May 27, 2003, 9:09 AM — Chip designer ARM Ltd. will add extensions to its processor core next year that incorporate hardware-based security technologies, the company said Tuesday.
Future versions of the company's ARM core for mobile and wireless handset chips will contain protected areas for storage of user authentication keys, and areas of the processor that are off-limits to unauthorized users, said Mary Inglis, director of operating systems and alliances for ARM.
TrustZone, as the extensions are called, creates a parallel domain where secure applications can run alongside nonsecure applications. The operating system or application vendors set the security policies as to what data is designated as secure, and what isn't, Inglis said.
As the computing power of smartphones and other mobile devices grows, users will need to feel secure while making financial transactions, sending e-mail, or accessing corporate data, for adoption of those devices to become widespread, Inglis said. Crucial software applications often have to be downloaded to a handheld device, which creates a number of openings for hackers or viruses to exploit, she said.
ARM is adding what it calls an S-bit, for security, to the sixth version of its architecture. The S-bit is applied to code that needs to be secure, and a separate portion of an ARM processor monitors and identifies data tagged with an S-bit. That data is run separately through the processor from nonsecure data.
Security extensions were also added to the level-1 memory system. Most processors have a small amount of memory stored in a cache close to the CPU (central processing unit) that is used to store frequently accessed instructions. These memory-level extensions can recognize the S-bit, and control the flow of secure and nonsecure data from the memory cache to the CPU.
The operating system on a TrustZone device will also boot from the secure portion of the processor, checking to make sure everything is safe within the operating system and applications before booting the entire device.
"If people really want 3G phones, smartphones, and wireless data services, they'll want to use them for transactions on the road, and they'll want to feel secure," said Tony Massimini, chief of technology at Semico Research Corp. in Phoenix. ARM's efforts will help establish a security standard for the mobile device market that a number of companies can use, he said.
Just about all companies in the microprocessor industry are working on hardware-based security features, which free up system resources normally dedicated to security software products, and execute tasks such as random number generation much faster than software. Intel Corp., Via Technologies Inc., and Transmeta Corp., among others, have introduced or are working on hardware-based security features for their processors.