DOCSLIB.ORG

Building Mbed Together: an Overview of Mbed OS

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Building Mbed Together: an Overview of Mbed OS Building mbed Together: An Overview of mbed OS Eric Yang Staff Applications Engineer, IoT BU ARM Tech Symposia China 2015 November 2015 mbed OS: Built for IoT at Scale Professional online/offline dev tools A component ® management Cloud IDE Keil MDK support Benefiting and build tool yotta GCC + ARMCC5 from TM mbed Enhancements backported Hardening for production devices OS from mbed OS Managing connected devices across vast Use of free and online tools networks Make microcontroller development easy End to end security in hardware and Rapid prototyping software mbed SDK/Classic mbed OS 2 © ARM 2015 mbed OS: Built for IoT at Scale Professional online/offline dev tools Available A component ® now management Cloud IDE Keil MDK support Benefiting and build tool yotta GCC + ARMCC5 from TM mbed Enhancements backported Hardening for production devices OS from mbed OS Managing connected devices across vast Use of free and online tools networks Make microcontroller development easy End to end security in hardware and Rapid prototyping software mbed SDK/Classic mbed OS 3 © ARM 2015 mbed OS Technology Preview Application Code Libraries mbed OS API Communication Management mbed Client mbed OS Device Management mbed TLS Core Schedulers Event BLE API IP Stack Energy Tasks Thread API mbed OS WiFi 6LoWPAN Thread BLE Drivers CMSIS-Core Debug Support Device Drivers mbed OS Secure Drivers SW Crypto Lifecycle Security uVisor uVisor Hardware Interfaces ARM Cortex® -M CPU Crypto Radio Sensor 4 © ARM 2015 mbed OS Technology Preview yotta Application Code Libraries component mbed OS API management Communication Management mbed Client mbed OS Device Management mbed TLS Core Schedulers Event BLE API IP Stack Energy Tasks Thread API mbed OS WiFi 6LoWPAN Thread BLE Drivers CMSIS-Core Debug Support Device Drivers mbed OS Secure Drivers SW Crypto Lifecycle Security uVisor uVisor Hardware Interfaces ARM Cortex-M CPU Crypto Radio Sensor 5 © ARM 2015 mbed OS Technology Preview yotta Application Code Libraries component mbed OS API management Communication Management mbed Client mbed OS Device Management mbed TLS Core Schedulers Event BLE API IP Stack Energy Tasks Thread API mbed OS WiFi 6LoWPAN Thread BLE uVisorDrivers CMSIS-Core Debug Support Device Drivers secure mbed OS Secure Drivers SW Crypto Lifecycle Security isolationuVisor uVisor Hardware Interfaces ARM Cortex-M CPU Crypto Radio Sensor 6 © ARM 2015 mbed OS Technology Preview yotta Application Code Libraries component mbed OS API management Communication Management mbed Client mbed OS Device Management mbed TLS mbed Client Core Schedulers Event BLE API IP Stack Energy Tasks Thread API mbed OS WiFi 6LoWPAN Thread BLE uVisorDrivers CMSIS-Core Debug Support Device Drivers secure mbed OS Secure Drivers SW Crypto Lifecycle Security isolationuVisor uVisor Hardware Interfaces ARM Cortex-M CPU Crypto Radio Sensor 7 © ARM 2015 mbed OS Technology Preview yotta Application Code Libraries component mbed OS API management Communication Management mbed Client Device Management mbed TLS mbed Client mbed OS Core Schedulers Event BLE API IP Stack Energy Tasks Thread API mbed OS WiFi 6LoWPAN Thread BLE uVisorDrivers CMSIS-Core Debug Support Device Drivers secure mbed OS Secure Drivers SW Crypto Lifecycle Security isolationuVisor uVisor Hardware Interfaces ARM Cortex-M CPU Crypto Radio Sensor 8 © ARM 2015 yotta . yotta is a tool that makes it easy to re-use software modules, and compose them together to form libraries, programs, and whole systems . Defines how modules are packaged, but not what they contain . Responsible for build system, managing configuration . Comes with a public registry of re-usable components . mbed OS is made up of many yotta modules, and mbed OS systems and applications are constructed and built using yotta 9 © ARM 2015 uVisor . A tiny, hypervisor/microkernel-like security kernel at the foundation of mbed OS . Creates and enforces secure isolation boundaries within the OS, between different parts of the system . Enables secrets to be strongly protected against software and network-bourn attackers . Efficient hardware enforcement through the memory protection unit (MPU) 10 © ARM 2015 uVisor – World View Security Functionality: Remainder of mbed OS: • Cryptography • HAL + Drivers • Key Management • Scheduler • Secure FW Upgrade • Connectivity Stack(s) • Secure Identity • Device Management • Security Monitoring • User Application Code and Libraries Isolated Strong Non-critical Separation uVisor 11 © ARM 2015 Thread . A secure wireless mesh network technology for your home . Built on proven, existing internet technologies . New security architecture makes it simple and secure to add / remove products . Supports very low power, sleepy devices . Application-layer agnostic, like WiFi . Leading support built into mbed OS . Choice of hardware portability for future proofed systems 12 © ARM 2015 mbed Client . Connects to mbed Device Connector and mbed Enabled Services Application and Service Integration . Included as part of mbed OS, also mbed Client C++ API portable to other platforms Device Connector including Linux and third party Support RTOS Protocol Implementations: LWM2M, CoAP, HTTP . Channel Security Implementations: TLS, DTLS Implements protocols and support for securely publishing resources Client Library Port (e.g. sensor data), and managing the mbed OS or RTOS/Linux + Networking device from the cloud 13 © ARM 2015 Accelerating pace of progress Fourth Release of 2015 Second Public mbed OS Release Investing in quality 14 © ARM 2015 Community Workflow •Partnership •Collaboration •mbed.com •Licensing •mbed Enabled •Testing •Continuous Integration Tools •yotta •IDEs •greentea •Developer Services 15 © ARM 2015 mbed is More Than an Operating System Systems and modules Developer tools, support and community Cloud and services partnership 16 © ARM 2015 Collaboration . Building the mbed ecosystem together allows us to: . Increase the effect of the effort put into it . Increase the overall developing power . Increase the reach and the network effect . Focus on our own core capabilities 17 © ARM 2015 Collaboration in Practice . All source code and binary blobs available on Github . Why binary blobs? 18 © ARM 2015 Licensing Application Code Libraries . Clear licensing model mbed OS API Communication Management mbed Client (CoAP, HTTP, LWM2M) . Apache 2.0 Device Management mbed TLS . Permissive Binary License mbed OS Core Schedulers Event BLE API IP Stack Energy Tasks Thread API . SPDX mbed OS WiFi 6LoWPAN Thread BLE Drivers CMSIS-Core Debug Support Device Drivers mbed OS Secure Drivers SW Crypto Lifecycle Security uVisor uVisor Hardware Interfaces ARMv6-M ARMv7-M Radio MCU ARM Cortex-M CPU Crypto Sensor 19 © ARM 2015 Permissive Binary License . Why is it needed? . There is no simple standard license for permissive binary use . Legal protection against reverse engineering . Clarity about patent grant . Valid use cases: . Technology specification under embargo 20 © ARM 2015 SPDX . What is SPDX? “The Software Package Data Exchange® (SPDX® ) specification is a standard format for communicating the components, licenses and copyrights associated with a software package.” . How do we use it? Copyright (c) 2014-2015, ARM Limited, All Rights Reserved SPDX-License-Identifier: Apache-2.0 21 © ARM 2015 Contributing . mbed Contributor License Agreement . In place for Github ID . If you just want to have it on the list: File an issue report . If you want to collaborate on adding / fixing: Send in a Pull Requests 22 © ARM 2015 Pull Request Requirements . Small purposeful minimal atomic commits . Concise and sensible one-line description . Further lines elaborate on reasoning of the choices taken, descriptions for reviewers and other information that otherwise might get lost. Documentation in code and repository should be updated . Pass our Continuous Integration testing . No confidential information, references to private documents or rudeness. 23 © ARM 2015 Component Development ARM CI ARMmbed/foo Setup v1.2.0 v1.2.1 1.2-bugfix v1.3.0 maintainer 24 © ARM 2015 Component Development ARM CI my CI Setup me/foo ARMmbed/foo Setup v1.2.0 v1.2.0 v1.2.1 v1.2.1 1.2-bugfix 1.2-bugfix v1.3.0 v1.3.0 feature contributor maintainer 25 © ARM 2015 Contribution Model (Pull Requests) ARM CI my CI Setup me/foo ARMmbed/foo Setup v1.2.0 v1.2.0 v1.2.1 v1.2.1 1.2-bugfix 1.2-bugfix v1.3.0 v1.3.0 feature pull request tests proposed merge contributor maintainer 26 © ARM 2015 Contribution Model (Pull Requests) ARM CI my CI Setup me/foo ARMmbed/foo Setup v1.2.0 v1.2.0 v1.2.1 v1.2.1 1.2-bugfix 1.2-bugfix v1.3.0 v1.3.0 feature pull request contributor maintainer 27 © ARM 2015 Component Management . yotta . a tool that we're building at mbed, to make it easier to build better software written in C, C++ or other C-family languages. Configure the component . Can bring in component’s dependencies (with version parameters) . Can take target platform into account . Can build the code and run the tests . Can publish code to the central registry 28 © ARM 2015 Registry . Self-contained store of all data for a software component . Contains full source code archive for each version . Smart dependency and version handling 29 © ARM 2015 Software Components . How to install? . What are the dependencies? . Where is the code repository? . Component License . How to build? 