Subject: General Tech | May 2, 2018 - 11:00 AM | Josh Walrath
Tagged: voltage, physical attacks, exploits, EM, CryptoIsland, CryptoCell, Cortex-M35P, cortex, arm
The world is rife with exploits. We see and hear about them everyday. It is a major problem for device makers that try to use cutting edge technology in their products, but do not know what potential vulnerabilities can be exposed. ARM has a robust security suite available for their chips that can be licensed and implemented, but so far these have dealt primarily with software. Nothing has been done in consumer chips to protect from other side-channel exploits in which the chip is physically accessed.
Physical security was once the realm of military style hardware that were hardened and designed to be nearly impervious if falling into the wrong hands. Now ARM is offering partners the ability to implement several physical security features into their chips to help defeat those who wish to exploit these products.
The first product to get this treatment is the new Cortex-M35P. This is based on previously released Cortex-M3x technology featuring the Armv8-M ISA. It is a new chip in that it has all of the features for physical security integrated into the design. It also features all of the previous security IP that ARM has released including TrustZone, CryptoIsland, and CryptoCell.
Physcial attacks can come through a variety of ways. Monitoring voltage and EM from the chip is the least invasive, while physically accessing the device and exposing the core down to the transistor level obviously destroys the chip but gives the attacker a lot of information about the chip. The former attacks can be done by people with varying levels of experience and commonly acquired tools. The latter attack requires a tremendous amount of knowledge as well as require high end equipment not normally found outside of chip design and fabrication firms. ARM cannot protect against dissecting the part, but they can help protect against the more non-invasive exploits.
EM and voltage monitoring can give clues about potential sideband exploits that would work with the chip. The attacker records these measurements when the chip is doing work such as encryption. This then can lead to more specific attacks on the chip. ARM is able to design countermeasures on these chips to either limit EM output or to “dirty” the output so that it reveals little about the operation of the chip. ARM is able to do much the same when it comes to voltage tampering.
ARM did not go into any significant detail on the actual mechanisms of these security features. All we know is that these are features designed into the chip from the beginning and cannot be applied retroactively to previous chips. This makes sense due to these being physical attacks, and if ARM detailed the countermeasures, then the attackers can more easily work around them.
Security is a process. One fix will not create a totally locked-down world. It takes a pretty extensive infrastructure to address all of the threats that are likely to be encountered by IoT devices throughout the world. Adding to the physical IP with security measures allows ARM and its clients to be that little bit more confident that they are exposing their users to the least amount of risk possible when it comes to exploiting these products.
Subject: General Tech | February 21, 2018 - 09:00 AM | Josh Walrath
Tagged: modem, Kigen, iSIM, iot, cortex, cellular, arm
Last year ARM went on a bit of a buying spree thanks to the financial help of its holding company, SoftBank. One of the companies that it scooped up was that of Simulity Labs for around 12 million pounds. The company was developing IoT security products based on eSIM technology and a robust OS that provides provisioning on a cellular network.
Many believe that the nearly ubiquitous cellular networks that surround us are the key to truly successful IoT products. There are massive cellular deployments around the world. It is a well regulated spectrum. Security through SIM cards is a well known and understood process. It is not impossible to break this security, but it is questionable if it is worth the time and effort to do so.
ARM has gone ahead and provided the means to productize and push this technology with the aim of providing a vast, secure IoT infrastructure that would be relatively easy to rollout with current cellular networks. There are multiple parts to this technology, but ARM is hoping to offer an all-in-one solution that would provide an inexpensive platform for OEMs and Mobile Network Operators (MNOs) to roll out products on.
Addressing New Markets
Machine Learning is one of the hot topics in technology, and certainly one that is growing at a very fast rate. Applications such as facial recognition and self-driving cars are powering much of the development going on in this area. So far we have seen CPUs and GPUs being used in ML applications, but in most cases these are not the most efficient ways of doing these highly parallel but relatively computationally simple workloads. New chips have been introduced that are far more focused on machine learning, and now it seems that ARM is throwing their hat into the ring.
ARM is introducing three products under the Project Trillium brand. It features a ML processor, a OD (Object Detection) processor, and a ARM developed Neural Network software stack. This project came as a surprise for most of us, but in hindsight it is a logical avenue for them to address as it will be incredibly important moving forward. Currently many applications that require machine learning are not processed at the edge, namely in the consumer’s hand or device right next to them. Workloads may be requested from the edge, but most of the heavy duty processing occurs in datacenters located all around the world. This requires communication, and sometimes pretty hefty levels of bandwidth. If neither of those things are present, applications requiring ML break down.
