There is revolution driving the world of semiconductors right now. From wearables to smart cars and homes, it seems connectivity is replacing orange as the new black of worldwide innovation. However, when connecting billions of users to the internet and to each other, companies must ensure that devices implement future-proof security.
The easiest way to address this is by relying on a powerful combination of hardware and software – and this is where OmniShield from Imagination steps in.
In anticipation of the Imagination Summit 2015 event in Santa Clara, Imagination is introducing OmniShield, a revolutionary approach to security across all markets.
Though current security solutions are acceptable for existing products, they don’t scale to meet the needs of next-generation products that are becoming increasingly connected and must support a range of new applications and services.
Think of your mobile processor as your home; if someone were to break into the house, they might then proceed to get access into every room.
OmniShield offers a vastly superior solution by implementing multiple locks (secure domains) protected by the strong, reinforced steel doors you see in movies (hardware isolation at the chip level); within every room, there are also many storage boxes with individual locks to provide further protection.
If thieves enter the house, it will be close to impossible to break into every room.
The diagram below presents a general use case for combining two of our OmniShield-ready families (MIPS Warrior CPUs and PowerVR Series7 GPUs) to obtain a next-generation platform that is designed to support fully secure applications.
Since MIPS CPUs and PowerVR GPUs are heterogeneous and coherent, they operate on a unified memory model, no longer copying data between memory buffers. Now that we’ve added virtualization to both families of silicon IP, we can create a fully protected and isolated architecture that implements secure virtualization in the context of coherent memory accesses.
MIPS Warrior CPUs support several secure domains
While competing solutions only offer up to one trusted zone where all virtualized software is forced to co-exist, MIPS Warrior CPUs support multiple secure domains. Remarkably and uniquely, this level of support is offered across the range, from M-class microcontrollers such as M5100 and M5150 to 64-bit I-class processors like I6400.
This enables system designers to implement advanced security across a wide range of devices, from the smallest IoT sensors to data center many-core SoCs. Additionally, MIPS CPUs run the latest ultra-secure hypervisors and have been designed to support the latest technologies for secure content delivery or identity protection across multiple applications and content sources.
Virtualization goes beyond CPUs
Secure virtualization is not a CPU-only concern. System designers also pay particular attention to devices that incorporate firmware programmable processors that operate on memory shared with CPUs (including graphics, video, camera or network subsystems).
Imagination has recently announced a new generation of GPUs designed from the ground-up for secure virtualization. The new PowerVR Series7 family is designed to address the privacy and security needs of evolving and emerging connected applications.
PowerVR Series7XT and Series7XE GPUs are optimized to support multiple independent security contexts and execution domains by providing CPU-agnostic hardware virtualization deeply embedded in the graphics architecture.
This new generation of GPUs will enable customers in segments such as automotive to build systems where the dashboard and infotainment system can run independently and reliably on the same platform. For Android smartphones and tablets, hardware virtualization can keep a user’s personal data secure from health data collected by a wearable device.
Extending protection at the networking level
Ensigma NPUs implement a range of security solutions including basic building blocks for on-chip cryptography (symmetric/asymmetric ciphers, authentication engines), high-performance protocol processing engines (for IPSec, MACSec, and SSL/DTLS offload) and secure infrastructure for SoCs. These solutions are designed to reduce power consumption and increase performance for high-throughput data processing and secure communications.
Applications for OmniShield
Click on the links below if you want to know how consumer and enterprise markets can benefit from our OmniShield platform:
- Wearables, smartphones and tablets
- Consumer and industrial Internet of Things, home gateways
- Digital TVs and set-top boxes
We will be showing a few demonstrations for these applications at our summit. Make sure you also follow us on Twitter (@ImaginationTech, @ImaginationTech) for the latest news and announcements from Imagination.