30 © ARM 2015 Division of Responsibilities . ARM is the lead maintainer for the core mbed Operating System modules . Silicon partners are responsible for their platform specific drivers . ARM will add them as platform specific dependencies for the relevant mbed OS modules 31 © ARM 2015 Parting Thoughts . We can help each other to make mbed a success . We want to encourage collaboration through: . Github . Clear licensing . Flexible component management . Any suggestions on making it better? Let us know! 32 © ARM 2015 Thank You The trademarks featured in this presentation are registered and/or unregistered trademarks of ARM Limited (or its subsidiaries) in the EU and/or elsewhere. All rights reserved. All other marks featured may be trademarks of their respective owners.
Load more

Recommended publications
  • Mediatek Linkit™ Development Platform for RTOS Get Started Guide
    MediaTek LinkIt™ Development Platform for RTOS Get Started Guide Version: 3.0 Release date: 30 June 2016 © 2015 - 2016 MediaTek Inc. This document contains information that is proprietary to MediaTek Inc. (“MediaTek”) and/or its licensor(s). MediaTek cannot grant you permission for any material that is owned by third parties. You may only use or reproduce this document if you have agreed to and been bound by the applicable license agreement with MediaTek (“License Agreement”) and been granted explicit permission within the License Agreement (“Permitted User”). If you are not a Permitted User, please cease any access or use of this document immediately. Any unauthorized use, reproduction or disclosure of this document in whole or in part is strictly prohibited. THIS DOCUMENT IS PROVIDED ON AN “AS-IS” BASIS ONLY. MEDIATEK EXPRESSLY DISCLAIMS ANY AND ALL WARRANTIES OF ANY KIND AND SHALL IN NO EVENT BE LIABLE FOR ANY CLAIMS RELATING TO OR ARISING OUT OF THIS DOCUMENT OR ANY USE OR INABILITY TO USE THEREOF. Specifications contained herein are subject to change without notice. MediaTek LinkIt™ Development Platform for RTOS Get Started Guide Document Revision History Revision Date Description 1.0 24 March 2016 Initial version. 2.0 17 May 2016 Move the contents relative to flash, HDK, and build comments to corresponding documents. Add the support of Keil 3.0 30 June 2016 Add the support of IAR. Refine the architecture and provide more information on the SDK usage. © 2015 - 2016 MediaTek Inc. Page i of v This document contains information that is proprietary to MediaTek Inc.
    [Show full text]
  • Hannes Tschofenig
    Securing IoT applications with Mbed TLS Hannes Tschofenig Part#2: Public Key-based authentication March 2018 © 2018 Arm Limited Munich Agenda • For Part #2 of the webinar we are moving from Pre-Shared Secrets (PSKs) to certificated-based authentication. • TLS-PSK ciphersuites have • great performance, • low overhead, • small code size. • Drawback is the shared key concept. • Public key cryptography was invented to deal with this drawback (but itself has drawbacks). 2 © 2018 Arm Limited Public Key Infrastructure and certificate configuration © 2018 Arm Limited Public Key Infrastructure Various PKI deployments in existence Structure of our PKI The client has to store: self-signed • Client certificate plus corresponding private key. CA cert • CA certificate, which serves as the trust anchor. The server has to store: Signed by CA Signed by CA • Server certificate plus corresponding private key. Client cert Server cert (Some information for authenticating the client) 4 © 2018 Arm Limited Generating certificates (using OpenSSL tools) • When generating certificates you will be prompted to enter info. You are about to be asked to enter information that will be • The CA cert will end up in the trust incorporated into your certificate request. What you are about to enter is what is called a Distinguished anchor store of the client. Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, • The Common Name used in the server If you enter '.', the field will be left blank. ----- cert needs to be resolvable via DNS Country Name (2 letter code) [AU]:.
