IoT Security Concerns Push Vendors to the Edge

发布时间:2018-03-08 00:00
作者:Ameya360
来源:Nitin Dahad
阅读量:1232

  Doing more processing at the edge to avoid sending sensitive data to the cloud emerged as a common theme among vendors at the Embedded World conference here last week. Whether this is a result of forthcoming GDPR (General Data Protection Regulation) laws coming into force across the European Union on May 25, or whether there it is simply a lack of sufficient security in current devices is difficult to tell.

  A recent report on IoT cybersecurity readiness certainly points to the latter. Lawrence Munro, vice president SpiderLabs at Trustwave, who released the  IoT Cybersecurity Readiness Report, said, “As IoT adoption continues to proliferate, manufactures of IoT are sidestepping security fundamentals as they rush to bring products to market. We are seeing lack of familiarity with secure coding concepts resulting in vulnerabilities, some of them a decade old, incorporated into final designs. Because updating IoT devices by nature is more challenging, many remain vulnerable even after patches are issued, and often patches are not even developed. Organizations need to properly document and test each internet-connected device on their network or face introducing potentially thousands of new attack vectors easily exploitable by cybercriminals."

  He added, “"Any device or sensor with an IP address connected to a corporate network may open the doors to a devastating security incident."

  The report finds that while IoT use is growing rapidly — by the end of 2018, five in six organizations will be using at least a minimal level of IoT technology — security concerns are cited as the top barrier to increased IoT adoption.

  Given this, it’s not surprising that there were several announcements and demos around IoT edge computing and security at Embedded World. On top of this, major vendors were also keen to announce their full IoT ecosystems or platforms, presumably to contain the security risks in a closed loop environment.

  IoT on a Chip, with Multiprotocol Radio

  As we highlighted previously, NXP was keen to illustrate the need for IoT edge compute capability.

  “Self-learning edge node systems are going to start influencing IoT, with scalable processing at the gateway and the edge," said Geoff Lees, senior vice president and general manager of microcontrollers at NXP, during the company's press conference at the show. "The edge computing future demands high-performance compute together with secure data collection, management, and decision-making.”

  Among the devices NXP showed were its ultra-compact IoT-on-a-chip package, which brings together the pre-integrated features from NXP’s i.MX applications processor family, and Wi-Fi/Bluetooth solutions for consumer and industrial developers to quickly build compact IoT products. Lees said the company’s proprietary ultra-low leakage SRAM with 10x lower static leakage than conventional memories, working with Samsung's non-volatile STT-MRAM that has 1,000-times faster wake-up time, 400 times lower write power than conventional embedded flash and 100 times longer battery lifetime, makes "instant-on" IoT edge node products possible.

  STMicroelectronics demonstrated its new STM32WB wireless SoC, which combines microcontroller and the ability to run concurrent multiprotocol standards for IoT. The devices combine a fully-featured Arm Cortex?-M4-based microcontroller to run the main application as well as an Arm Cortex-M0+ core to offload the main processor and offer real time operation on the Bluetooth Low Energy (BLE) 5 and IEEE 802.15.4 radio. The radio can also run other wireless protocols concurrently, including OpenThread, ZigBee, or proprietary protocols, giving even more options for connecting devices to IoT.

  "The STM32WB series delivers the advanced integration and uncompromising dual-core performance that developers now need to meet relentless end-user demands for even better and more affordable smart connected objects," said Michel Buffa, general manager of ST's microcontroller division. “Moreover, compatibility with the STM32 development ecosystem brings design advantages that can significantly reduce time to market for new products like lights, fitness trackers, medical monitors, beacons, tags, security devices, and many others.”

  Another emphasizing processing at the edge was GreenWaves Technologies (see AI Comes to Sensing Devices). Its GAP8 IoT application processor, built on the RISC-V based Parallel Ultra Low Power (PULP) computing open-source platform developed at the University of Bologna and ETH Zurich, enables development, deployment and autonomous operation of intelligent sensing devices that capture, analyze, classify and act on the fusion of rich data sources such as images, sounds or vibrations. GAP8 is optimized to execute a large spectrum of image and audio algorithms including convolutional neural network (CNN) inference, with extreme energy efficiency, thanks to an integrated 8-core computational cluster combined with a convolution hardware accelerator.

