UltraSoC today announces Bare Metal Security capabilities, extending its industry-leading on-chip monitoring and analytics to deliver security functionality required in a broad range of embedded products, from Internet of Things (IoT) appliances to enterprise systems. Bare Metal Security features are implemented as hardware running below the operating system, so are non-intrusive and remain robust even if the system’s conventional security measures are compromised. This adds an entirely new level of protection to the SoC (system-on-chip).
“UltraSoC has proven success in accelerating SoC development,” said Rupert Baines, UltraSoC CEO. “Today we move up a gear, and address another of the semiconductor industry’s most pressing problems – security. Our Bare Metal Security tools complement traditional security mechanisms, adding protection against both malicious attacks and against inadvertent malfunctions. Better still, the same gates provide all of the established benefits of developing with UltraSoC; a vendor-independent infrastructure that allows faster, more cost-efficient debug and performance optimization capabilities that are beyond the reach of conventional technologies.”
Bare Metal Security functionality uses the UltraSoC monitors to watch for unexpected behaviors such as suspicious memory accesses or processor activity, at hardware speed and non-intrusively, with minimal silicon overhead. Because it is an orthogonal on-chip hardware infrastructure independent of the main system functionality and software, there is no negative impact on system performance and it is very difficult for an attacker to subvert or tamper with. Although it functions below and outside of the operating system, the technology also provides a means of communicating with software on the device as part of a holistic security system, if this is necessary. Bare-Metal Security features also provide visibility of the whole system, making it extremely difficult to camouflage or hide an attack.
“People increasingly appreciate the urgency of addressing security,” said Caroline Gabriel, Research Director at Rethink Research. “However, robust security cannot be bolted-on as an afterthought: it must be designed-in from the beginning. UltraSoc’s Bare Metal Security provides an attractive addition to the options available for a system developer. By providing an independent mechanism for raising an alarm or putting the system into a safe mode, this delivers an additional layer of security, especially useful as we move to the IoT age, where ‘everything’ is connected.”
Haydn Povey, CEO of Secure.Thingz, commented: “We’re seeing increasing interest in building security into SoCs at the hardware level. In fact, a number of recent announcements have promised just that. UltraSoC’s technology goes further: an independent on-chip security infrastructure, as a complement to other access-control mechanisms. Because it is versatile and scalable it has applications from IoT, through to enterprise applications, making it an attractive option for many SoC design teams.”
By offering resource-efficient and highly effective protection against malicious attack and malfunction, the UltraSoC on-chip analytics and monitoring system provides both development support and functionality enhancement from the same on-chip blocks. Teams which are already using UltraSoC to accelerate the debug, silicon validation and bring-up process can therefore utilize the same infrastructure for security processing; while designers who need Bare Metal Security features get the development benefits of a vendor-independent on-chip debug infrastructure at zero additional cost.
Bare Metal Security features will typically serve as a complement to, rather than a substitute for, conventional security measures. In other cases they offer a robust level of protection unattainable using conventional security architectures, within the resource constraints of lightweight embedded devices such as those expected to make up the majority of the emerging Internet of Things market.
Although originally developed for debug and silicon validation, UltraSoC’s IP also enables a broad range of value-added functionality in-service, of which security is just one example. Other applications include in-field monitoring, performance optimization, reducing power utilization and SLA enforcement.
The announcement from UltraSoC coincides with the inaugural conference of the IoT Security Foundation in London. The Foundation, of which UltraSoC is an active member, aims to maximize the benefits of the IoT by promoting knowledge and best practice in excellent, appropriate security to those who specify, make and use IoT products and systems.