    [Show full text]
  • Arxiv:1911.09312V2 [Cs.CR] 12 Dec 2019
    Revisiting and Evaluating Software Side-channel Vulnerabilities and Countermeasures in Cryptographic Applications Tianwei Zhang Jun Jiang Yinqian Zhang Nanyang Technological University Two Sigma Investments, LP The Ohio State University [email protected] [email protected] [email protected] Abstract—We systematize software side-channel attacks with three questions: (1) What are the common and distinct a focus on vulnerabilities and countermeasures in the cryp- features of various vulnerabilities? (2) What are common tographic implementations. Particularly, we survey past re- mitigation strategies? (3) What is the status quo of cryp- search literature to categorize vulnerable implementations, tographic applications regarding side-channel vulnerabili- and identify common strategies to eliminate them. We then ties? Past work only surveyed attack techniques and media evaluate popular libraries and applications, quantitatively [20–31], without offering unified summaries for software measuring and comparing the vulnerability severity, re- vulnerabilities and countermeasures that are more useful. sponse time and coverage. Based on these characterizations This paper provides a comprehensive characterization and evaluations, we offer some insights for side-channel of side-channel vulnerabilities and countermeasures, as researchers, cryptographic software developers and users. well as evaluations of cryptographic applications related We hope our study can inspire the side-channel research to side-channel attacks. We present this study in three di- community to discover new vulnerabilities, and more im- rections. (1) Systematization of literature: we characterize portantly, to fortify applications against them. the vulnerabilities from past work with regard to the im- plementations; for each vulnerability, we describe the root cause and the technique required to launch a successful 1.
    [Show full text]
  • Freescale Iot Solutions APF-SHB-T1454
    Freescale IoT Solutions APF-SHB-T1454 James Huang | Asia MICRO Business Development M A Y . 2 0 1 5 TM External Use The Internet of Things is Driving Explosive Growth 50 In Connected Devices BILLION 25 BILLION 12.5 BILLION 7.6B 7.2B 6.8B 6.5B World 6.3B Population # Connected <1x 1x 2x 3.5x 6.5x Devices/Person 2003 2008 2010 2015 2020 TM External Use 1 * Sources: Ericsson, February 2011; Cisco Internet Business Solutions Group (IBSG), April 2011 IoT emerging as the next mega-trend Internet subscribers over time Source: Goldman Sachs Global Investment Research TM External Use 2 * Sources: Ericsson, February 2011; Cisco Internet Business Solutions Group (IBSG), April 2011 Our Products Power The Internet of Things Microcontrollers | Digital Networking | Auto MCU | Analog and Sensors | RF Traffic Monitoring Metro Cells Base Stations Small Cells Advanced Safety Security Networked Printers Infotainment Radar + Vision Enterprise Gateways, Cloud Data Switchers, Routers Computing Center Home Health Monitors + Fitness Energy Management, Wind + Solar Telehealth Industrial Smart Energy Connected Networking Connected Grid Farms Appliances Digital Power Conversion Energy Human – Machine Meters Interface Home Hubs Machine – Machine Security TM External Use 3 IoT Is More Than M2M The Internet of Things (IoT) is about Machine to Entity (M2E): • Machine to Machine: − Automatic diagnostics for cars: Automatic information collection from your car’s engine management system and sending real- time alerts to drivers or service centers Machine to • Machine to
    [Show full text]
  • Black-Box Security Analysis of State Machine Implementations Joeri De Ruiter