  Dublin-based S3 Semiconductors, showed its SmartEdge platform for enabling cost-optimized, custom single-chip solutions that put performance at the edge of the IoT networks. The company said processing at the edge is a rapidly evolving trend that accelerates data analytics at the source and reduces cloud-based processing, delivering more responsive decision making.

  Edge devices typically require sensitive sensor analog front ends coupled to data converters, microcontrollers running complex embedded software, with security and some form of wired or wireless communications interface. Bringing all these functions together, often with the need for local calibration and low-latency real-time control, represents a significant design and integration challenge. S3 says its platform provides a way of integrating sensing, calibrating, controlling and implementing communication functions into a single ASIC.

  At its press conference, Kontron also emphasized the concerns of many in industry who don’t want to put their data in the cloud, which is why it is targeting on-premises computing and storage. It said that embedded servers, or fog servers (cloud-like systems but located on premises), will be a huge growth area. Kontron says it is enabling customers to put more intelligence at device level.

  As part of this edge to fog strategy, Kontron introduced an embedded server, the ZINC CUBE C232, tailored for complex computing tasks requiring the processing and analyzing of huge amounts of data, such as machine learning or artificial intelligence. It was developed as a platform for industrial applications, analytics, artificial intelligence and embedded vision. The embedded server can be used for time sensitive networking with up to four ports, making it suitable for edge and fog computing. It is available with 7th Gen Intel server class processors and can be equipped with up to 32 GBytes ofDDR4 RAM.

  Kontron also announced a collaboration with NXP to enable more intelligence and efficiency at the edge for next-generation industrial IoT implementations for cloud, edge computing and factory floor innovations — or what is known as Industry 4.0.

  GE Power’s Automation and Controls business unveiled the next generation of industrial internet connected control (IICS) solutions at Embedded World in Nuremberg.

  "We’re bringing intelligence as close to the machine as possible," said Vibhoosh Gupta, the company’s product management leader for the business. "The cloud might provide an elastic compute environment which is good for things like fleet management. However, for applications requiring real time analytics, the inherent latency resulting from sending data to the cloud means there is no choice but to move to the edge.”

  GE's IICS solutions provide data storage, analysis and rapid conveyance from the edge of industrial systems. It says that only a small fraction of data gets used in industrial processes, so its system leverages GE's Predix analytics suite at the edge and in the cloud to better utilize process data to help reduce downtime, and lower operational costs.

  Renesas Enters Ethernet Module Market

  Renesas Electronics revealed at the conference its entry into the industrial Ethernet module market, which it said was a logical enhancement of its chip business. The company describes its new I-RJ45 as a complete solution for an industrial Ethernet interface, containing the entire electronics and software embedded in an RJ45 connector.

  The solution incorporates a single- or dual-port RJ45 connector and supports various industrial network slave applications including sensors and transmitters, gateways, operator terminals and remote I/O. The solution comprises an intelligent RJ45 module that comes with qualified embedded software to support multiple industrial Ethernet protocol stacks. The software package and sample codes provide system manufacturers with a complete set of tools and frameworks to build their application without any additional up-front costs or complexity.

  The I-RJ45 module solution is a ready-to-use hardware and software solution that includes a pre-certified PROFINET implementation and can be used for mass-produced applications. Renesas plans to support other industrial protocols including EtherCAT and EtherNet/IP in the future. With a general application programmable interface (API), the application can easily be connected to the protocol software and offers an integration path to other Renesas ASSP solutions.

(备注:文章来源于网络,信息仅供参考,不代表本网站观点,如有侵权请联系删除!)

