Consumers today use their devices to do more than ever before and the data they produce becomes extremely valuable to potential criminals. To add to this challenge, applications installed from untrusted sources make it very difficult to identify and stop potential security breaches.
Luckily, there is now a solution to address security concerns at the platform level and it is called OmniShield; it offers chip makers and OEMs the advanced security framework they need to build better devices. You can read all about OmniShield and its architecture here.
In this article I would like to highlight some use cases for OmniShield in today’s connected world.
Wearables, smartphones and tablets
When talking about mobile computing, one would traditionally point to smartphones and tablets; in the past year, mobile has grown to include several new categories of devices, from wearables to 2-in-1 laptops and beyond.
These devices talk to each other and to the outside world; you take the smartphone out for a quick game during a lunch break, then continue playing it on the tablet when you get home. Your smartwatch monitors your heart rate then sends it to your phone; your wearable also accesses your business email to notify you when a new message arrives. You might also take your personal tablet to work and use it during meetings to write down important information.
These use cases have been made possible thanks to an incredible evolution in the design of mobile software (operating systems and applications) and hardware (chips). However, devices that are left unprotected become easy targets for hackers.
By implementing security at the hardware level, mobile chips are able to keep user data in separate containers so that one weakness does not affect the integrity of the entire platform.
For example, if a downloaded game is infected by malware, hackers will not be able to spy on your bank details or health information. You’d also be able to keep your personal and work data completely apart, therefore ensuring the complete privacy of highly confidential information.
Another use case relates to streaming premium content. Before providers had to rely on smart cards for encryption but these chips increase costs, reduce overall performance. By using OmniShield, a mobile processor can render the content running on an Android media player in the non-secure space while the decrypting part is kept away from the operating system and handled in a separate and secure TEE. Since OmniShield operates on unified memory, the buffers where data is staged are also protected. In addition, the content is isolated from other software that runs in the background for cases where the GPU is overlaying multiple apps.
Consumer and industrial IoT
One year ago, a few smart fridges in the US decided that cooling sparkling wine was beneath them; instead, they redirected their processing power at spamming enterprises and individuals worldwide, generating bursts of 100,000 emails three times per day. Then there was that case of Target getting hacked through the HVAC system and facing losses of up to $420 million following the attack.
It was later revealed in both cases that hackers were able to easily bypass the software security systems put in place by manufacturers.
These are examples of how some consumer and industrial IoT devices today falter under attack. Moreover, when looking at the current predicted scale of growth for IoT (tens of billions of units), addressing these security concerns and creating new business models can be challenging to say the least.
By adopting a solution like OmniShield, OEMs can implement security from the hardware level all the way up to the cloud. For example, our connected processor platform comes with a MIPS M5150 processor – the only MCUs available on the market that support hardware virtualization and multiple TEEs. Devices using these MCUs are able to create secure channels for remote device management and service deployment while also running an operating system like Linux required for a graphics UI. In addition, M-class processors feature anti-tamper debug interfaces leaving no back door open through which hackers can get in.
The combination of OmniShield and FlowCloud provides a completely secure solution for connected platforms, from device to cloud.
Most smart devices will be connected to a cloud infrastructure. We’ve created our FlowCloud platform for IoT to help companies who are looking for a turnkey solution that is scalable, safe and easy to deploy. When it comes to safety features, FlowCloud supports device and user authentication, asynchronous messaging services, event logging, data storage, secure transactions and electronic payments.
Manufacturers worldwide have started to add mobile chips to implement new functionality (infotainment, dashboard navigation, self-parking, wireless connectivity or collision detection/avoidance) in smart cars. Until now, this was typically handled by separate processors or by a single platform running software virtualization – this generally affected performance and increased power consumption.
It also left the car vulnerable to tampering. Last month, ADAC reported that hackers in Germany could unlock connected cars remotely by exploiting a flaw in the vehicle’s firmware.
By adopting our OmniShield platform, car manufacturers can reduce costs and simplify designs by running multiple features securely on a single embedded superchip. Since OmniShield includes platform-wide secure virtualization, the CPU+GPU sub-system can run both the infotainment system and the collision detecting mechanism in separate containers, ensuring failsafe operation.
In addition, embedded control units (ECUs) that control various vital functions (ABS, power steering, powertrain control, etc.) can also use OmniShield to ensure optimal and tamper-free operation and performance.
Digital TV and set-top boxes
The technical demands of the connected home will continue to increase dramatically in the coming years; you can read more about these trends here. To meet these demands, vendors must build flexible solutions that incorporate high performance technologies.
Consumer electronics used in the home also require future-proof security so that users can enjoy high quality video and audio content at any time and on any device. Traditionally, broadcast content was protected using a separate crypto engine implemented in a separate chip. However, this method has several drawbacks: there are usually software integration issues and the use of a separate chip increases power consumption and reduces performance (particularly for Full or Ultra HD content).
There are several standards for encrypting content that OmniShield is applicable to; in the case of DVB, our platform can handle the digital keys for standards such as conditional access (CA) while also decoding and rendering the stream on top of the TV’s user interface.
OmniShield can protect all digital content against theft and still ensure high-quality audio and video playback.
Software architects can use OmniShield to securely implement more advanced effects such as split screen functionality, where the broadcasted content is shown alongside a social media app for example.
Imagine streaming the Super Bowl in Ultra HD definition while checking out your friends’ reaction on Twitter or watching a movie and searching for the lead actor on IMDB.com – all perfectly and instantly rendered on your large-screen TV.
All of the examples above show why designing advanced security in connected devices is more important than ever.
The industry is increasingly aware that security must be multi-faceted; the feedback we are receiving from our customers, OEMs and consumers shows there is a real demand for multi-layered security implemented at the platform level using OmniShield through to high level applications.
OmniShield is a very efficient implementation that provides very high performance in a power envelope suited for mobile and embedded applications; we’ve worked with our partners to create hypervisors that adapt to hardware features (e.g. FEXEROX for microcontrollers) and provide full isolation at the platform level.
Can you think of other examples where OmniShield becomes extremely efficient in combating security issues? Leave us a comment in the box below.