENSE: An Extended DEFENSE for mitigating Next Generation IntrusionsVivek Venugopalan
 
Modern Network Security Issue and Challenge
Modern Network Security Issue and ChallengeModern Network Security Issue and Challenge
Modern Network Security Issue and ChallengeIkhtiar Khan Sohan
 
Firewall
FirewallFirewall
FirewallSami Bacha
 
Network Security Certification
Network Security CertificationNetwork Security Certification
Network Security CertificationVskills
 
Ethical hacking ppt
Ethical hacking pptEthical hacking ppt
Ethical hacking pptNitesh Dubey
 
What is network security and Types
What is network security and TypesWhat is network security and Types
What is network security and TypesVikram Khanna
 
Firewall
FirewallFirewall
FirewallMuhammad Sohaib Afzaal
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security pptSAIKAT BISWAS
 
IoT security-arrow-roadshow #iotconfua
IoT security-arrow-roadshow #iotconfuaIoT security-arrow-roadshow #iotconfua
IoT security-arrow-roadshow #iotconfuaAndy Shutka
 
Using the Joomla Framework for Internet of Things (IoT) Case for Lighting Con...
Using the Joomla Framework for Internet of Things (IoT) Case for Lighting Con...Using the Joomla Framework for Internet of Things (IoT) Case for Lighting Con...
Using the Joomla Framework for Internet of Things (IoT) Case for Lighting Con...Parth Lawate
 
GSMA Final Project by Denson Ngumo
GSMA Final Project by Denson NgumoGSMA Final Project by Denson Ngumo
GSMA Final Project by Denson NgumoDenson Ngumo
 

More Related Content

What's hot

Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Hardwar based Security of Systems
Hardwar based Security of SystemsHardwar based Security of Systems
Hardwar based Security of SystemsJamal Jamali
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Information System Security introduction
Information System Security introductionInformation System Security introduction
Information System Security introductionShu Shin
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityShafaan Khaliq Bhatti
 
xDEFENSE: An Extended DEFENSE for mitigating Next Generation Intrusions
xDEFENSE: An Extended DEFENSE for mitigating Next Generation IntrusionsxDEFENSE: An Extended DEFENSE for mitigating Next Generation Intrusions
xDEFENSE: An Extended DEFENSE for mitigating Next Generation IntrusionsVivek Venugopalan
 
Modern Network Security Issue and Challenge
Modern Network Security Issue and ChallengeModern Network Security Issue and Challenge
Modern Network Security Issue and ChallengeIkhtiar Khan Sohan
 
Network Security Certification
Network Security CertificationNetwork Security Certification
Network Security CertificationVskills
 
Ethical hacking ppt
Ethical hacking pptEthical hacking ppt
Ethical hacking pptNitesh Dubey
 
What is network security and Types
What is network security and TypesWhat is network security and Types
What is network security and TypesVikram Khanna
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security pptSAIKAT BISWAS
 
IoT security-arrow-roadshow #iotconfua
IoT security-arrow-roadshow #iotconfuaIoT security-arrow-roadshow #iotconfua
IoT security-arrow-roadshow #iotconfuaAndy Shutka
 

What's hot (20)

Cyber tooth briefing
Cyber tooth briefingCyber tooth briefing
Cyber tooth briefing
 
Network security
Network securityNetwork security
Network security
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
 
Hardwar based Security of Systems
Hardwar based Security of SystemsHardwar based Security of Systems
Hardwar based Security of Systems
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Network Security
Network SecurityNetwork Security
Network Security
 
Cryptppt1
Cryptppt1Cryptppt1
Cryptppt1
 
Information System Security introduction
Information System Security introductionInformation System Security introduction
Information System Security introduction
 
Network security
Network security Network security
Network security
 
Chapter 1: Overview of Network Security
Chapter 1: Overview of Network SecurityChapter 1: Overview of Network Security
Chapter 1: Overview of Network Security
 
Network security
Network securityNetwork security
Network security
 
xDEFENSE: An Extended DEFENSE for mitigating Next Generation Intrusions
xDEFENSE: An Extended DEFENSE for mitigating Next Generation IntrusionsxDEFENSE: An Extended DEFENSE for mitigating Next Generation Intrusions
xDEFENSE: An Extended DEFENSE for mitigating Next Generation Intrusions
 