Subject: Processors | October 24, 2017 - 02:12 AM | Josh Walrath
Tagged: arm, cortex, mali, PSA, security, TrustZone, Platform Security Architecture, amd, cortex-m, Armv8-m
It is no wonder that device security dominates news. Every aspect of our lives is approaching always connected status. Whether it is a major company forgetting to change a default password or an inexpensive connected webcam that is easily exploitable, security is now more important than ever.
ARM has a pretty good track record in providing solutions to their partners to enable a more secure computing experience in this online world. Their first entry to address this was SecurCore which was introduced in 2000. Later they released their TrustZone in 2003. Eventually that technology made it into multiple products as well as being adopted by 3rd party chip manufacturers.
Today ARM is expanding the program with this PSA announcement. Platform Security Architecture is a suite of technologies that encompasses software, firmware, and hardware. ARM technology has been included in over 100 billion chips shipped since 1991. ARM expects that another 100 billion will be shipped in the next four years. To get a jump on the situation ARM is introducing this comprehensive security architecture to enable robust security features for products from the very low end IoT to the highest performing server chips featuring ARM designs.
PSA is not being rolled out in any single product today. It is a multi-year journey for ARM and its partners and it can be considered a framework to provide enhanced security across a wide variety of products. The first products to be introduced using this technology will be the Armv8-M class of processors. Cortex-M processors with Trusted Firmware running on the Mbed OS will be the start of the program. Eventually it will branch out into other areas, but ARM is focusing much of its energy on the IoT market and ensuring that there is a robust security component to what could eventually scale out to be a trillion connected products.
There are two new hardware components attached to PSA. The first is the CryptoIsland 300 on-die security enclave. It is essentially a second layer of hardware security beyond that of the original TrustZone. The second is the SDC-600. This is a secure debug port that can be enabled and disabled using certificates. This cuts off a major avenue for security issues. These technologies are integrated into the CPUs themselves and are not offered as a 3rd party chip.
If we truly are looking at 1 trillion connected devices over the next 10 years, security is no longer optional. ARM is hoping to get ahead of this issue by being more proactive in developing these technologies and working with their partners to get them implemented. This technology will evolve over time to include more and more products in the ARM portfolio and hopefully will be adopted by their many licensees.
ARM Refreshes All the Things
This past April ARM invited us to visit Cambridge, England so they could discuss with us their plans for the next year. Quite a bit has changed for the company since our last ARM Tech Day in 2016. They were acquired by SoftBank, but continue to essentially operate as their own company. They now have access to more funds, are less risk averse, and have a greater ability to expand in the ever growing mobile and IOT marketplaces.
The ARM of today certainly is quite different than what we had known 10 years ago when we saw their technology used in the first iPhone. The company back then had good technology, but a relatively small head count. They kept pace with the industry, but were not nearly as aggressive as other chip companies in some areas. Through the past 10 years they have grown not only in numbers, but in technologies that they have constantly expanded on. The company became more PR savvy and communicated more effectively with the press and in the end their primary users. Where once ARM would announce new products and not expect to see shipping products upwards of 3 years away, we are now seeing the company be much more aggressive with their designs and getting them out to their partners so that production ends up happening in months as compared to years.
Several days of meetings and presentations left us a bit overwhelmed by what ARM is bringing to market towards the end of 2017 and most likely beginning of 2018. On the surface it appears that ARM has only done a refresh of the CPU and GPU products, but once we start looking at these products in the greater scheme and how they interact with DynamIQ we see that ARM has changed the mobile computing landscape dramatically. This new computing concept allows greater performance, flexibility, and efficiency in designs. Partners will have far more control over these licensed products to create more value and differentiation as compared to years past.
We have previously covered DynamIQ at PCPer this past March. ARM wanted to seed that concept before they jumped into more discussions on their latest CPUs and GPUs. Previous Cortex products cannot be used with DynamIQ. To leverage that technology we must have new CPU designs. In this article we are covering the Cortex-A55 and Cortex-A75. These two new CPUs on the surface look more like a refresh, but when we dig in we see that some massive changes have been wrought throughout. ARM has taken the concepts of the previous A53 and A73 and expanded upon them fairly dramatically, not only to work with DynamIQ but also by removing significant bottlenecks that have impeded theoretical performance.
New "Fabric" for ARM
Subject: General Tech | September 20, 2016 - 01:20 PM | Jeremy Hellstrom
Tagged: arm, iot, cortex r52, r-52, cortex, security
ARM's new Cortex R-52 replaces the aging R-5 and they report that it will run 14 times faster than the model it replaces. It is also the first ARMv8-R based product they have released, it supports hypervisor instructions as well as additional unspecified safety features. They are aiming for medical applications as well as vehicles, markets which are currently plagued by insecure software and hardware. In many cases the insecurity stems from companies using the default software settings in their products, often due to ignorance as opposed to malice and ARM intends their default settings to be far more secure than current SOCs. Unfortunately this will not help with those who use default passwords and ports but it is a step in the right direction. Pop over to The Inquirer for more information.
