NUREMBERG, Germany — Nothing is beyond the limits of our imagination anymore, and what we are used to seeing in spy movies needs a massive upgrade, in order to go beyond what is now considered the norm. This was evident at Embedded World 2019, where the focus was edge intelligence and internet of things (IoT) security.

There were cameras everywhere capturing images, with demos showing each vendor’s capability in neural network processing, inference, and doing something with the information — including smart retail and surveillance. It seemed that everyone was saying: “See how much intelligence we can pack in the camera or sensor or edge-of-network system and see what we can do with it.”

Again like last year, security was a top focus at Embedded World, with a number of silicon vendors — Cypress, Microchip Technology, Nordic Semiconductor, Nuvoton Technology, NXP Semiconductors, STMicroelectronics, and Silicon Labs — having achieved Level 1 certification in Arm’s new PSA Certified program announced at the conference.

Arm’s vice president of its emerging businesses group, Chet Babla, told EE Times, “We have got to help build trust in IoT devices.” He said that lack of trust was delaying IoT traction, which is why Arm is providing an independent means of measuring it through its new program.

Arm has partnered with test lab partners Brightsight, an independent security evaluation lab, China Academy of Information and Communications Technology (CAICT), Riscure and UL, and security experts Prove & Run, to create PSA Certified. Through independent security testing, the idea is to enable IoT solution developers and device makers to establish the security and authenticity of the data collected from diverse IoT devices and enable development and deployment of IoT at scale.

The program is comprised of two elements: a multi-level security robustness scheme and a developer-focused API test suite. The security testing is based on third-party lab-based evaluation that builds trust through independent checking of the generic parts of an IoT platform. This includes Platform Security Architecture (PSA) Roots of Trust (RoT) (the RoT is the source of integrity and confidentiality), the real-time operating system (RTOS), and the device itself.

The PSA Certified program enables device makers to provide the security assurance required for their use case through three progressive levels assigned by analyzing the use case threat vectors. For example, a temperature sensor in a field may require different security robustness (Level 1) than a sensor in a home environment (Level 2) or in an industrial plant (Level 3). Following testing, all PSA Certified devices will have electronically signed report cards (attestation tokens) for determining what level of security has been achieved, allowing businesses and cloud service providers to make risk-based decisions.

As part of the program, the PSA Functional API Certification enables standardized access to essential security services, making it easier to build secure applications. Free test suites have been published for chip vendors, RTOS providers, and device makers to test their PSA APIs and harness the hardware security of the latest silicon platforms.

In addition to the silicon vendors, OS provider ZAYA has achieved PSA Certified Level 1 alongside PSA Functional API Certification; Express Logic X-WARE IoT Platform has also been PSA Certified Level 1, and Arm Mbed OS will provide compliance with PSA Certified Level 1 and PSA Functional API Certification in its upcoming March 5.12 release.

Arm’s Babla commented, “We’re building on what we started with the security manifesto — and the certification program is an obvious next step to ensuring people take security seriously.”

Certification for Microcontrollers and IoT Platforms

In a briefing with EE Times, NXP said it has the broadest range of edge processing solutions that are PSA Certified to Level 1.

“The market has been waiting for security standards that enhance consumer confidence,” said Geoff Lees, NXP’s senior vice president and general manager of microcontrollers.

NXP also announced Security Evaluation Scheme for IoT Platforms (SESIP) certification. Independent verification of the security requirements to gain PSA and SESIP certifications were carried out by Brightsight.

“PSA and SESIP provide that assurance and will open the door for much faster deployment of secure industrial and IoT solutions," Lees said. "We are working with ecosystem partners to create uniform certification standards while adding our unique value to raise the bar on security and privacy.”

Its PSA and SESIP certified products enable implementation of isolated, secure execution environments to protect sensitive assets by separating them from the user application. To establish IoT trustworthiness, NXP’s ROM-based secure boot process leverages device keys that are securely stored, creating an immutable, hardware-based RoT. The entire software stack, from the bootloader, operating system and up to the application software, is authenticated, starting from the hardware RoT and establishes a chain of trust.

IoT Edge Applications Processors

NXP also used Embedded World to unveil its new i.MX 8M Nano, a pin-compatible expansion to its i.MX 8M applications processors. The multi-core i.MX 8M Nano is scalable from one, two, or four Arm Cortex-A53 cores running up to 1.5 GHz plus an Arm Cortex-M7 that can run up to 600 MHz and be power optimized for less than 2W total dynamic power (TDP) and sub-watt for many IoT edge applications.

