Arm’s Platform Security Architecture has many aspects, and has included many of these ideas into its Cortex-M23 and M33 that incorporate TrustZone features. Its latest addition initially targets the new Corex-M35P—the trailing P indicates further security protection. More specifically, it adds features such as tamper resistance to the already existing TrustZone support in the ARMv8-M architecture. The security enclave and cryptographic IP provides protection against side-channel attacks.
As with most of Arm’s IP designs, this allows designers to incorporate the new security features simply by choosing the architectural design that includes them. The Cortex-M35P is one piece; the other two are the CryptoCell-312P and the CryptoIsland-300P. Like the Cortex-M35P, the others offer enhanced security features when compared to their earlier counterparts that have been available to chip designers (see figure).
The new Cortex-M35P, CryptoCell-312P, and the CryptoIsland-300P add physical security to already existing secure processor designs.
Not all applications will require the level of security provided by the Cortex-M35P, CryptoCell-312P, and CryptoIsland-300P. The new Cortex-M chips already include encryption that’s part of the TrustZone support, but this has the possibility of being bypassed by physically compromising a chip. The added anti-tampering support addresses this as well as side-channel attacks, such as those that target power-related breaches.
The new security systems will be valuable for a host of application areas, including control systems within cars, to IoT and IIoT solutions that will not have secure facilities to protect them from physical access. The Cortex-M35P will support ISO 26262 certification.