Designing Secure IoT Devices with the Arm Platform Security Architecture and Cortex-M33

Designing Secure IoT Devices with the Arm Platform Security Architecture and Cortex-M33

by Trevor Martin
Released April 2022
Publisher(s): Newnes
ISBN: 9780128214732

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Designing Secure IoT devices with the Arm Platform Security Architecture and Cortex-M33 explains how to design and deploy secure IoT devices based on the Cortex-M23/M33 processor. The book is split into three parts. First, it introduces the Cortex-M33 and its architectural design and major processor peripherals. Second, it shows how to design secure software and secure communications to minimize the threat of both hardware and software hacking. And finally, it examines common IoT cloud systems and how to design and deploy a fleet of IoT devices. Example projects are provided for the Keil MDK-ARM and NXP LPCXpresso tool chains.

Since their inception, microcontrollers have been designed as functional devices with a CPU, memory and peripherals that can be programmed to accomplish a huge range of tasks. With the growth of internet connected devices and the Internet of Things (IoT), “plain old microcontrollers” are no longer suitable as they lack the features necessary to create both a secure and functional device. The recent development by ARM of the Cortex M23 and M33 architecture is intended for today’s IoT world.

  • Shows how to design secure software and secure communications using the ARM Cortex M33-based microcontrollers
  • Explains how to write secure code to minimize vulnerabilities using the CERT-C coding standard
  • Uses the mbedTLS library to implement modern cryptography
  • Introduces the TrustZone security peripheral PSA security model and Trusted Firmware
  • Legal requirements and reaching device certification with PSA Certified

Table of contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Foreword
  6. Chapter 1: Introduction
    1. Abstract
    2. Arm Platform Security Architecture
    3. Assumptions
    4. Structure of the book
    5. Tutorial exercises
    6. Important
  7. Chapter 2: Arm platform security architecture
    1. Abstract
    2. Introduction
    3. Analyze
    4. Architect
    5. Implement
    6. PSA certification
    7. Conclusion
  8. Chapter 3: Development tools and device platform
    1. Abstract
    2. Introduction
    3. Hardware
    4. Software
    5. Install MDK packs and utilities
    6. Conclusion
  9. Chapter 4: Cryptography—The basics
    1. Abstract
    2. Introduction
    3. mbedTLS
    4. Information assurance
    5. Security services
    6. Ciphers
    7. Streaming block ciphers
    8. Hash functions
    9. Authenticated encryption
    10. Random numbers
    11. Managing keys
    12. Conclusion
  10. Chapter 5: Cryptography—Secure communications
    1. Abstract
    2. Introduction
    3. Asymmetric ciphers
    4. Elliptic curve cryptography
    5. Message signing
    6. Using asymmetrical ciphers
    7. Man in the Middle
    8. Public key infrastructure
    9. X.509 certificates
    10. Certificate validation
    11. Certificate lifetime
    12. Certificate revocation list
    13. Certificate encoding
    14. Certificate authority selection
    15. Certificate chain
    16. Exercise: Creating X.509 certificates
    17. Putting it all together
    18. Exercise: TLS server authentication
    19. Conclusion
  11. Chapter 6: IoT networking and data formats
    1. Abstract
    2. Introduction
    3. Message queued telemetry transport (MQTT)
    4. Data formats
    5. Conclusion
  12. Chapter 7: Using an IoT cloud service
    1. Abstract
    2. Introduction
    3. AWS account
    4. AWS IoT
    5. Connect a device
    6. Create a connection policy
    7. Adding the Dynamo DB database
    8. Action rules
    9. IoT analytics
    10. Logs
    11. Lambda
    12. Device services
    13. Conclusion
  13. Chapter 8: Software attacks and threat modeling
    1. Abstract
    2. Introduction
    3. Common security exploits and vulnerabilities
    4. Mitigation
    5. Threat modeling
    6. Conclusion
  14. Chapter 9: Building a defense with the PSA security model
    1. Abstract
    2. Introduction
    3. Software architecture
    4. Temporal barrier
    5. Runtime isolation
    6. PSA Execution environment
    7. Runtime partitions
    8. Secure services
    9. Secure Boot
    10. PSA parameters
    11. Lifecycle
    12. Device requirements
    13. Conclusion
  15. Chapter 10: Device partitioning with TrustZone
    1. Abstract
    2. Introduction
    3. TrustZone security extension
    4. Programmers model
    5. TrustZone operation
    6. TrustZone configuration
    7. TrustZone interrupt handling
    8. TrustZone system control block
    9. SysTick
    10. Exercise: TrustZone SysTick support
    11. Using an RTOS with TrustZone
    12. Memory protection unit (MPU)
    13. CMSIS-zone
    14. Conclusion
  16. Chapter 11: The NXP LPC55S69 a reference IoT microcontroller
    1. Abstract
    2. Introduction
    3. Trusted execution environment (TEE)
    4. Security architecture
    5. Hardware accelerators
    6. Conclusion
  17. Chapter 12: Trusted firmware
    1. Abstract
    2. Introduction
    3. Installation
    4. Exercise: TF-M setup and testing
    5. TF-M software design
    6. Conclusion
  18. Chapter 13: Trusted firmware secure services
    1. Abstract
    2. Introduction
    3. Nonsecure client
    4. Security services
    5. Conclusion
  19. Chapter 14: The PSA Secure Bootloader
    1. Abstract
    2. Introduction
    3. Updatable bootloader
    4. Upgrade strategies
    5. Firmware update service
    6. Image encapsulation
    7. Image signing
    8. BL2 configuration
    9. Updating the bootloader keys
    10. Exercise: Bootloader keys
    11. Bootloading by hardware key
    12. Image encryption
    13. Measured boot
    14. Conclusion
  20. Bibliography
  21. Index

Product information

  • Title: Designing Secure IoT Devices with the Arm Platform Security Architecture and Cortex-M33
  • Author(s): Trevor Martin
  • Release date: April 2022
  • Publisher(s): Newnes
  • ISBN: 9780128214732