Security on Arm

Arm has a strong history of providing secure compute platforms for a range of security-focused applications – from smartcards, SIMs and other secure elements through to feature-rich secured devices in mobile handsets, tablet computers, DTVs, set-top boxes and enterprise systems. Arm continues to build on that history with the recent expansion of our security offerings to address market requirements for developer-friendly, deterministic, real-time embedded and IoT applications.

What is security?

A security analysis of a system will consider the assets that need to be protected and the likely threats that are considered in scope. This threat analysis will inform a set of security requirements that require parts of the system to be protected in confidentiality, integrity or authenticity. For example, cryptokeys might need to be kept secret, an identity might need to be protected against modification, or software must prove that it is the genuine version from the OEM.

Why is it important?

If you connect a device to the internet and it is a successful product, you can expect it to be hacked. Where the device has value or can be repurposed, for example to support a denial of service attack, people will spend time and money looking for exploitable vulnerabilities. Poorly designed products can end up causing reputational and financial damage to companies.

Goals of security

An internet connected device might be attacked for many different reasons. An attack might be attempted to extract a ransom or other monetary gain, or it might be an interesting target for researchers or for enabling a botnet to disable websites. A goal of system security is to make attacks on a system uneconomic. By increasing the cost, time and difficulty of attacks it is likely that fewer will succeed. For many companies having devices with robust security is an important part of their brand image.

Explore types of security attacks and the counter-measures available for robust protection.

Discover the different Arm technologies that enable you to protect against various attack vectors.

Get started with your security implementation today. Find example code, practical guides, documentation and more.