"The Cortex R-52 has been five years in development and is engineered to meet new safety standards as ARM takes aim at the growing market of large-scale smart devices, such as surgical robots and self-driving cars."
Here is some more Tech News from around the web:
- 4K UHD TVs Are Being Adopted Faster Than HDTVs @ Slashdot
- Microsoft snubs alert over Exchange hole @ The Register
- Clustering A Lot Of Raspberry Pi Zeros @ Hack a Day
- IPv4 apocalypse means we just can't measure the internet any more @ The Register
- Opera brings its desktop VPN to the mainstream @ The Inquirer
- Want a Dell printer? Unlucky – they've just stopped selling them @ The Register
- Wise Pad W7 Phablet Giveaway Contest @ Tech ARP
A Watershed Moment in Mobile
This previous May I was invited to Austin to be briefed on the latest core innovations from ARM and their partners. We were introduced to new CPU and GPU cores, as well as the surrounding technologies that provide the basis of a modern SOC in the ARM family. We also were treated to more information about the process technologies that ARM would embrace with their Artisan and POP programs. ARM is certainly far more aggressive now in their designs and partnerships than they have been in the past, or at least they are more willing to openly talk about them to the press.
The big process news that ARM was able to share at this time was the design of 10nm parts using an upcoming TSMC process node. This was fairly big news as TSMC was still introducing parts on their latest 16nm FF+ line. NVIDIA had not even released their first 16FF+ parts to the world in early May. Apple had dual sourced their 14/16 nm parts from Samsung and TSMC respectively, but these were based on LPE and FF lines (early nodes not yet optimized to LPP/FF+). So the news that TSMC would have a working 10nm process in 2017 was important to many people. 2016 might be a year with some good performance and efficiency jumps, but it seems that 2017 would provide another big leap forward after years of seeming stagnation of pure play foundry technology at 28nm.
Yesterday we received a new announcement from ARM that shows an amazing shift in thought and industry inertia. ARM is partnering with Intel to introduce select products on Intel’s upcoming 10nm foundry process. This news is both surprising and expected. It is surprising in that it happened as quickly as it did. It is expected as Intel is facing a very different world than it had planned for 10 years ago. We could argue that it is much different than they planned for 5 years ago.
Intel is the undisputed leader in process technologies and foundry practices. They are the gold standard of developing new, cutting edge process nodes and implementing them on a vast scale. This has served them well through the years as they could provide product to their customers seemingly on demand. It also allowed them a leg up in technology when their designs may not have fit what the industry wanted or needed (Pentium 4, etc.). It also allowed them to potentially compete in the mobile market with designs that were not entirely suited for ultra-low power. x86 is a modern processor technology with decades of development behind it, but that development focused mainly on performance at higher TDP ranges.
This past year Intel signaled their intent to move out of the sub 5 watt market and cede it to ARM and their partners. Intel’s ultra mobile offerings just did not make an impact in an area that they were expected to. For all of Intel’s advances in process technology, the base ARM architecture is just better suited to these power envelopes. Instead of throwing good money after bad (in the form of development time, wafer starts, rebates) Intel has stepped away from this market.
This leaves Intel with a problem. What to do with extra production capacity? Running a fab is a very expensive endeavor. If these megafabs are not producing chips 24/7, then the company is losing money. This past year Intel has seen their fair share of layoffs and slowing down production/conversion of fabs. The money spent on developing new, cutting edge process technologies cannot stop for the company if they want to keep their dominant position in the CPU industry. Some years back they opened up their process products to select 3rd party companies to help fill in the gaps of production. Right now Intel has far more production line space than they need for the current market demands. Yes, there were delays in their latest Skylake based processors, but those were solved and Intel is full steam ahead. Unfortunately, they do not seem to be keeping their fabs utilized at the level needed or desired. The only real option seems to be opening up some fab space to more potential customers in a market that they are no longer competing directly in.
The Intel Custom Foundry Group is working with ARM to provide access to their 10nm HPM process node. Initial production of these latest generation designs will commence in Q1 2017 with full scale production in Q4 2017. We do not have exact information as to what cores will be used, but we can imagine that they will be Cortex-A73 and A53 parts in big.LITTLE designs. Mali graphics will probably be the first to be offered on this advanced node as well due to the Artisan/POP program. Initial customers have not been disclosed and we likely will not hear about them until early 2017.
This is a big step for Intel. It is also a logical progression for them when we look over the changing market conditions of the past few years. They were unable to adequately compete in the handheld/mobile market with their x86 designs, but they still wanted to profit off of this ever expanding area. The logical way to monetize this market is to make the chips for those that are successfully competing here. This will cut into Intel’s margins, but it should increase their overall revenue base if they are successful here. There is no reason to believe that they won’t be.