在线留言询价

相关阅读
Industrial IoT, Smart City Security to Drive Secure MCU Market to Over $2B by 2026
  Despite facing an increasingly volatile semiconductor industry plagued by ongoing macroeconomic and political issues, the secure microcontroller (MCU) market should fare well in the long term.  While the forecasted total available market has contracted, especially in the smart home, retail, advertising, and supply chain spaces, secure MCU shipments will only be temporarily adversely affected. According to a new report from ABI Research, the secure MCU market will grow to $2.2 billion by 2026.  “In part, this is due to the niche nature of security demand which commands a higher value proposition,” said Michela Menting, Trusted Device Solutions Research Director at ABI Research. “In the short term, supply chain issues due to trade embargoes and pandemic quarantines at manufacturing sites will affect availability. Yet, demand for security, especially in general purpose microcontrollers, will ensure the secure MCU market continues to be a high priority for device OEMs.”  Strong market demand will stem from utilities and industrial IoT and smart cities and buildings, notably for MCUs with Trusted Execution Technologies that can securely run mission-critical and highly-sensitive applications at the edge.  Several opportunities will continue to drive demand for secure MCUs. On the one hand, a growing body of policy and regulation supports secure semiconductor investment, including a range of EU and U.S. tools such as the EU Cybersecurity Certification Framework, the EU Cyber Resilience Act, and the EU Chips and the U.S. CHIPS and Science Act. On the other hand, the demand for secure IoT lifecycle management capabilities, from provisioning and onboarding for cloud and network services to OTA firmware updates and patching, means security IP choice for MCUs become primary product differentiators in an increasingly competitive market.  The secure MCU market is responding to this continued demand. An increasing number of semiconductors have launched numerous new products in the last two years, catering to various IoT device types and use case scenarios. These include Renesas (RA), NXP (i.MX), STMicroelectronics (STM32), Microchip (SAM), and Infineon/Cypress (PSoC), among many others.  The market has coalesced around Arm Cortex processors, in part due to the rich security IP available with TrustZone. Still, there is growing competition from the secure RISC-V movement, directly challenging Arm’s dominance in the space.  These findings are from ABI Research’s Secure MCU Market Overview report. This report is part of the company’s Trusted Device Solutions research service, which includes research, data, and ABI Insights.
2023-01-10 11:00 阅读量:1872
5G IoT Satellites Countdown for Takeoff
  A startup is ready to launch the first dedicated 5G IoT satellites this year.  Release 17 of the 3rd Generation Partnership Project’s (3GPP) 5G specification has been completed. Companies are starting to use the non-terrestrial networking (NTN) update to that spec to build the first 5G IoT satellites.  Barcelona, Spain-based startup Sateliot plans to be the first satellite operator to put up a 5G IoT constellation. Elon Musk’s SpaceX operation is launching the first Sateliot nanosatellite in February. Sateliot hopes to put another four up in space by the end of this year. The young company expects to have a swarm of 250 units up by the end of 2025.  Sateliot CEO Jaume Sanpera told EE Times that the startup has been working for four years on its IoT nanosatellites. Sateliot has been collaborating with the 3GPP on the NTN 5G specification. “We made more than 17 contributions,” Sanpera said.  The company’s low-Earth-orbit (LEO) satellite will use 5G narrowband IoT (NB-IoT) to connect its satellites to IoT devices on the ground. Originally a 4G standard, the NB-IoT specification was recognized by the International Telecommunication Union (ITU) as part of its IMT-2020 5G standard in July 2020.  The connection between satellites in space and IoT devices on the ground will depend on more than just having 5G-capable satellites in orbit. Chipmakers must also release silicon that will support the latest 5G specification.  “By mid-year, most of the large manufacturers will have Release 17 implemented on their chipsets,” Sanpera said. This means that satellite-compliant 5G IoT devices could be on the commercial market by the end of 2023 and will become more commonplace in 2024.  Sateliot is talking to mobile network operators (MNOs) worldwide about running its service. The startup has already signed on with major MNO Telefónica, which runs services in 15 countries around the globe. “We are talking to 54 other mobile operators,” Sanpera said.  Dean Bubley, founder of Disruptive Analysis, noted that satellite IoT, largely based on 4G LTE technology, already serves remote oil and gas infrastructure monitoring systems, agricultural sensors and shipping containers, and it tracks high-end assets like construction equipment.  “I think 5G and satellite will be more about backhaul and fronthaul, or direct-to-device for phones and maybe vehicles,” Bubley said. He added, however, the possibility of running a 5G NB-IoT connection from a LEO satellite to devices on the ground.  