EEJournal

feature article
Subscribe Now
April 1, 2009

Safe, Secure, and ARMed

by Jim Turley

It’s a tough world out there. Bad guys try to hack into our computers and embedded systems. Even without the hackers, systems sometimes just crash. Building tough and reliable systems is hard to do. That must be why we get paid the big bucks.

This week, three companies are doing something about that (the security, not the pay). Open Kernel Labs, CPU Tech, and ARM all have new products designed to make secure, reliable, affordable systems easier to design and build.  

“Can You Text Me Now?”

In this corner, we have Open Kernel Labs, an Australian company that specializes in virtualization – the technique of running multiple applications or operating systems on one microprocessor. Virtualization has become a big deal in the world of big iron: servers and mainframes. But it’s only now catching on in embedded systems. In part, that’s because embedded systems are now becoming powerful enough and complex enough to support the necessary overhead. It’s also because they’re complicated enough to need it. That’s where Open Kernel Labs comes in.

If you smash your average cell phone, you’re likely to find two processors inside: a traditional microprocessor and a digital signal processor (DSP), otherwise known as the application processor and the baseband processor, respectively. One processor handles the phone/RF functions while the other manages the (increasingly important) user interface, address book, applications, and other “computer-ish” tasks. Wouldn’t it be cool if all of that code could run on one processor? And wouldn’t that be cheaper, too?

In fact, it would be and it is. Open Kernel Labs’ hypervisor software runs underneath mobile phone operating systems, fooling them into thinking there are two processors by abstracting away the details of the hardware. It’s the same trick server customers have been using for years to reduce their hardware costs. If the underlying chip is a multicore processor, so much the better, but it doesn’t have to be. The majority of cell phones today run on conventional single-core ARM processors, and that’s Open Kernel Labs’ primary target.

The business plan is to enable makers of low-end cell phones to upgrade their wares. Through virtualization, a handset manufacturer can add gee-whiz features to an existing hardware design without redesigning the entire thing around a second processor. Given that Open Kernel Labs has already shipped about 300 million copies of its hypervisor, the plan seems to be working.

The Unhackable PowerPC

Counterfeiting. It’s not just for greenbacks any more. Counterfeit embedded systems have become a surprisingly nettlesome problem for makers of network equipment, games, security systems, and others. The good guys battle the bad guys in a proverbial arms race of measures and countermeasures designed to keep the other side off balance.

The threat might be commercial, as when a processor or embedded subsystem is cloned and counterfeited, depriving the rightful vendor of customer revenue. Or it might be viral, such as when malicious software is inserted into an otherwise sound system. Or the threat might be clandestine, where the system is hacked and examined only to determine its weaknesses and to develop countermeasures. In any case, the system fails: it fails to work, fails to provide revenue, or fails to protect its intended users.

Enter CPU Tech, a well-established chip company that’s taken it upon itself to give the good guys a leg up. The company makes PowerPC processors, but their new Acalis CPU872 is a processor with a difference.

Over and above its security features (about which more anon), the ’872 is a darn nice microprocessor. It’s a dual-core PowerPC with two 440 processor cores, each with its own 32K first-level cache and its own 256K L2 cache. Each core also has its own 4 MB bank of on-chip DRAM and a DDR2 controller for off-chip memory. Oh, and separate floating-point units, too. You could almost cut the chip in half and have two respectable PowerPC processors.

Where it gets interesting is in its on-chip mesh router. More than just a simple two-core interconnect, the mesh routing connects to two cores to all kinds of on-chip resources, including five (count ‘em) 10-Gbps Express interfaces, a 1-Gbps Ethernet interface, a pair of DMA controllers, and streaming I/O processors that keep all the peripherals fed and happy without bothering the PowerPC processors.

But wait, there’s more. CPU Tech’s real goal in creating the ’872 was to make it secure – the unhackable processor. Part of the magic is the chip’s embedded DRAM. By keeping data on-chip, it avoids the “Princeton attack,” or the trick of applying freeze spray to keep DRAM contents alive long after the power has been removed. If encryption keys – or with 4 MB of DRAM, entire algorithms – can be kept on-chip, they can’t be teased out of external memory.