Modern Network Security Issue and Challenge
Modern Network Security Issue and ChallengeModern Network Security Issue and Challenge
Modern Network Security Issue and Challenge
 
Firewall
FirewallFirewall
Firewall
 
Network Security Certification
Network Security CertificationNetwork Security Certification
Network Security Certification
 
Ethical hacking ppt
Ethical hacking pptEthical hacking ppt
Ethical hacking ppt
 
What is network security and Types
What is network security and TypesWhat is network security and Types
What is network security and Types
 
Firewall
FirewallFirewall
Firewall
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
 
IoT security-arrow-roadshow #iotconfua
IoT security-arrow-roadshow #iotconfuaIoT security-arrow-roadshow #iotconfua
IoT security-arrow-roadshow #iotconfua
 

Viewers also liked

Using the Joomla Framework for Internet of Things (IoT) Case for Lighting Con...
Using the Joomla Framework for Internet of Things (IoT) Case for Lighting Con...Using the Joomla Framework for Internet of Things (IoT) Case for Lighting Con...
Using the Joomla Framework for Internet of Things (IoT) Case for Lighting Con...Parth Lawate
 
GSMA Final Project by Denson Ngumo
GSMA Final Project by Denson NgumoGSMA Final Project by Denson Ngumo
GSMA Final Project by Denson NgumoDenson Ngumo
 
How telecom industry realte with IoT as a new area of business- TDC a case study
How telecom industry realte with IoT as a new area of business- TDC a case studyHow telecom industry realte with IoT as a new area of business- TDC a case study
How telecom industry realte with IoT as a new area of business- TDC a case studyMd. Kamrul Islam
 
Jaakko Kankaanpää - IoT Took My Money - Mindtrek 2016
Jaakko Kankaanpää - IoT Took My Money - Mindtrek 2016Jaakko Kankaanpää - IoT Took My Money - Mindtrek 2016
Jaakko Kankaanpää - IoT Took My Money - Mindtrek 2016Mindtrek
 
Use of IoT in increasing opeartional efficiency in manufacturing plants- a ca...
Use of IoT in increasing opeartional efficiency in manufacturing plants- a ca...Use of IoT in increasing opeartional efficiency in manufacturing plants- a ca...
Use of IoT in increasing opeartional efficiency in manufacturing plants- a ca...Manish Saxena
 
Case Study: IoT industry applied to the production of Peruvian native potatoes
Case Study: IoT industry applied to the production of Peruvian native potatoesCase Study: IoT industry applied to the production of Peruvian native potatoes
Case Study: IoT industry applied to the production of Peruvian native potatoesWilmer Caról Azurza Neyra
 
Mobile + Cloud + IoT - Case Study
Mobile + Cloud + IoT - Case StudyMobile + Cloud + IoT - Case Study
Mobile + Cloud + IoT - Case StudyAndri Yadi
 
Iot, cloud and healthcare - Challenges and Opportunities
Iot, cloud and healthcare - Challenges and OpportunitiesIot, cloud and healthcare - Challenges and Opportunities
Iot, cloud and healthcare - Challenges and OpportunitiesArash Ghadar
 
The Internet of Cars - Towards the Future of the Connected Car
The Internet of Cars - Towards the Future of the Connected CarThe Internet of Cars - Towards the Future of the Connected Car
The Internet of Cars - Towards the Future of the Connected CarJorgen Thelin
 
An Introduction to IoT: Connectivity & Case Studies
An Introduction to IoT: Connectivity & Case StudiesAn Introduction to IoT: Connectivity & Case Studies
An Introduction to IoT: Connectivity & Case Studies3G4G
 

Viewers also liked (11)

Using the Joomla Framework for Internet of Things (IoT) Case for Lighting Con...
Using the Joomla Framework for Internet of Things (IoT) Case for Lighting Con...Using the Joomla Framework for Internet of Things (IoT) Case for Lighting Con...
Using the Joomla Framework for Internet of Things (IoT) Case for Lighting Con...
 
