For embedded developers seeking to hinder physical tampering and achieve a higher level of security certification, Arm offers the Cortex-M35P: a robust, high-performing processor. It builds upon the proven Arm Cortex-M technology deployed in billions of SoCs, making physical and software security accessible for all developers.
Physical security is generally complex – however, the ease-of-use of the Cortex-M35P processor, combined with the support of Arm and the Arm ecosystem, now open the door for embedded developers to deliver many new devices with physical resilience at the heart.
|Architecture||Armv8-M Mainline (Harvard)|
|Software security||Optional TrustZone for Armv8-M, stack pointers checking|
|Physical security||Built-in protection from invasive and non-invasive attacks|
|DSP Extensions||Optional DSP/SIMD instructions Single cycle 16/32-bit MAC Single cycle dual 16-bit MAC 8/16-bit SIMD arithmetic|
|Floating Point Unit||Optional single precision floating point unit IEEE 754 compliant|
|Co-processor interface||Optional dedicated co-processor bus interface for up to 8 co-processor units for custom compute|
|Memory Protection||Optional Memory Protection Unit (MPU) with up to 16 regions per security state|
|Interrupts||Non-Maskable Interrupt (NMI) and up to 480 physical interrupts with 8 to 256 priority levels|
|Wake-up Interrupt Controller||Optional for waking up the processor from state retention power gating or when all clocks are stopped|
|Sleep Modes||Integrated Wait for Event (WFE) and Wait for Interrupt (WFI) instructions with Sleep On Exit functionality|
|Debug||Optional JTAG and Serial Wire Debug ports. Up to 8 Breakpoints and 4 Watchpoints|
|Trace||Optional Instruction Trace (ETM), Micro Trace Buffer (MTB), Data Trace (DWT), and Instrumentation Trace (ITM)|
Key technical features
Cortex-M35P extends the anti-tampering features of the SecurCore family of processors, making this state-of-the art technology available to Cortex-M developers. Robust embedded security is more accessible than ever with the benefits of both physical and software security, using the optional TrustZone isolation.
Resilience against physical attacks
When the value of the protected assets is high, then hackers will resort to physical attacks on the device. The processor is built with multiple elements to protect from and detect such attacks.
TrustZone for Armv8-M
A foundation for security for embedded devices. TrustZone offers software isolation to code, memory and I/O while retaining the requirements of embedded applications: real-time deterministic response, minimal switching overhead, and ease of software development.
Interested in learning how to program Secure and Non-secure domains on a processor with TrustZone?
An integrated cache improves performance when running from embedded flash. The cache is resilient to physical attacks. The user can modify the customizable cache parity into an ECC (error correcting code) for safety applications.
A dedicated bus for extending the operation of the processor with tightly coupled co-processors to handle frequent and compute intensive operations in an ecosystem friendly manner. The interface supports up to eight accelerators and takes into account the security state of the co-processor.
Digital Signal Processing (DSP), SIMD, saturating arithmetic, fast MAC
Powerful instruction set for accelerating DSP applications, built right into the processor. A highly optimized DSP library built using these instructions is available free-of-charge from the Arm website (CMSIS Library).
Memory Protection Unit (MPU)
Software reliability and system security improves when each module is allowed access only to specific areas of memory required for it to operate. This protection prevents unexpected access that may overwrite critical data. Each of the security zones can have a dedicated MPU that may be configured with a different number of regions. Programming the regions is easier, removing the constraint to align regions on power-of-two size.
Integrated Nested Vectored Interrupt Controller (NVIC)
There is no need for a standalone external interrupt controller. Interrupt handling is taken care of by the NVIC removing the complexity of managing interrupts manually via the processor.
Powerful debug and non-intrusive real-time trace
Comprehensive debug and trace features dramatically improve developer productivity. Debug support and cycle accurate non-intrusive instruction and data trace for all stages of development supports high stakes secure projects as they move through development lifecycle.
The Cortex-M35P processor achieves an optimal blend between real-time determinism, energy efficiency, software productivity and a robust security foundation, using isolation to protect valuable IP and data with TrustZone technology and physical security.