    Black-box security analysis of state machine implementations Joeri de Ruiter 18-03-2019 Agenda 1. Why are state machines interesting? 2. How do we know that the state machine is implemented correctly? 3. What can go wrong if the implementation is incorrect? What are state machines? • Almost every protocol includes some kind of state • State machine is a model of the different states and the transitions between them • When receiving a messages, given the current state: • Decide what action to perform • Which message to respond with • Which state to go the next Why are state machines interesting? • State machines play a very important role in security protocols • For example: • Is the user authenticated? • Did we agree on keys? And if so, which keys? • Are we encrypting our traffic? • Every implementation of a protocol has to include the corresponding state machine • Mistakes can lead to serious security issues! State machine example Confirm transaction Verify PIN 0000 Failed Init Failed Verify PIN 1234 OK Verified Confirm transaction OK State machines in specifications • Often specifications do not explicitly contain a state machine • Mainly explained in lots of prose • Focus usually on happy flow • What to do if protocol flow deviates from this? Client Server ClientHello --------> ServerHello Certificate* ServerKeyExchange* CertificateRequest* <-------- ServerHelloDone Certificate* ClientKeyExchange CertificateVerify* [ChangeCipherSpec] Finished --------> [ChangeCipherSpec] <-------- Finished Application Data <-------> Application Data
    [Show full text]
  • CR1000X Product Manual
    Revision: 07/20/2021 Copyright © 2000 – 2021 Campbell Scientific, Inc. Table of Contents 1. Introduction 1 2. Precautions 2 3. Initial inspection 3 4. CR1000X data acquisition system components 4 4.1 The CR1000X Datalogger 5 4.1.1 Overview 5 4.1.2 Operations 6 4.1.3 Programs 6 4.2 Sensors 6 5. Wiring panel and terminal functions 8 5.1 Power input 11 5.1.1 Powering a data logger with a vehicle 12 5.1.2 Power LED indicator 12 5.2 Power output 12 5.3 Grounds 13 5.4 Communications ports 15 5.4.1 USB device port 15 5.4.2 Ethernet port 15 5.4.3 C terminals for communications 16 5.4.3.1 SDI-12 ports 16 5.4.3.2 RS-232, RS-422, RS-485, TTL, and LVTTL ports 16 5.4.3.3 SDM ports 16 5.4.4 CS I/O port 17 5.4.5 RS-232/CPI port 18 5.5 Programmable logic control 19 6. Setting up the CR1000X 21 6.1 Setting up communications with the data logger 21 6.1.1 USB or RS-232 communications 21 6.1.2 Virtual Ethernet over USB (RNDIS) 23 6.1.3 Ethernet communications option 24 Table of Contents - i 6.1.3.1 Configuring data logger Ethernet settings 25 6.1.3.2 Ethernet LEDs 26 6.1.3.3 Setting up Ethernet communications between the data logger and computer 26 6.2 Testing communications with EZSetup 27 6.3 Making the software connection 29 6.4 Creating a Short Cut data logger program 29 6.5 Sending a program to the data logger 32 7.
    [Show full text]
  • No.Ntnu:Inspera:2546742.Pdf (10.61Mb)
    Krishna Shingala An alternative to the Public Key Krishna Shingala Infrastructure for the Internet of Things Master’s thesis in Communication Technology Supervisor: Danilo Gligoroski, Katina Kralevska, Torstein Heggebø Master’s thesis Master’s June 2019 An alternative to PKI for IoT PKI for to An alternative NTNU Engineering Communication Technology Communication Department of Information Security and Department of Information Faculty of Information Technology and Electrical Technology of Information Faculty Norwegian University of Science and Technology of Science University Norwegian An alternative to the Public Key Infras- tructure for the Internet of Things Krishna Shingala Submission date: June 2019 Responsible professor: Danilo Gligoroski, IIK, NTNU Supervisor: Danilo Gligoroski, IIK, NTNU Co-Supervisor: Katina Kralevska, IIK, NTNU Co-Supervisor: Torstein Heggebø, Nordic Semiconductor ASA Norwegian University of Science and Technology Department of Information Technology and Electrical Engineering Title: An alternative to the Public Key Infrastructure for the Internet of Things Student: Krishna Shingala Problem description: Internet of Things(IoT) enables participation of constrained devices on the Internet. Limited resources, bandwidth, and power on the devices have led to new protocols. Some examples of IoT driven and driving protocols are: – MQTT, CoAP that are application protocols for IoT; – 6LoWPAN enables efficient support of IPv6 on low power lossy networks; – CBOR enables concise data formatting; and – DTLS enables secure channel establishment over unreliable transport like the UDP. Security is one of the key factors for the success of IoT. TLS/DTLS secures the channel between the servers and the devices. Confidentiality is an important aspect of such a secure channel. Establishing the identity of an entity another.