GSMA Final Project by Denson Ngumo
GSMA Final Project by Denson NgumoGSMA Final Project by Denson Ngumo
GSMA Final Project by Denson Ngumo
 
How telecom industry realte with IoT as a new area of business- TDC a case study
How telecom industry realte with IoT as a new area of business- TDC a case studyHow telecom industry realte with IoT as a new area of business- TDC a case study
How telecom industry realte with IoT as a new area of business- TDC a case study
 
Jaakko Kankaanpää - IoT Took My Money - Mindtrek 2016
Jaakko Kankaanpää - IoT Took My Money - Mindtrek 2016Jaakko Kankaanpää - IoT Took My Money - Mindtrek 2016
Jaakko Kankaanpää - IoT Took My Money - Mindtrek 2016
 
Use of IoT in increasing opeartional efficiency in manufacturing plants- a ca...
Use of IoT in increasing opeartional efficiency in manufacturing plants- a ca...Use of IoT in increasing opeartional efficiency in manufacturing plants- a ca...
Use of IoT in increasing opeartional efficiency in manufacturing plants- a ca...
 
Case Study: IoT industry applied to the production of Peruvian native potatoes
Case Study: IoT industry applied to the production of Peruvian native potatoesCase Study: IoT industry applied to the production of Peruvian native potatoes
Case Study: IoT industry applied to the production of Peruvian native potatoes
 
Mobile + Cloud + IoT - Case Study
Mobile + Cloud + IoT - Case StudyMobile + Cloud + IoT - Case Study
Mobile + Cloud + IoT - Case Study
 
Iot, cloud and healthcare - Challenges and Opportunities
Iot, cloud and healthcare - Challenges and OpportunitiesIot, cloud and healthcare - Challenges and Opportunities
Iot, cloud and healthcare - Challenges and Opportunities
 
The Internet of Cars - Towards the Future of the Connected Car
The Internet of Cars - Towards the Future of the Connected CarThe Internet of Cars - Towards the Future of the Connected Car
The Internet of Cars - Towards the Future of the Connected Car
 
IoT in Healthcare
IoT in HealthcareIoT in Healthcare
IoT in Healthcare
 
An Introduction to IoT: Connectivity & Case Studies
An Introduction to IoT: Connectivity & Case StudiesAn Introduction to IoT: Connectivity & Case Studies
An Introduction to IoT: Connectivity & Case Studies
 

Similar to Right-sized security for IoT - ARM

Network and Security-2.pptx
Network and Security-2.pptxNetwork and Security-2.pptx
Network and Security-2.pptxDhanvanthkesavan
 
IoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsIoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsEric Larcheveque
 
Computer Systems Security
Computer Systems SecurityComputer Systems Security
Computer Systems Securitydrkelleher
 
Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01Miigaa Mine
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level securityChetan Kumar S
 
Automotive security (cvta)
Automotive security (cvta)Automotive security (cvta)
Automotive security (cvta)Alan Tatourian
 
Building Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal DevicesBuilding Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal DevicesJavier González
 
Chapter14 -- networking security
Chapter14 -- networking securityChapter14 -- networking security
Chapter14 -- networking securityRaja Waseem Akhtar
 
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016David Glover
 
Seminar (network security)
Seminar (network security)Seminar (network security)
Seminar (network security)Gaurav Dalvi
 
BKK16-200 Designing Security into low cost IO T Systems
BKK16-200 Designing Security into low cost IO T SystemsBKK16-200 Designing Security into low cost IO T Systems
BKK16-200 Designing Security into low cost IO T SystemsLinaro
 
謝續平
謝續平謝續平
謝續平9577601
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systemsAlan Tatourian
 
Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Ahmed Mohamed Mahmoud
 
R U aBLE? BLE Application Hacking
R U aBLE? BLE Application HackingR U aBLE? BLE Application Hacking
R U aBLE? BLE Application HackingTal Melamed
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Rishabh Dangwal
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessMicrosoft Tech Community
 
Wireless Security and Mobile DevicesChapter 12Princi.docx
Wireless Security and Mobile DevicesChapter 12Princi.docxWireless Security and Mobile DevicesChapter 12Princi.docx
Wireless Security and Mobile DevicesChapter 12Princi.docxadolphoyonker
 
Network Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information SecurityNetwork Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information SecurityEryk Budi Pratama
 

Similar to Right-sized security for IoT - ARM (20)

Network and Security-2.pptx
Network and Security-2.pptxNetwork and Security-2.pptx
Network and Security-2.pptx
 
IoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsIoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutions
 
Computer Systems Security
Computer Systems SecurityComputer Systems Security
Computer Systems Security
 
Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level security
 
Automotive security (cvta)
Automotive security (cvta)Automotive security (cvta)
Automotive security (cvta)
 
