Armv8 and Armv8-M processor already support Arm TrustZone security, which aims to prevent software attacks against the target device. However, if a hacker has physical access to the hardware, it may not be sufficient to prevent hacking.
Arm Cortex-M35P core addresses this issue by providing physical (hence the P in the name) security with anti-tampering features that protect against access even with direct access to the hardware.
- Architecture – Armv8-M Mainline (Harvard)
- ISA Support – Thumb/Thumb-2
- Pipeline – Three-stage
- Software security – Optional TrustZone for Armv8-M, stack pointers checking
- Physical security – Built-in protection from invasive and non-invasive attacks
- DSP Extensions
- Optional DSP/SIMD instructions
- Single cycle 16/32-bit MAC
- Single cycle dual 16-bit MAC
- 8/16-bit SIMD arithmetic
- Floating Point Unit – Optional single precision floating point unit,IEEE 754 compliant
- Co-processor interface – Optional dedicated co-processor bus interface for up to 8 co-processor units for custom compute
- Memory Protection – Optional Memory Protection Unit (MPU) with up to 16 regions per security state
- Interrupts – Non-Maskable Interrupt (NMI) and up to 480 physical interrupts with 8 to 256 priority levels
- Wake-up Interrupt Controller – Optional for waking up the processor from state retention power gating or when all clocks are stopped
- Sleep Modes – Integrated Wait for Event (WFE) and Wait for Interrupt (WFI) instructions with Sleep On Exit functionality
- Debug – Optional JTAG and Serial Wire Debug ports. Up to 8 Breakpoints and 4 Watchpoints
- Trace – Optional Instruction Trace (ETM), Micro Trace Buffer (MTB), Data Trace (DWT), and Instrumentation Trace (ITM)
- Cache – Instruction cache. Customizable cache parity to create an ECC (error correcting code) for safety applications.
Physical protection is achieved though multiple security features including:
- Uniform-timing to execute instructions in a constant number of cycle to avoid information leaks
- 100% parity coverage with every flop in the processor is protected with a configurable parity in order to detect random errors and/or injected faults.
I doubt your smart light bulb will come with such physical security, and Arm Cortex M35P – and other Arm “P” processor – will likely be found in high-value applications such as payment terminals, life-sustaining medical devices, and automotive applications.
You’ll find more details on Arm Cortex M35P’s product page, and Arm Community’s blog post. If you are interested in learning more about device security with Arm devices in general, you may want to check out Arm Platform Security Architecture (PSA) resources page.
Jean-Luc started CNX Software in 2010 as a part-time endeavor, before quitting his job as a software engineering manager, and starting to write daily news, and reviews full time later in 2011.
Support CNX Software! Donate via cryptocurrencies, become a Patron on Patreon, or purchase goods on Amazon or Aliexpress