    [Show full text]
  • IP Production IBC Preview Cloud Playout AMC/Sundance Q&A
    IP production www.csimagazine.com IBC preview Cloud playout AMC/Sundance Q&A Welcome to High Dynamic Range television September 2015 cover.indd 1 19/08/2015 12:33:55 Expect More. AMOS Satellites. Meet us at More Coverage. More Throughput. More Services. IBC September 11-15, 2015 Across the Middle East, Europe, Africa and Asia. Amsterdam Hall 1, Booth C.65 Spacecom’s AMOS satellite constellation, consisting of AMOS-2 and AMOS-3 co-located at 4°W, AMOS-4 at 65°E and AMOS-5 at 17°E provides high-quality broadcast and communications services across Europe, Africa, Russia, Asia and the Middle East. With the upcoming launch of AMOS-6, Spacecom is expanding its coverage over Europe and Africa. The result: greater capacity, high-throughput Ka multibeam capabilities and affordable end-to-end satellite services. Spacecom. Expect More. EXPECT MORE www.amos-spacecom.com Untitled-2 1 10/08/2015 12:00:19 Contents IP production www.csimagazine.com IBC preview Cloud playout AMC/Sundance Q&A 30 Online piracy Editor Goran Nastic A new way of thinking about connected revenue security Commercial Welcome to High Dynamic Range television John Woods, Hammad Uddin September 2015 cover.indd 1 19/08/2015 12:33:55 36 Data corner A closer look at SVoD customers Design and production Matt Mills (Manager) 10 Analyst corner Jason Tucker With the first 4k channels launching in Europe, 40 IP production Matleena Lilja-Pelling an assessment of early services and the future It has its pros and cons, which broadcasters would do well to start preparing for Regular contributors 12 COVER STORY - HDR special Adrian Pennington, Philip Hunter, 44 Smart home David Adams, Stephen Cousins, High Dynamic Range really will take TV up a Anna Tobin level but it is not without challenges.
    [Show full text]
  • Iot Development Platform
    .org IoT Development Platform 1 Q&A . How many ARM cores shipped in 2012? 8,700,000,000 2020 . 2011 . Per Day: 23,835,616 . Per Hour: 993,151 150+ 25+ billion . Per Minute: 16,553 billion . Per Second: 276 2002 1+ billion 1998 2010 2020 2 ARM is a Semiconductor IP Company ARM’s Ecosystem Financial Tools/Technology IDM Foundry Fabless Semicon Co. Equipment Manufacturer ARM CPU GPU Software Platforms Networking Video RF Security DSP Other IP Carriers + Developers 3 ARM Cortex Advanced Processors Architectural innovation, compatibility across diverse application spectrum MP Cortex-A15 . ARM Cortex™-A family: ...2.5GHz . Applications processors for feature- Cortex-A9 rd rich OS and 3 party applications Cortex-A8 Cortex-A7 ARM Cortex-R family: Cortex-A5 . Cortex-R7 . Embedded processors for real-time Cortex-R5 signal processing, control applications Cortex-R4 Cortex-M4 . ARM Cortex-M family: Cortex-M3 Cortex-M1 . Microcontroller-oriented processors Cortex-M0 for MCU, ASSP, and SoC applications SC300 TM SC000 Applicability Unparalleled . ARM SecureCore Cortex-M0+ . Tamper-resistant security <12k gates... 4 ARM Cortex-M: Ultra Low Power, Size, + Cost 1.9 billion ARM Cortex-M devices shipped in 2012 by leading semiconductor companies MCUs radios sensors Think Powered by Watch Batteries & Energy Harvesting 5 MBED: Enabling Monetization of Disruption “By 2018, 50% of IoT solutions will be from start-ups less than 3 years old” - Gartner 6 From Sensor to Cloud Edge Clients Gateway Network Cloud Temp thin client Device Prox Provisioning and M2M Apps control Cortex-M Modem Diagnostics M2M Apps Smartphone / M2M Apps Short-Range Headless Radio e.g.