Building Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal DevicesBuilding Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal Devices
 
Chapter14 -- networking security
Chapter14 -- networking securityChapter14 -- networking security
Chapter14 -- networking security
 
S T M U T M
S T M U T MS T M U T M
S T M U T M
 
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
Microsoft IoT Security @ Xpand:X:ED Meetup Sydney Feb 2016
 
Seminar (network security)
Seminar (network security)Seminar (network security)
Seminar (network security)
 
BKK16-200 Designing Security into low cost IO T Systems
BKK16-200 Designing Security into low cost IO T SystemsBKK16-200 Designing Security into low cost IO T Systems
BKK16-200 Designing Security into low cost IO T Systems
 
謝續平
謝續平謝續平
謝續平
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systems
 
Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Internet of things security "Hardware Security"
Internet of things security "Hardware Security"
 
R U aBLE? BLE Application Hacking
R U aBLE? BLE Application HackingR U aBLE? BLE Application Hacking
R U aBLE? BLE Application Hacking
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
Wireless Security and Mobile DevicesChapter 12Princi.docx
Wireless Security and Mobile DevicesChapter 12Princi.docxWireless Security and Mobile DevicesChapter 12Princi.docx
Wireless Security and Mobile DevicesChapter 12Princi.docx
 
Network Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information SecurityNetwork Security - Defense Through Layered Information Security
Network Security - Defense Through Layered Information Security
 

Recently uploaded

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 

Recently uploaded (20)

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 

Right-sized security for IoT - ARM

  • 1. Right-sized Security for IoT Mike Eftimakis IoT Product Manager, ARM Case study – Tape-out a secure IoT chip in 3 months! Selecting the “Right Size” for IoT security HW Attacks  Physical access to device – JTAG, Bus, IO Pins  Well resourced and funded  Time, money & equipmentSoftware Attacks  Buffer overflows  Interrupts  Malware Communication Attacks  Man In The Middle  Weak RNG  Code vulnerabilities Cost/Effort To Attack Cost/Effort to Secure Non scalable IoT Subsystem for Cortex-M eFlash Interconnect Flash Cache eFlash Flash Cntl SRAM Controller APB PeripheralsSRAMSRAMSRAMSRAM ProcessorCortex-M CoreSightSoC mbed OS Device Drivers Application Beetle Test chip Power Management TRNG APB Bridge Cordio Radio ARM® mbed™ OS (including mbedTLS, mbed uVisor) TRNG (from ARM TrustZone® CryptoCell) ARM IoT Subsystem for Cortex®-M ARM Cortex-M3 ARM Cordio® Radio  Device management  Support for bootstrapping / provisioning / refurbishing / decommissioning  Behaviour monitoring  Device integrity  Protect from untrusted software  Allow recovery from attack  Asset protection  Prevent access to certain resources  Data Security  Keep data confidential  Prevent data alteration  Physical Security  Anti-tampering protection  Future-proofing  Keep firmware up-to-date Device security Communications security Lifecycle security  Link encryption  Prevent eavesdroppers to listen  Authentication  Guarantee identity of endpoint / server  Anonymity/Confidentiality  Keep identity unknown to eavesdroppers  Prevent traceability Implement OMA LWM2M ImplementTLS Root of Trust + Chain ofTrust HW backed partitioning (MPU) Implement Dual Flash bank + Secure FoTA HW backed partitioning (MPU) Partition SW Resource IoT node Cloud Disrupt device Observe / corrupt data Access protected network Damage cost = value of lost data or side information (presence…) Damage cost = value of lost cloud data or value of the network infrastructure Damage cost = value of disabled node or value of lost node data × Scale of network!!! Estimate threats for your application “Security” has different meanings Device management Support for bootstrapping / provisioning / refurbishing / decommissioning Behaviour monitoring Device integrity Protect from untrusted software Allow recovery from attack Asset protection Prevent access to certain resources Data Security Keep data confidential Prevent data alteration Physical Security Anti-tampering protection Future-proofing Keep firmware up-to-date Device security Communications security Lifecycle security Link encryption Prevent eavesdroppers to listen Authentication Guarantee identity of endpoint / server Anonymity/Confidentiality Keep identity unknown to eavesdroppers Prevent traceability Select the “right-sized” security!  Security is expensive  Need to understand the threats  Use threat model adapted to IoT