Physical security White paper
This white paper explains the importance of physical security and solutions for mitigation, taking a closer look at the Arm Cortex-M35PRead here
White paper: Armv8-M architecture
Download this White paper to get a technical overview of the Armv8-M architecture and an introduction to TrustZone security technology.Read here
Embedded development tools for Cortex-M series
Arm and its ecosystem partners provide a wide range of tools for embedded software development on Arm Cortex-M processors.Learn more
Cortex-M Comparison Table
|Instruction set architecture||Armv6-M||Armv6-M
|Thumb, Thumb-2||Thumb, Thumb-2
|Memory Protection Unit (MPU)||No||Yes (option)||No||Yes (option)
|Yes (option)||Yes (option)||Yes (option)
|Maximum MPU regions||0||8||0||16||8||8||16||16||16|
|Trace (ETM or MTB)||No||MTB (option)||No||MTB (option) or
|ETMv3 (option)||ETMv3 (option)||MTB (option) and/or
MTB (option) and/or
|DSP||No||No||No||No||No||Yes||Yes (option)||Yes (option)||Yes|
|Floating point hardware||No||No||No||No||No||Yes (option SP)||Yes (option SP)||Yes (option SP)||Yes
(option SP + DP)
||Yes (option)||Yes (option)||Yes (option)||Yes (2 x)||Yes||Yes||Yes (2 x)||Yes (2 x)||Yes|
|Built-in Caches||No||No||No||No||No||No||No||Yes (option 2- 16kB||Yes (option 4-64kB|
|I-cache||I-cache, D -cache)|
|Tightly Coupled Memory||No||No||Yes||No||No||No||No||No||Yes
|TrustZone for Armv8-M
||No||No||No||Yes (option)||No||No||Yes (option)||Yes (option)||No|
|Co-processor interface||No||No||No||No||No||No||Yes (option)||Yes (option)||No|
||AHB Lite||AHB Lite, Fast I/O||AHB Lite||AHB5, Fast I/O||AHB Lite, APB||AHB Lite, APB||AHB5||AHB5||AXI4, AHB Lite, APB, TCM
|Wake-up interrupt controller support
|Integrated interrupt controller
|Maximum # external interrupts
|Single cycle multiply
||Yes (option)||Yes (option)||No||Yes||Yes||Yes||Yes||Yes||Yes|
Related IP and tools
The Cortex-M35P processor can be incorporated into an SoC using a broad range of Arm technology, including system IP and physical IP, speeding up time to market and optimizing implementation. It is fully supported by development tools from Arm and the world’s #1 embedded ecosystem.
Related IP and tools include:
Arm training courses and on-site system-design advisory services enable licensees to efficiently integrate the Cortex-M35P processor into their design to realize maximum system performance with lowest risk and fastest time-to-market.Arm training courses Arm Design Reviews Open a support case
|Not answered||Enabling SWO output in Cortex M3 DesignStart FPGA Xilinx edition?||0 votes||11 views||0 replies||Started 6 hours ago by jpthibault||Answer this|
|Not answered||why does LDR takes two cycle to be executed||0 votes||22 views||0 replies||Started 11 hours ago by Haohao||Answer this|
|Suggested answer||ARMv8-A: Is an ISB instruction required after writing to the CPSR register in AARCH32 state?||0 votes||66 views||1 replies||Latest 21 hours ago by 42Bastian Schick||Answer this|
|Suggested answer||How to Change the Non Secure VTOR (Cortex-M33)||0 votes||92 views||1 replies||Latest yesterday by 42Bastian Schick||Answer this|
|Suggested answer||How to import C variable in an assembly code in a .s file||0 votes||72 views||1 replies||Latest yesterday by Georgia James||Answer this|
|Answered||Watchdog timer not entering ISR||0 votes||109 views||2 replies||Latest yesterday by sherry||Answer this|
|Not answered||Enabling SWO output in Cortex M3 DesignStart FPGA Xilinx edition? Started 6 hours ago by jpthibault||0 replies 11 views|
|Not answered||why does LDR takes two cycle to be executed Started 11 hours ago by Haohao||0 replies 22 views|
|Suggested answer||ARMv8-A: Is an ISB instruction required after writing to the CPSR register in AARCH32 state? Latest 21 hours ago by 42Bastian Schick||1 replies 66 views|
|Suggested answer||How to Change the Non Secure VTOR (Cortex-M33) Latest yesterday by 42Bastian Schick||1 replies 92 views|
|Suggested answer||How to import C variable in an assembly code in a .s file Latest yesterday by Georgia James||1 replies 72 views|
|Answered||Watchdog timer not entering ISR Latest yesterday by sherry||2 replies 109 views|