This is exactly what Sateliot is doing. Sanpera notes that there are four or five other startups that are working to deliver similar 5G satellite systems. The CEO did not name these startups.  Sanpera expects to start offering satellite services that allow IoT devices to send out one message a day. The CEO said that he sees one-third of his customers that need that kind of service, another third that want their IoT devices to send a message an hour and a final third that require near-real–time communication.  Sateliot will move from a constellation that can handle devices sending one message a day in early 2023, ramp up to hourly transmissions in 2024 and ultimately move to near-real–time communication in 2025.  The second-generation shuffle  The Sateliot nano units are already set to launch on SpaceX first-generation satellites this year. The Spanish startup will avoid any issues with launch schedules. “Our plan is already booked,” Sanpera said.  The Sateliot launch won’t be affected by the Federal Communications Commission’s (FCC’s) limited approval of 7,500 SpaceX second-generation satellites, which will begin launching this year. SpaceX had originally requested permission to form a new satellite constellation of nearly 30,000 second-generation satellites.  The new SpaceX satellites are “too large for the current rockets,” explained Sanpera. He said the heavy-lift Starship will be needed to deploy the next-generation SpaceX satellites. SpaceX is expected to test its Starship prototype in space this December.
2023-01-10 10:59 阅读量:1836
EU Approves $2 Billion for IoT, Connected Car Research
  The European Commission has cleared the use of €1.75 billion (about $2 billion) in public funds from France, Germany, Italy, and the U.K. to support an integrated project for joint research and innovation in microelectronics addressing the internet of things and connected or driverless cars.  The clearance was necessary to ensure that the funding would be in line with EU state aid rules and contributes to a common European interest, a key condition for public support. The integrated research and innovation project will involve 29 direct participants, headquartered both in and outside the EU, carrying out 40 closely interlinked sub-projects. These direct participants will work in collaboration with wider partners, such as other research organizations or small- and medium-sized enterprises (SMEs), also beyond the four member states.  The project’s overall objective is to enable research and develop innovative technologies, chips, and sensors that can be integrated in applications such as consumer devices, automated vehicles, commercial devices, and industrial devices, including management systems for batteries in electric mobility and energy storage. In particular, the project is expected to stimulate additional research and innovations in relation to the internet of things and to connected or driverless cars.  The 29 participants in the microelectronics research project cleared by the European Commission.  Participants and their partners will focus their work on five different technology areas:  (1) Energy-efficient chips: developing new solutions to improve the energy efficiency of chips. These will, for example, reduce the overall energy consumption of electronic devices, including those installed in cars.  (2) Power semiconductors: developing new component technologies for smart appliances as well as for electric and hybrid vehicles to increase the reliability of semiconductor devices.  (3) Smart sensors: working on the development of new optical, motion, or magnetic field sensors with improved performance and enhanced accuracy. Smart sensors will help improve car safety through more reliable and timely reaction to allow a car to change lanes or avoid an obstacle.  (4) Advanced optical equipment: developing more effective technologies for future high-end chips.  (5) Compound materials: developing new compound materials (instead of silicon) and devices suitable for more advanced chips.  The project participants will be involved in over 100 collaborations across the different areas in 40 closely interlinked sub-projects. It’s thought that in addition to the €1.75 billion funding provided by each of the four countries, the project will unlock an additional €6 billion ($6.84 billion)  in private investment. The project should be completed by 2024 (with differing timelines for each sub-project).  The idea of such funding is to enable risky and ground-breaking research and innovation whilst ensuring that its benefits are shared widely and do not distort the level playing field in Europe. The innovations supported by taxpayer money are supposed to be of benefit to European citizens as a whole.  The European Commission says that investment in research in microelectronics at this scale is a major transnational innovation project. It carries a considerable element of risk; therefore, public support is appropriate and necessary to incentivize companies to carry out these ambitious activities. Microelectronics is considered a key enabling technology with applications in multiple industries and in helping to tackle societal challenges.  