The device features general-purpose 3D graphics (GC7000UL) with support for Vulkan in high-performance, real-time graphics and OpenCL 1.2 in advanced machine learning applications. It provides hardware acceleration for asynchronous sample rate conversion (ASRC) for up to 32 channels of high-quality audio streaming with extremely low noise and distortion. With the i.MX 8M Nano, developers have access to up to 12 software-compatible and nine pin-compatible high-performance applications processors across the i.MX 8M family.

Windows 10 IoT Core

Microsoft and NXP gave their first public preview for Windows 10 IoT Core with built-in Azure connectivity, running on the i.MX 8M and i.MX 8M Mini applications processors for the intelligent edge, providing developers a choice of Linux or Windows IoT. Developers can build intelligent devices using Windows development environment and commercialize them using the Azure IoT platform. In addition, NXP has worked with Microsoft to enable Azure IoT Edge on Linux for the i.MX 8M and i.MX 8M Mini applications processors. (Image: Nitin Dahad/EE Times).

One company that features this new processor is Leviton, in its recently announced Decora Voice Dimmer with Amazon Alexa Built-in. The company said NXP’s applications processor adds more intelligence, combining the convenience of hands-free voice control and intelligent management of smart home devices, enabling smart lighting controls without the need for additional hardware.

The i.MX 8M Nano is NXP’s second platform built in advanced 14nm LPC FinFET technology node for high performance at low power. Power consumption of less than one watt is possible in many IoT applications even with all four Cortex-A53 cores running, making it suitable for power-sensitive edge computing applications. The real-time processing domain powered by high-performance Cortex-M7 core (up to 600 MHz) enables further power reduction through task offload from Cortex-A cores, power-optimized audio playback and low-power system-level task monitoring.

RISC-V Partnership for Embedded Edge

The RISC-V ecosystem was also in full force at Embedded World, showing its presence for embedded edge devices. Imagination Technologies announced a partnership with Andes Technology, the RISC-V based CPU IP provider specializing in low-power, high-performance 32-bit and 64-bit processor IP cores. They are working together to integrate the new N22 RISC-V MCU IP from Andes with Ensigma low-power IP for Wi-Fi, Bluetooth, IEEE 802.15.4 and Global Navigation Satellite System (GNSS) to provide a fully integrated, off-the-shelf solution for the IoT market.

Andes’ customers have cumulatively shipped 3.5 billion systems-on-chip (SoCs), with one billion shipments in 2018. Its IP is being used in artificial intelligence (AI) and machine learning (ML), audio, Bluetooth, gaming, GPS, IoT, MCU, sensor fusion, SSD controllers, touch screen and TDDI controllers, USB 3.0 storage, voice recognition, Wi-Fi, and a wireless charger.

With more than 30 supported wireless standards, Imagination said Ensigma has the widest range of wireless IP solutions on the market. With a complete solution, including RF, digital baseband MAC/PHY complimented by pre-compliance for regulatory and Wi-Fi Alliance certification, Ensigma is a source of an end-to-end IP solution for low power connectivity.

The combined Imagination and Andes solution will address applications such as home automation, health devices, location tracking, sensors, smart meters, security and wearables. It delivers low power consumption, long wireless connectivity ranges, and processing power capable of running IoT software stacks. Andes Technology’s president, Frankwell Lin, said, “RISC-V is a compact, modular and extensible architecture, which can be applied to many applications. The 2-stage pipeline N22 is the smallest RISC-V core in our V5 family but delivers an impressive performance of 3.93 CoreMark/MHz. It also can reach over 750 MHz at TSMC 28nm under worst case conditions. The combination of Andes’ industry leading RISC-V processor IPs with the wide range of connectivity IPs available from Ensigma, provides the ideal solution for many IoT markets.”

“By working with Andes, we are able to provide a comprehensive solution for customers creating connected RISC-V embedded devices, enabling them to get to market faster and with the knowledge that the solution is based on proven technology, already shipped in volume," said Ron Black, CEO of Imagination Technologies.

AWS Rolls Out RISC-V RTOS Support

Amazon’s AWS rolled out RISC-V support in the FreeRTOS kernel, enabling embedded developers to create IoT applications on the officially supported FreeRTOS kernel for microcontrollers that use the free, open, and extensible RISC-V instruction set architecture (ISA), according to its press statement.

It said there is now flexibility to create applications that are portable across any FreeRTOS kernel-supported device and architecture. RISC-V support in the FreeRTOS kernel is available for any RISC-V microcontroller that uses the base ISA, and there are preconfigured examples for OpenISA’s VEGAboard, QEMU emulator for SiFive’s HiFive board, and Antmicro’s Renode emulator for the Microchip M2GL025 Creative Board.