On Wednesday 23rd March we will hold a webinar entitled ‘Micro-virtualize or die! Securing connected MCUs with OmniShield’.
There are some that might baulk at the use of this rather hyperbolic title but we think it’s actually quite reasonable. After all, as the internet of things starts to coalesce from theory into reality and the world gets more connected every day, security is increasingly becoming a mainstream – and potentially life or death – concern.
For example, the potential for drone hacking is real: last year an IBM security consultant was able to demonstrate how a £27,000 police drone could be compromised with hardware costing just £30. Cesare Garlati, chief security strategist for the prpl Foundation, which develops open-source embedded software, suggests that the issue of insecure drones is a major problem and raises the spectre of them being misused for nefarious purposes such as terrorism.
Last year’s Mirai botnet malware demonstrated that many devices such as routers have insufficient security. With internet connectivity starting to touch everyday objects it’s becoming something to which the person on the street can relate. Headphones have been hijacked, as have pacemakers and, of course, cars; Jeeps and Teslas have both already fallen victim to remote hacking.
As the connected home moves from near future to reality, the issue will become critical, with a great many things inside them that could potentially come under threat, all of which will need to be made secure.
So it’s clear: we’re at the stage where nearly everyone understands that security is critical and that it needs to be dealt with up front – that is built into products at their very foundation, rather than patched afterwards.
In the Enterprise, the benefits of virtualization, separating out operating systems and their functions from the underlying hardware, is well understood, and in telecoms, network function virtualization is becoming an established concept. In both cases, the emphasis is on enabling greater agility, scalability and manageability.
However, the importance of virtualization in embedded systems is perhaps, less well appreciated. Here the virtualization provides two primary benefits. The first is to share the resources on a SoC so it’s possible to “do more with less”. The second is to create entirely separate domains into which operating systems or applications can be placed so that a vulnerability in one of them cannot impact the other. For example in a car, if the infotainment system is compromised, it will not affect the main dashboard cluster providing crucial information to the driver.
To learn more, be sure to join our upcoming webinar with Majid Bemanian, Director of Marketing at Imagination. During this thirty-minute session on 23rd March 2017 at 7pm GMT, you’ll get a clear understanding of why micro-virtualization is the way forward for creating a foundation for true security in embedded applications and get details on how to build security into your MCU.
For more information on the topic, you can also look at this application note on the prpl Security Framework, which describes how to create secure domains using a prpl Hypervisor on MIPS M-class M5150 CPU with hardware virtualization support.