The ’872 is also fabricated at a secure facility, where silicon masks and design files are carefully controlled and monitored. It doesn’t do any good to use a secure processor if the processor itself has been hacked. The processor also includes a “zero-ization” circuit that allows off-chip sensors or signals to immediately blank the chip, wiping its state and contents if, for example, a computer case is opened. The more subtle and elegant security features are, of course, kept secret. 

Free ARMs Race

As embedded designers, we can always rely on ARM to produce something almost weekly. This week, it’s a new development system that comes with free ARM processor core downloads.

The imaginatively named MPS (microcontroller prototyping system) is a big box stuffed with Altera FPGAs and an assortment of familiar peripheral chips. What makes it fun is that you can download an ARM Cortex-M0 or –M3 processor into one of the FPGAs, thereby making yourself a “soft” ASIC. Combined with your own hardware IP, it’s a good way to prototype a chip and/or get acquainted with the Cortex processor family. And the processor cores cost nothing.

How do they do it? The FPGA netlists for the two processors are encrypted. You never really see or get access to the internal chip designs themselves, although they work just fine and behave like “real” ARM processors. At 50 MHz (maximum), the FPGA simulacrum is probably just as fast as you need it to be.

There are other FPGA chips with ARM processors embedded inside, but they’re meant for volume production. The MPS is really intended for experimenting and prototyping. If you’re planning an ASIC or a moderately high-volume FPGA project, the MPS may be just the ticket.

Late-Breaking Gnus

In other business news, Apple (AAPL) is expected to begin selling a line of white-colored bricks. Investors greeted the news with skepticism, given the current state of the housing market and low demand for construction materials. An Apple spokesperson, however, allayed concerns stating, “Apple’s vaunted design aesthetic, patented simplicity®, and ease of use™ enable us to revitalize an otherwise dormant market. Based on past experience, we’re certain to build a loyal – not to say fanatical – following. Besides, our bricks are just cooler than anyone else’s.

Insignificant Bits: Sun Microsystems updates its popular open-source language with improvements to garbage collection; new version to be called Jawa. Intel anticipates sales of Itanium processors may exceed 5000 units by 2012. IBM signs memorandum of understanding to acquire Comerica Bank, General Motors, and Delta Airlines. Freescale switches its processors to little-endian byte ordering; declares “Intel way is better.”

Leave a Reply

featured blogs
MaxLinear Is Staying at the Forefront of Connectivity Solutions with Cadence
Apr 19, 2024
In today's rapidly evolving digital landscape, staying at the cutting edge is crucial to success. For MaxLinear, bridging the gap between firmware and hardware development has been pivotal. All of the company's products solve critical communication and high-frequency analysis...
More from Cadence...
One Robotic Step Closer to Humanoid Robots in the Home
Apr 18, 2024
Are you ready for a revolution in robotic technology (as opposed to a robotic revolution, of course)?...
More from Max's Cool Beans...
Cisco Accelerates Project Schedule by 66% Using Synopsys Cloud
Apr 18, 2024
See how Cisco accelerates library characterization and chip design with our cloud EDA tools, scaling access to SoC validation solutions and compute services.The post Cisco Accelerates Project Schedule by 66% Using Synopsys Cloud appeared first on Chip Design....
More from Synopsys...

featured video

MaxLinear Integrates Analog & Digital Design in One Chip with Cadence 3D Solvers

Sponsored by Cadence Design Systems

MaxLinear has the unique capability of integrating analog and digital design on the same chip. Because of this, the team developed some interesting technology in the communication space. In the optical infrastructure domain, they created the first fully integrated 5nm CMOS PAM4 DSP. All their products solve critical communication and high-frequency analysis challenges.

Learn more about how MaxLinear is using Cadence’s Clarity 3D Solver and EMX Planar 3D Solver in their design process.

featured chalk talk

High-Voltage Isolation for Robust and Reliable System Operation
Sponsored by Mouser Electronics and Texas Instruments
In this episode of Chalk Talk, Amelia Dalton and Luke Trowbridge from Texas Instruments examine the benefits of isolation in high voltage systems. They also explore the benefits of TI’s integrated transformer technology and how TI’s high voltage isolations can help you streamline your design process, reduce your bill of materials, and ensure reliable and robust system operation.
Click here for more information about Texas Instruments ISOW774x/ISOW774x-Q1 Quad-Ch Digital Isolators
Apr 27, 2023
38,598 views