The last question we have is if the 10nm HPM node will be identical to what Intel will use for their next generation “Cannonlake” products. My best guess is that the foundry process will be slightly different and will not provide some of the “secret sauce” that Intel will keep for themselves. It will probably be a mobile focused process node that stresses efficiency rather than transistor switching speed. I could be very wrong here, but I don’t believe that Intel will open up their process to everyone that comes to them hat in hand (AMD).
The partnership between ARM and Intel is a very interesting one that will benefit customers around the globe if it is handled correctly from both sides. Intel has a “not invented here” culture that has both benefited it and caused it much grief. Perhaps some flexibility on the foundry side will reap benefits of its own when dealing with very different designs than Intel is used to. This is a titanic move from where Intel probably thought it would be when it first started to pursue the ultra-mobile market, but it is a move that shows the giant can still positively react to industry trends.
New Products for 2017
PC Perspective was invited to Austin, TX on May 11 and 12 to participate in ARM’s yearly tech day. Also invited were a handful of editors and analysts that cover the PC and mobile markets. Those folks were all pretty smart, so it is confusing as to why they invited me. Perhaps word of my unique talent of screenshoting PDFs into near-unreadable JPGs preceded me? Regardless of the reason, I was treated to two full days of in-depth discussion of the latest generation of CPU and GPU cores, 10nm test chips, and information on new licensing options.
Today ARM is announcing their next CPU core with the introduction of the Cortex-A73. They are also unwrapping the latest Mali-G71 graphics technology. Other technologies such as the CCI-550 interconnect are also revealed. It is a busy and important day for ARM, especially in light of Intel seemingly abandoning the sub-milliwatt mobile market.
ARM previously announced the Cortex-A72 in February, 2015. Since that time it has been seen in most flagship mobile devices in late 2015 and throughout 2016. The market continues to evolve, and as such the workloads and form factors have pushed ARM to continue to develop and improve their CPU technology.
The Sofia Antipolis, France design group is behind the new A73. The previous several core architectures had been developed by the Cambridge group. As such, the new design differs quite dramatically from the previous A72. I was actually somewhat taken aback by the differences in the design philosophy of the two groups and the changes between the A72 and A73, but the generational jumps we have seen in the past make a bit more sense to me.
The marketplace is constantly changing when it comes to workloads and form factors. More and more complex applications are being ported to mobile devices, including hot technologies like AR and VR. Other technologies include 3D/360 degree video, greater than 20 MP cameras, and 4K/8K displays and their video playback formats. Form factors on the other hand have continued to decrease in size, especially in overall height. We have relatively large screens on most premium devices, but the designers have continued to make these phones thinner and thinner throughout the years. This has put a lot of pressure on ARM and their partners to increase performance while keeping TDPs in check, and even reducing them so they more adequately fit in the TDP envelope of these extremely thin devices.
10nm Sooner Than Expected?
It seems only yesterday that we had the first major GPU released on 16nm FF+ and now we are talking about ARM about to receive their first 10nm FF test chips! Well, in fact it was yesterday that NVIDIA formally released performance figures on the latest GeForce GTX 1080 which is based on TSMC’s 16nm FF+ process technology. Currently TSMC is going full bore on their latest process node and producing the fastest current graphics chip around. It has taken the foundry industry as a whole a lot longer to develop FinFET technology than expected, but now that they have that piece of the puzzle seemingly mastered they are moving to a new process node at an accelerated rate.
TSMC’s 10nm FF is not well understood by press and analysts yet, but we gather that it is more of a marketing term than a true drop to 10 nm features. Intel has yet to get past 14nm and does not expect 10 nm production until well into next year. TSMC is promising their version in the second half of 2016. We cannot assume that TSMC’s version will match what Intel will be doing in terms of geometries and electrical characteristics, but we do know that it is a step past TSMC’s 16nm FF products. Lithography will likely get a boost with triple patterning exposure. My guess is that the back end will also move away from the “20nm metal” stages that we see with 16nm. All in all, it should be an improved product from what we see with 16nm, but time will tell if it can match the performance and density of competing lines that bear the 10nm name from Intel, Samsung, and GLOBALFOUNDRIES.
ARM has a history of porting their architectures to new process nodes, but they are being a bit more aggressive here than we have seen in the past. It used to be that ARM would announce a new core or technology, and it would take up to two years to be introduced into the market. Now we are seeing technology announcements and actual products hitting the scenes about nine months later. With the mobile market continuing to grow we expect to see products quicker to market still.
The company designed a simplified test chip to tape out and send to TSMC for test production on the aforementioned 10nm FF process. The chip was taped out in December, 2015. The design was shipped to TSMC for mask production and wafer starts. ARM is expecting the finished wafers to arrive this month.