    [Show full text]
  • 7) Internet of Things a Survey on the Security of Iot Frameworks
    Journal of Information Security and Applications 38 (2018) 8–27 Contents lists available at ScienceDirect Journal of Information Security and Applications journal homepage: www.elsevier.com/locate/jisa Internet of Things: A survey on the security of IoT frameworks ∗ Mahmoud Ammar a, , Giovanni Russello b, Bruno Crispo a a Department of Computer Science, KU Leuven University, Heverlee, 3001, Belgium b Department of Computer Science, University of Auckland, Private Bag 92019, Auckland 1142, New Zealand a r t i c l e i n f o a b s t r a c t Article history: The Internet of Things (IoT) is heavily affecting our daily lives in many domains, ranging from tiny wear- able devices to large industrial systems. Consequently, a wide variety of IoT applications have been devel- Keywords: oped and deployed using different IoT frameworks. An IoT framework is a set of guiding rules, protocols, Internet of Things and standards which simplify the implementation of IoT applications. The success of these applications IoT mainly depends on the ecosystem characteristics of the IoT framework, with the emphasis on the security Framework mechanisms employed in it, where issues related to security and privacy are pivotal. In this paper, we sur- Platform vey the security of the main IoT frameworks, a total of 8 frameworks are considered. For each framework, Security we clarify the proposed architecture, the essentials of developing third-party smart apps, the compati- ble hardware, and the security features. Comparing security architectures shows that the same standards used for securing communications, whereas different methodologies followed for providing other security properties.
    [Show full text]
  • Performance of State-Of-The-Art Cryptography on ARM-Based Microprocessors
    NIST Lightweight Cryptography Workshop 2015 Session VII: Implementations & Performance Performance of State-of-the-Art Cryptography on ARM-based Microprocessors Hannes Tschofenig & Manuel Pegourie-Gonnard ([email protected], [email protected] ) Presented by Hugo Vincent ([email protected] ) IoT Business Unit Tuesday, July 21, 2015 1 Outline § Why does ARM care about crypto performance? § ARM Cortex-M vs. Cortex-A Class processors. § Short overview of the Cortex-M processor family. § Internet of Things – a world full of constraints. § Performance of crypto on Cortex-M class processors § Assumptions § Hardware used for measurement § Symmetric Key Cryptography § Public Key Crypto (with different curves) § Cortex-M3/M4 Performance § Cortex-M0/M0+ Performance § Curve25519 § RAM Usage § Applying Results to TLS/DTLS § Conclusion & Next Steps 2 Why does ARM care about Crypto Performance? 3 ARM Processors in Smartphones § ARM Cortex-A family: § Applications processors for feature-rich OS and 3rd party applications § ARM Cortex-R family: § Embedded processors for real-time signal processing, control applications § ARM Cortex-M family: § Microcontroller- oriented processors for MCU, ASSP, and SoC applications 4 Cortex-M Processors Maximum Performance Flexible Memory Cache Single & Double Precision FP Digital Signal Control (DSC)/ Examples: Automotive, Processor with DSP High-end audio set Accelerated SIMD Performance & efficiency Floating point (FP) Example: Sensor fusion, Feature rich connectivity motor control Example:
    [Show full text]
  • Performance Investigations
    Performance Investigations Hannes Tschofenig, Manuel Pégourié-Gonnard 25th March 2015 1 Motivation § In <draft-ietf-lwig-tls-minimal> we tried to provide guidance for the use of DTLS (TLS) when used in IoT deployments and included performance data to help understand the design tradeoffs. § Later, work in the IETF DICE was started with the profile draft, which offers detailed guidance concerning credential types, communication patterns. It also indicates which extensions to use or not to use. § Goal of <draft-ietf-lwig-tls-minimal> is to offer performance data based on the recommendations in the profile draft. § This presentation is about the current status of gathering performance data for later inclusion into the <draft-ietf-lwig-tls-minimal> document. 2 Performance Data § This is the data we want: § Flash code size § Message size / Communication Overhead § CPU performance § Energy consumption § RAM usage § Also allows us to judge the improvements of various extensions and gives engineers a rough idea what to expect when planning to use DTLS/TLS in an IoT product. § <draft-ietf-lwig-tls-minimal-01> offers preliminary data about § Code size of various basic building blocks (data from one stack only) § Memory (RAM/flash) (pre-shared secret credential only) § Communication overhead (high level only) 3 Overview § Goal of the authors: Determine performance of asymmetric cryptography on ARM-based processors. § Next slides explains § Assumptions for the measurements, § ARM processors used for the measurements, § Development boards used, § Actual performance data, and § Comparison with other algorithms. 4 Assumptions § Main focus of the measurements so far was on § raw crypto (and not on protocol exchanges) § ECC rather than RSA § Different ECC curves § Run-time performance (not energy consumption, RAM usage, code size) § No hardware acceleration was used.
    [Show full text]