Part of the  

Chip Design Magazine

  Network

About  |  Contact

Posts Tagged ‘Embedded World 2014’

Deeper Dive – Sicherheit at Embedded World 2014

Thursday, March 6th, 2014

By Caroline Hayes, Senior Editor

I learned many things at Embedded World 2014, among which was the fact that the German word for safety and the word for security are the same (sicherheit). Only the context of the conversation will reveal which is being discussed.

From left: Professor Matthias Sturm, Chairman of the Advisory Council for Embedded World, Richard York, ARM, Richard Krowoza, Nürnberg Messe.

Sicherheit (security) of the Internet of Things was on most people’s minds but at ARM’s booth the company managed to mention both. Rather confusingly, its ARM V8-R architecture won the Hardware Embedded Award at this year’s show. It does however show how the company is coming up with strategies in architecture to extend safety and security, explained Chris Turner, Senior Product Marketing Manager, Processor Division.

At Embedded World, one theme was securing the Internet of Things. Virtualisation technology, said Turner, is an enabler for safety and security, with the ARM V8-R architecture being a variant of virtualisation with partitioning and protection. The inability to write to a peripheral in another partition provides an extra layer of security in a networked and connected environment. ʺSwitching context between partitions leads to functional safety in industrial and automotive controls,“ according to Turner. “The automotive Tier 1 companies know this [technology] is coming; there are no processors or cores available just yet, but they are due in 12 months,“ said Turner.

Green Hills was also talking to Embedded World visitors about security. Chief Technology Officer, David Kleidermacher presented a keynote on the first morning entitled Securing the Internet of Things. The presentation was repeated on the company booth for those who missed it. He argued that the industry has reached an ʺinflection point, where even the most resource-constrained device, such as battery-powered industrial sensors, can host sophisticated communications stacks“. He believes that all the resources are being poured into protocols, standards and applications, with security as an after-thought. The company used the event as a platform for its design philosophy that security should be designed in early to protect. Chris Smith, Vice President, Marketing, described the Principals of Phase, where the level of access is decided, starting with the minimal parts first for a secure system. ʺOpen source and embedded Linux have a role,“ he said, ʺbut can only be used in certain ways. There are legal implications and security risks associated with the available IP.“ The company instead used the international event to emphasize its security products that are available and highlight the engineering code issues as well as the Design Philosophy that can safeguard the security of the Internet of Things.

Another advocate of building in security at the beginning of the design cycle is LynxWorks. “It should be designed in from the beginning,” said Lee Cresswell, Sales Director, LynxWorks. He explained the company’s multi-layer approach “LynxSource 7 has deterministic features and a level of security, the hypervisor goes under the software. There are no device drivers – most attacks are via device drivers,” he explained. Cresswell. LynxSecure uses a separate kernel hypervisor for virtualisation, which is similar to a micro kernel, and a guest OS can be run on top of it. “This allows separation at the device level and each device can only work in the OS the engineer has designed it for”.

The open standards-based RTOS includes security features such as discretionary access control, where access is granted based on the roles, capabilities and privileges of processor files. Another safety net, is quotas, which allow only a certain amount of space for the CPU or other processor. Cresswell explained that requests for battery wake-up is one method of attack; the result is that the battery of the CPU, for example, can be run down and drained. Finally there is residual information protection, which frees up memory or space, returning it to zero, to eradicate data, so that it cannot be read when the system is finished with that particular data.

At this year’s Embedded World, there were several strands of interest and application areas, but one common thread – whatever you want to call it – was the protection of data and of systems.


Extension Media websites place cookies on your device to give you the best user experience. By using our websites, you agree to placement of these cookies and to our Privacy Policy. Please click here to accept.