The results of the research project will be disseminated by participating companies benefiting from public support. In this context, an annual conference on the project will be organized, the first of which will be held in November 2019. Furthermore, companies will host a series of technical events on their respective sub-projects.  Commissioner Margrethe Vestager, in charge of competition policy, said, “Innovation in microelectronics can help the whole of Europe leap ahead in innovation. That’s why it makes sense for European governments to come together to support such important projects of common European interest if the market alone would not take the risk. And it is why we have put special state aid rules in place to smooth the way.”  In addition, Commissioner Mariya Gabriel, in charge of digital economy and society, said, “If we don’t want to depend on others for such essential technology [microelectronics] — for example, for security or performance reasons — we have to be able to design and produce them ourselves.”  The rules support investments for research, development and innovation, and first industrial deployment on the condition that the projects receiving this funding are highly innovative and do not cover mass production or commercial activities. They also require extensive dissemination and spillover commitments of new knowledge throughout the EU and a detailed competition assessment to minimize any undue distortions in the internal market.  The project is unlikely to be affected by Brexit. We asked the Commission for clarification and were told that the U.K.’s withdrawal agreement would have been agreed upon at the negotiator’s level but still needs to be concluded by the EU and ratified by the U.K. before it can enter into force. There is then likely to be a transition period (which will last until the end of December 2020 unless extended). During this transition period, the entire body of EU law will continue to apply to, and in, the U.K. as if it were a member state. This includes all EU rules relating to state aid. So funding support will remain binding on and in the U.K.  The project sets out the maximum amount of aid authorized for each of the beneficiaries, and the U.K. is expected to grant aid within these maximum amounts. Once state aid has been approved by the European Commission, member states are authorized to grant the aid and normally do so.
2019-01-17 00:00 阅读量:1152
IoT Merging Into Data-Driven Design
The Internet of Things is becoming more difficult to define and utilize for an effective business strategy. While an increasing number devices send data to the cloud or some local server, so much data is being generated and moved around that new strategies are being developed to rethink what needs to be processed where.Back in 2013, when the IoT concept really began taking off, connectivity to the Internet was considered the ultimate goal because the biggest compute resources were still in the data center. Today, compute resources are becoming more distributed and processing is becoming more nuanced. In fact, almost all of the early major proponents of the IoT, such as Cisco, Arm, Samsung and Philips, have shifted their IoT focus to data management, processing, and security.The big issues now are how to connect different devices to each other, and what to do with all the data generated by tens of billions of sensors and devices. That includes what data should be processed where, how much really needs to be moved, how to move it more quickly, and how to protect data in place and in transit.“When the IoT first started, a lot of it was based on things like temperature sensors,” said Geoff Tate, CEO of Flex Logix. “There’s not a lot of data coming out of temperature sensors. But now we’re adding in things like video, where you have cameras doing surveillance. Processing now has to be done closer to the camera—either in the camera or at some edge server. There’s also a cost for the radio chip to send everything, and not everywhere has good enough connectivity. On top of that, networks were designed for transmitting large amounts of data, not uploading it.”Fig. 1: Monthly visual networking data growth in exabytes. Source: Cisco visual networking index forecastThis adds a whole different slant to the IoT concept, because it means more data now needs to be processed in place or nearby.“Even with 5G, there is a huge amount of data being produced,” said Mike Fitton, senior director of strategic planning at Achronix. “What’s changing is that processing capability will move from the data center and flow toward the edge. Processing will need to happen everywhere. You’re going to see a shift in relative ratios along those lines.”Alongside a growing volume of data is an increasing value to the data. And the more data that is collected from more sources, the greater its value. But that value doesn’t necessarily rely on being shipped to the cloud where it can be mined in the context of other data. Some of it can be used by other devices or even by infrastructure.These shifts are behind last month’s merger of the Industrial Internet Consortium (IIC) and the OpenFog Consortium, which combined the networking standards and architecture development of the OpenFog Consortium with the IIC’s emphasis on testing product integration. The IIC is concerned with devices spread around the network, while the OpenFog Consortium is concerned with the networking, storage and processing infrastructure necessary to efficiently connect everything between the edge and the cloud. The merger of the two groups reflects the evolution of technology rather than a purposeful direction by either one, said IIC President Bill Hoffman.