Computer security once meant annoying viruses on PCs. Then, the stakes increased. Hacking into business and government systems exposed personal and financial information to fraud, theft and embezzlement. Now though, the security of embedded systems—or, more accurately, the insecurity of embedded systems—poses a threat to very critical data.

Today, the world runs on data and every bit or byte should be considered a potential target of attack. At the same time, both software and hardware systems are becoming much more complex, connected and interdependent. And with complexity comes vulnerabilities. The billions or trillions of lines of code and the interrelated hardware modules, subsystems and partitions all crammed on tiny slices of silicon are a hacker’s delight.

Of course, hackers are not standing still. Reports of vulnerabilities in embedded systems go on and on: satellite communication systems, wireless base stations, laser printers in residences and businesses, the smart electrical grid, medical devices like defibrillators and many other systems are at risk. There has only been an increased need for security in multicore embedded systems-on-chips (SoCs) as the years have passed. Embedded devices like heart equipment, smartphones and automotive control units rely on multiple components including embedded SoCs to protect the control center.

First, lets introduce these elements that must be present to help secure an Arm®-based application processor with multiple cores in an embedded system. Second, the foundational layer of security for these processors, secure boot, is examined in greater detail because with secure boot the system is protected from “power on.” Without secure boot the system has a gap from “power on” to usage. With the ever-changing nature of threats, security will always be a moving target.

Protecting a system from hackers, those that would like to steal data or take over a system to use it differently than it was intended, is the goal of the security aspects of the system. This is different than the related concept of functional safety. Safety is more focused on making sure the system responds to a wide variety of situations in an organized fashion, failing gracefully if needed. The combination of these concepts implies the system will operate as intended out in the real world where things break and bad actors exist.

Security threats are always present and, with the rapid proliferation of the Internet of Things (IoT), those threats can come from anywhere, even inconspicuous and low-cost end-node devices. The basic security question is not whether a system will be attacked, but rather, when it will be. This leads to the conclusion that security is just as much about risk management as it is protection.

Given that the system may come under attack, how can system designers reduce the risk of a security breach to the absolute lowest level?

Anything of value could be subject to attack. And, of course, depending on the perspective and intent of the hacker, just about everything could be perceived as valuable. At the crudest level, the mere thrill of breaking into a system has value for a large portion of the hacker community. Most hackers are not innocuous thrill seekers. Many hackers would not hesitate to dip into an electronic wallet or steal financial information like credit card and bank account numbers for fraudulent use. IP can be stolen for sale or competitive advantage, while government secrets could be misappropriated and applied to disrupt, damage or destroy transportation systems, water suppliers, energy distribution networks, nuclear power plants and other aspects of a country’s public infrastructure.

Of course, all of these valuables must be protected, but before that can happen, the security system itself must be secure. For embedded systems, the security elements within the system and what it protects must be safeguarded. At the most basic level, this means securing the cryptographic keys and identity that are used to validate software, users and connectivity links. It also means ensuring the integrity of the software running on every system or node in a network. This requires visibility into and control over the boot-up and run-time software on even the most unassuming node in a network or on the Internet.