New OmniShield platform implements multi-domain security for connected devices

Share on linkedin
Share on twitter
Share on facebook
Share on reddit
Share on digg
Share on email

There is revolution driving the world of semiconductors right now. From wearables to smart cars and homes, it seems connectivity is replacing orange as the new black of worldwide innovation. However, when connecting billions of users to the internet and to each other, companies must ensure that devices implement future-proof security.

The easiest way to address this is by relying on a powerful combination of hardware and software – and this is where OmniShield from Imagination steps in.

OmniShield explained

In anticipation of the Imagination Summit 2015 event in Santa Clara, Imagination is introducing OmniShield, a revolutionary approach to security across all markets.

Though current security solutions are acceptable for existing products, they don’t scale to meet the needs of next-generation products that are becoming increasingly connected and must support a range of new applications and services.

OmniShield - limited securityCurrent security solutions cannot scale

Think of your mobile processor as your home; if someone were to break into the house, they might then proceed to get access into every room.

OmniShield offers a vastly superior solution by implementing multiple locks (secure domains) protected by the strong, reinforced steel doors you see in movies (hardware isolation at the chip level); within every room, there are also many storage boxes with individual locks to provide further protection.

If thieves enter the house, it will be close to impossible to break into every room.

This ability to create multiple secure heterogeneous domains is a unique feature of our MIPS Warrior CPUs, PowerVR Series7 GPUs (and select PowerVR Series6XT GPUs) or Ensigma NPUs.

OmniShield - security software and hardware architecture___fOmniShield: hardware and software architecture

The diagram below presents a general use case for combining two of our OmniShield-ready families (MIPS Warrior CPUs and PowerVR Series7 GPUs) to obtain a next-generation platform that is designed to support fully secure applications.

OmniShield - security for all devices__fOmniShield adopts a platform-wide approach to security across many markets

Since MIPS CPUs and PowerVR GPUs are heterogeneous and coherent, they operate on a unified memory model, no longer copying data between memory buffers. Now that we’ve added virtualization to both families of silicon IP, we can create a fully protected and isolated architecture that implements secure virtualization in the context of coherent memory accesses.

MIPS Warrior CPUs support several secure domains

While competing solutions only offer up to one trusted zone where all virtualized software is forced to co-exist, MIPS Warrior CPUs support multiple secure domains. Remarkably and uniquely, this level of support is offered across the range, from M-class microcontrollers such as M5100 and M5150 to 64-bit I-class processors like I6400.

MIPS M5100 - hardware virtualizationMIPS MCUs implement multiple secure domains

This enables system designers to implement advanced security across a wide range of devices, from the smallest IoT sensors to data center many-core SoCs. Additionally, MIPS CPUs run the latest ultra-secure hypervisors and have been designed to support the latest technologies for secure content delivery or identity protection across multiple applications and content sources.

Virtualization goes beyond CPUs

Secure virtualization is not a CPU-only concern. System designers also pay particular attention to devices that incorporate firmware programmable processors that operate on memory shared with CPUs (including graphics, video, camera or network subsystems).

Imagination has recently announced a new generation of GPUs designed from the ground-up for secure virtualization. The new PowerVR Series7 family is designed to address the privacy and security needs of evolving and emerging connected applications.

PowerVR Series7XT and Series7XE GPUs are optimized to support multiple independent security contexts and execution domains by providing CPU-agnostic hardware virtualization deeply embedded in the graphics architecture.

PowerVR Series7 - virtualization_zonesAdvanced security and hardware virtualization is fully supported in PowerVR Series7 GPUs

This new generation of GPUs will enable customers in segments such as automotive to build systems where the dashboard and infotainment system can run independently and reliably on the same platform. For Android smartphones and tablets, hardware virtualization can keep a user’s personal data secure from health data collected by a wearable device.

Extending protection at the networking level

Ensigma NPUs implement a range of security solutions including basic building blocks for on-chip cryptography (symmetric/asymmetric ciphers, authentication engines), high-performance protocol processing engines (for IPSec, MACSec, and SSL/DTLS offload) and secure infrastructure for SoCs. These solutions are designed to reduce power consumption and increase performance for high-throughput data processing and secure communications.

Applications for OmniShield

Click on the links below if you want to know how consumer and enterprise markets can benefit from our OmniShield platform:

We will be showing a few demonstrations for these applications at our summit. Make sure you also follow us on Twitter (@ImaginationTech, @ImaginationTech) for the latest news and announcements from Imagination.

Alex Voica

Alex Voica

Before deciding to pursue his dream of working in technology marketing, Alexandru held various engineering roles at leading semiconductor companies in Europe. His background also includes research in computer graphics and VR at the School of Advanced Studies Sant'Anna in Pisa. You can follow him on Twitter @alexvoica.

Please leave a comment below

Comment policy: We love comments and appreciate the time that readers spend to share ideas and give feedback. However, all comments are manually moderated and those deemed to be spam or solely promotional will be deleted. We respect your privacy and will not publish your personal details.

Blog Contact

If you have any enquiries regarding any of our blog posts, please contact:

United Kingdom
Tel: +44 (0)1923 260 511

Search by Tag

Search by Author

Related blog articles

surround-view 3D model

Making surround-view for cars smarter and safer

With modern advancements in automotive safety, we are seeing advanced driving assistance (ADAS) technology such as surround-view become the new standard in modern cars. This demonstration shows how this application can be enhanced with the addition of accurate real-time reflections and AI to detect hazards that make the car safer. When this is combined with the new safety mechanisms in our new XS family of GPUs, it is clear why our GPUs are considered the safest in the world.

Read More »
self drive car

Unveiling XS: the ultimate GPU family for automotive

Introducing the XS family of GPU for automotive. XS is the first GPU IP compliant with ISO 26262, offering a new methodology and architecture for functional safety with specific safety-optimised mechanisms designed to protect against transient and permanent faults. Tuned on real-world ADAS applications, it offers unrivalled performance for graphics and compute in next-generation cars.

Read More »


Sign up to receive the latest news and product updates from Imagination straight to your inbox.