“Over three years of working on fog computing and trying to address bandwidth issues and the trend of AI moving toward the edge, it became clear we shared members and interests and problems that we’d been trying to solve,” Hoffman said. “We reached a point that we could streamline the way we drove technology deliverables and improve the overall market to consolidate discussion of fog computing and the IoT in one place.”IIoT and the edgeYet it remains to be seen how effective this approach becomes. The electronics industry is littered with devices that either never caught on, used far too much power, had too little performance, missed the market entirely, or which got lost in a sea of similar products.And while most IoT watchers point to the IIoT as the place where the real benefits are, successful IoT strategies are harder to develop than initially thought. A May 2017 report by Cisco showed that nearly 60% of IoT initiatives never made it beyond the proof of concept phase, and one-third of completed projects were failures.“You see some industries — mining definitely has a need, and manufacturing and a few others — but overall, across most industries we don’t see much engagement,” said Matt Vasey, OpenFog chairman and president, and also a director of AI and IoT business development at Microsoft. “A lot of industries just haven’t picked up in full force.”The reasons are varied, and sometimes specific to a company or industry segment. “It’s a great amount of transformation to really take advantage of edge and IoT, so there’s a lot of resistance from production,” Hoffman said. “There is also not a lot of metrics out to demonstrate the value. If you can save 50% on the cost of a process, that’s clear, but most of the benefits are less clear than that.”This doesn’t diminish the value of the data collected by sensors in smart devices, however. “If you can do something as simple as decrease fuel consumption by 1% by utilizing that data, that’s a huge impact,” said Achronix’s Fitton. “This is the kind of stuff that’s happening in the industrial IoT, and that’s having more impact than the classic definition of the IoT, which was always dismissed as something of a vague term.”The key is being able to tailor a solution that works, in a market where it makes sense. And even then, there is a confusing array of tools, platforms and strategies. In June of 2017, IoT Analytics counted more than 450 software packages being offered either as operating systems or system software connected networks of IIoT devices. Even if the tally was right, 450 options is chaos, not progress, according to a May, 2017 McKinsey report. “If there are [even] 100 IoT platforms, then there is no platform, just aspirants,” the report concluded.IEEE and a pair of industry groups formed to make sense of the growing edge computing trend may help reduce the chaos in this segment. Last June, the IEEE Standards Association, at the instigation of the IEEE Communications Society, adopted the OpenFog Reference Architecture as an official standard, now called IEEE 1394. That standard looks at east-west flow of data, rather than just north-south, which is a significant departure from how the IoT concept originally was laid out by leading proponents.“We have seen a continuum of intelligence extend from the cloud right down to the edge,” said Vasey. “We are trying to make sure we have the right tools for the job—near the edge where devices might need storage and servers, or just mid-tier gateways, to near-edge data centers with much richer resources—and extending right up to the cloud in a coherent way. We’re no longer dealing with just the cloud or just the edge or just the middle tier. It’s more of a continuum. And we get feedback from customers saying that model makes a lot of sense, putting compute and storage and networking resources anywhere up and down that continuum where you need it.”Thinking differentlySo what does this mean for the IoT as a whole? The key may be thinking about the overall concept less from the standpoint of the initial IoT vision and more from the flow of the data.