Posts Tagged ‘security’

Transitioning the Internet of Things to the Internet of Everything

Wednesday, June 8th, 2016

By Dave Bursky, Semiconductor Technology Editor, Chip Design

Voice biometrics to ubiquitous connectivity, this year’s IoT smorgasbord covered a lot of ground.

The huge growth predicted for the Internet of things (IoT) so that every electronic device will be interconnected can only happen if the system and device suppliers can overcome the many challenges and instill confidence that the devices will be secure and interoperate.

These are just two of the many issues raised at the IoT DevCon conference that took place in Santa Clara on May 25 and 26. Many of the keynotes and technical sessions examined security issues and approaches to making the systems more secure. Additional presentations focused on defining the ways that disparate devices can intercommunicate through the use of a standard platform or gateway that can accept devices with different interfaces (WiFi, ZigBee, Bluetooth, Z-Wave, and proprietary interfaces and protocols).

Digital Uniqueness

For example, in the Wednesday morning keynote, Maarten Bron, the Director of Innovations at Underwriters Laboratories, examined the state of IoT security today and took a look at the future, where crowd-sourced testing and public ledger technology could improve security. On Wednesday afternoon, a keynote by Rod Schultz of Rubicon Labs looked at the challenges of provisioning the identity of millions of devices. To do that properly he expects systems will provide secure digital uniqueness coupled with a system or service that validates that uniqueness. Competing for attention with the Rubicon presentation, a presentation by Steven Woo of Rambus examined the trends in semiconductors and all the potential threat sources that a device can face (Figure 1).

Figure 1: From the day it is manufactured to its end-use in a product, a chip can face multiple security challenges as illustrated in this scenario suggested by Rambus.

On Thursday, an entire track from morning till evening focused on multiple aspects of security, with presentations by companies such as Silicon Labs, Barco Silex, Renesas Electronics, Infineon, aicas GmbH and Xilinx, Icon Labs, Knurld, Intel, Secure RF Corp., and still others. Presentations examined chip-level approaches, encryption options, the use of voice biometrics, and still other techniques to ensure the IoT device and the system are secure.

The many interface options that connect all the IoT devices to the gateway was the focus of Wednesday’s panel and an all-day track of presentations dealing with Connectivity, Protocols and Standards as well as the design of gateways. A presentation by Ericsson, for example, examined running Internet protocol on IoT devices to provide ubiquitous connectivity using standard protocols. A speaker from Infiswift offered an in-depth overview of multiple low-power wide area network technologies to help designers select the best connectivity option for their IoT application. A related presentation by Silicon Labs examined various wireless protocols to best fit a connectivity option to an application. The issue of interoperability and the use of standards was examined by a presenter from Real-Time Innovations.

The design challenges of IoT gateways was also a key theme discussed on Thursday, with presenters from Mentor Graphics, PTC Inc., Dell Computers, PrismTech, and ARM, examining different aspects of gateway design. For example, the design of a secure converged reference design for an IoT gateway was the focus of Mentor’s presentation, while the presenter from Dell examined the performance of IoT gateways.

Thus, by creating an open platform that can handle multiple communication wireless interfaces, designers can achieve a high degree of interoperability while maintaining secure communications from multiple end-point devices, through the gateways and on to the host system.

Server system-on-chips pack up to 48 64-bit ARM cores

Wednesday, June 18th, 2014

Targeting secure cloud servers, storage servers, compute servers, and data-plane applications, the ThunderX series of multicore SoCs deliver power-efficient computing solutions

Dave Bursky
Semiconductor Technology Editor

Multicore processors based on x86 cores are a very common choice for servers and for handling packets in data-networking applications. Although x86-based servers command most of the IT market, other processors such as MIPS and PowerPC are key players in the deeply embedded applications such as network switches and routers, handling both data plane and control plane functions. ARM processors have started to make inroads in the server market, and with the release of the A57 64-bit core, the ARM processors are poised to make significant inroads into all the applications that are currently employing the x86, MIPS, and PowerPC cores.

One example of that opportunity takes aim at low-power servers and secure network communications — the just-released ThunderX series of multicore processors from Cavium. This family includes versions containing from 8 to 48 customized ARM 64-bit processor cores that can operate at up to 2.5 GHz. There will actually be four families of processors in the ThunderX series–each optimized for a different type of workload. The ThunderX_SC is targeted at security applications, the ThunderX_ST for storage control and management, the ThunderX_NT for networking systems, and the ThunderX_CP for computational applications.

Implemented in a low-power 28-nm process, the basic ThunderX architecture brings together up to 48 full custom 64-bit processor cores that are fully compliant with the ARMv8 architecture specification and ARM’s Server Base System Architecture (SBSA). Included on each multi-core chip are a cache subsystem (each processor has level 1 instruction and data caches, and all processors share an L2 cache), Ethernet interfaces capable of 10/40/100 Gbit/s data rates, multiple PCIe gen3 and SATA v3 interfaces, up to four DDR3/4 memory controllers, additional I/O ports, and various accelerators depending on the market segment the processor is optimized to tackle (see the figure).

Members of the ThunderX family from Cavium contain up to 48 ARM64 processor cores, application-specific hardware accelerators, high-speed Ethernet ports, both PCIe gen3 and SATA v3 ports and many other system support features to support Compute, Storage, Networking, and Secure Computing applications.






For example, the ThunderX_SC family is optimized for Secure Web frontend, security appliances and Cloud RAN type workloads. It includes specialized hardware accelerators consisting of Cavium’s 4th generation NITROX and TurboDPI technology with acceleration for IPSec, SSL, Anti-virus, Anti-malware, firewall and DPI. The NITROX engine can deliver 50 Mbps to 40Gbps of encryption bandwidth with 1K to 200K RSA/DH operations per second. Additionally, the TurboDPI block employs the company’s Uniscan technology that simultaneously blocks malicious or inappropriate URLs, identifies hundreds of widely used protocols and applications, helps block thousands of different intrusion attempts and locates over a hundred thousand varieties of virus and malware threats, all with just a single scan of the data stream,

Also integrated on the Thunder_SC are multiple 10/40 Gbit/s Ethernet ports, multiple PCIe Gen3 and SATA 3 ports, up to four high-memory-bandwidth DDR 3 or DDR 4 72-bit memory controllers able to support 2400 MHz memories, a cache-coherent interconnect across dual sockets thanks to the Cavium Coherent Processor Interconnect, and a scalable fabric for east-west as well as north-south traffic connectivity. Most of these features are also available on the other Thunder families along with accelerators for each target application segment – the ST series includes storage accelerators for data protection, data integrity, security and compression, as well as efficient user-to-user data movement, the CP series includes core-to-I/O virtualization in hardware, and the NT series processors include full virtualization support and network accelerators for QoS, traffic shaping, tunnel termination, and high packet-throughput processing, network virtualization, and data monitoring.

©2018 Extension Media. All Rights Reserved. PRIVACY POLICY | TERMS AND CONDITIONS