“There’s a need for a lot more compute at the source of the data,” said Susheel Tadikonda, vice president in Synopsys’ verification group. “The volume of data is taking so much power and bandwidth, and latency is so much of an issue, that you need to consume the data at the source. If you can make the sensors intelligent, then they can evaluate the data without much delay and take immediate action. What we’re seeing is that everything is going together in bundles of data.”Tadikonda noted that while the data isn’t new, the emphasis on using it more effectively is definitely new. “No one cared about it in the past. The underlying data was very powerful, but no one had any idea of what it would spawn. If you look at Uber, no one knew something like that would happen until 4G technology and processing power was there. Traditional cloud solutions were implemented with central servers and storage. Now we are seeing an alternative to that with both storage and compute as close as possible to the edge devices like sensors. But data still has to be transmitted, and bandwidth has to increase because even if you do more processing locally, the number of connected devices is growing so fast that they’re producing more data in total.”This, in turn, is affecting how systems are being designed, from the data center to the networks and all the way down to the various components that make up chips.“We are moving into a data-driven economy,” said Lip-Bu Tan, chairman and CEO of Cadence. “It’s all about data. A lot sensors collect data. Depending upon the application, some will move into the intelligent edge. When you process the data there, you want to do that with very low power. That can drive productivity and efficiency. The other piece of this is the hyperscale data center. You need infrastructure there to drive the applications.”Security issuesAlongside of all of this, data has to be protected.“Now the question is how we evolve that so that we can build systems that are connected but secure, because there are more and more connected systems,” said Helena Handschuh, a fellow in Rambus’ Cryptography Research Division. “We need more end-point security. If you look at the PC industry and networking, there are ways to detect security issues and then try to mitigate them after that. But no matter how good your security, eventually something will go wrong.”Security was always one of the top concerns cited when it came to the IoT. Despite the warnings, the chip industry is just beginning to take a serious look at how to automate some of those checks. One of the drivers of that shift was the cost of fixing hardware—measured both in time spent on mitigating the problem and in performance inside of data centers—after Google Project Zero exposed hardware vulnerabilities related to speculative execution and branch prediction. Prior to that, a botnet attack based on the Mirai virus, brought down some of the largest Internet sites.“Security of a chip is something like compatibility,” said Wally Rhines, CEO Emeritus at Mentor, a Siemens Business. “You can always show that something is incompatible. You can never guarantee that something is compatible. The same is true here. You can always show there is a vulnerability, but you can never guarantee there are other vulnerabilities. It becomes one of an asymptotic approach, where you’ve verified so much that if there is a problem it’s going to be really rare and hard to get to. Beyond just the simulation, the insertion of features into a chip that can do analysis to minimize the possibility of a buried Trojan is, in fact, a key part. The other key part is on the incoming IP. How do you verify the IP you’ve got does not have Trojans in it and who do you trust. Do you trust your IP vendor? Do you trust some kind of simulation that goes through rigorous verification of that IP?”This is becoming a huge issue across the industry, because IP tracking is getting more convoluted as designs become more heterogeneous to deal with the increase in different types of data.“There are a lot of people getting into whole system architectures,” said Ranjit Adhikary, vice president of marketing at ClioSoft. “There are companies with a lot of PDKs, but you aren’t sure which PDKs are being used and you don’t know where the documentation is. This is a big mess. You don’t even know if IP went to tapeout in silicon or how much was paid for it.”That, in turn, has an impact on security. “There is no perfect solution when it comes to security,” Rhines noted. “Nothing gives you 100% certainty. But there are tests you can run. You can put intelligent features into the chip that look at the data flow and look for unusual sequences and put up a flag when an unusual sequence is executed, and possibly block the execution when a suspicious circumstance occurs. Products we’ve tested in the past merely flag unusual things going on in the system, and it’s up to them to look into it.”
2019-01-14 00:00 阅读量:1160
  • 一周热料
  • 紧缺物料秒杀
型号 品牌 询价
MC33074DR2G onsemi
TL431ACLPR Texas Instruments
BD71847AMWV-E2 ROHM Semiconductor
CDZVT2R20B ROHM Semiconductor
RB751G-40T2R ROHM Semiconductor
型号 品牌 抢购
BP3621 ROHM Semiconductor
IPZ40N04S5L4R8ATMA1 Infineon Technologies
TPS63050YFFR Texas Instruments
ESR03EZPJ151 ROHM Semiconductor
BU33JA2MNVX-CTL ROHM Semiconductor
STM32F429IGT6 STMicroelectronics
热门标签
ROHM
Aavid
Averlogic
开发板
SUSUMU
NXP
PCB
传感器
半导体
相关百科
关于我们
AMEYA360微信服务号 AMEYA360微信服务号
AMEYA360商城(www.ameya360.com)上线于2011年,现 有超过3500家优质供应商,收录600万种产品型号数据,100 多万种元器件库存可供选购,产品覆盖MCU+存储器+电源芯 片+IGBT+MOS管+运放+射频蓝牙+传感器+电阻电容电感+ 连接器等多个领域,平台主营业务涵盖电子元器件现货销售、 BOM配单及提供产品配套资料等,为广大客户提供一站式购 销服务。