IoT: Security Is Not Optional

Smart sensor based products are poised to transform cities, industries and individual lives potentially adding over a trillion dollars in economic value. There is a great risk resulting from connectivity at such a massive scale and security cannot be an afterthought. Businesses and consumers must be able to trust these devices as many are likely to be used in situations where a breach or compromise of a device may lead to serious injury or harm. Chip makers are key since they deliver products foundational to IoT and the road to trustworthy devices begins with them.

Sequitur’s CoreLockrTM offers chip makers a solution to deliver a robust security architecture for IoT and embedded devices enabling device makers to build products that are trustworthy by design.

Trustworthy Devices Diagram

CoreLockr – Trustworthy Architecture for Edge Devices

CoreLockr is a software abstraction layer for microcontroller (MCU) and microprocessor (MPU) based devices. It allows chip makers and OEMs to implement a security architecture for small resource constrained devices. CoreLockr addresses current and future security needs delivering device protection, simpler application development, and device manageability in a single package. CoreLockr consumes less than 8K of memory and supports low power devices. CoreLockr can be deployed on bare metal or alongside RTOSs such as Nucleus and Contiki. CoreLockr supports ARM and MIPS architectures.

CoreLockr Architecture

Key Features

CoreLockr Key Features Diagram

Secure Boot

When combined with hardware roots of trust, CoreLockr can be used to implement secure boot processes ensuring that devices have not been tampered with.

Trusted Execution Environment

In multi-processor chips, CoreLockr enables dedicating one processor as “secure” effectively creating a Trusted Execution Environment (TEE) for applications in the secure world. The other processor(s) can be dedicated to running applications. CoreLockr resides in both worlds enabling secure communications between applications utilizing the Rich Execution Environment such as Linux or Android (normal world) and applications and peripherals attached to the secure core.

Secure Peripherals

Securing attached peripherals is critical as they represent points of vulnerability. Separation between applications and peripherals is key. In single processor devices, CoreLockr abstracts access to peripherals such as wireless radios, touchscreen and displays, enabling access only through its APIs. In multi-processor environments, where CoreLockr functions as a TEE, peripherals are accessible only through the trusted environment. CoreLockr can permit access to only a limited set of privileged applications greatly limiting the likelihood of compromise.

CoreLockr Multiprocessor Architecture

CoreLockr Service Model and APIs

CoreLockr’s service model exposes available hardware functionality as easily consumable software services, greatly reducing the application development time, cost and errors. CoreLockr maintains an Active Service Registry of default as well as user-developed services. Depending upon the memory architecture, services are registered either statically or dynamically (i.e. when an application makes an API call requesting use of a service). The number of services possible is also dependent on chip architecture and limited by available memory. Out of the box, CoreLockr supplies services and APIs for communication and Cryptographic services. A C-based API model allows adding new services to CoreLockr.

CoreLockr communication services simplify the task for application developers by providing a simplified interface for accessing any kind of communication protocol whether it be Bluetooth, ZigBee or WiFi. This eliminates the need for application developers to learn the intricacies of different protocols leading to fewer errors and faster time to market.

Communication Services Diagram

With CoreLockr, SoC specific cryptographic services whether in hardware or software can be easily exposed via CoreLockr’s Cryptographic API.

  • CoreLockr supports symmetric and asymmetric cryptography supporting a variety of algorithms.
  • We work with you (as the SoC maker) to develop the appropriate drivers for the security block for the particular chip under development.
  • Simplifies the use of cryptographic services for the application developer reducing development time and errors.
  • Allows the OEM or application developer to upgrade the underlying hardware with minimal change to the application.
Algorithm Key Size
AES 128
SHA-256 256 bits
ECDSA  NIST P256 curve
ECDH NIST P256 curve plus SHA-256
ECIES NIST P256 curve, SHA-256, AES 128
HMAC_DRBG / SHA256 256 bits

CoreLockr provides robust key management services to support deployment of cryptographic hardware and software.

  • Plain text keys are only handled in secure region.
  • In non-secure region key material is wrapped in a device specific AES 128 bit key.
  • Accessed by applications only through CoreLockr Crypto API via 32 bit handles.
  • Multiple options for exporting keys
Supported Key Types Parameters
AES 128, 192, 256 bits
RSA 1024, 2048, 3072
DES 56, 112, 168
ECDSA P224, P256, other curves of equivalent strength
ECDH [4] / ECIES P224, P256, other curves of equivalent strength
DH 1024, 2048, 3072
DSA 1024, 2048, 3072
RC4 Any

Secure Elements (SE) used in mobile phones, credit cards, passports and other devices are a viable option for many other devices. Their use is typically application specific with established standards for a variety applications ranging from payments to medical devices. For small MCU-based devices, Secure Elements can be used as a hardware root of trust providing signing and verification services. CoreLockr supports the deployment of Secure Elements via its Secure Element Interface. CoreLockr communicates with the SE via the standard Application Protocol Data Unit (APDU). In a multicore system, the SE is typically attached only to the secure region and accessible only via CoreLockr’s security APIs. CoreLockr implements a simple service for application developers to call the SE.

Secure Hardware icon

Device Manageability and System-level Security

Device manageability is as important as implementing device security. It is the combination of the two that lead to creating trustworthy devices. Device manageability in the IoT and embedded context has traditionally been limited to doing configuration updates. We believe it’s more than that. The ability for a device to respond appropriately to security policies and adjust behavior depending upon system-state is central to better device manageability. CoreLockr includes a Policy Query Module (PQM) facilitating dynamic enforcement of security policies. The PQM is a framework for enforcing policy based authorization of discrete events where the policy decisions can vary depending upon the system state. In other words, device events that are allowed given a system state may be disallowed if the system state changes. This adaptive approach to policy enforcement goes a long way in improving the trustworthiness of the entire connected system of devices.

For more information about the PQM and its capabilities please email info@seqlabs.com.

CoreLockrTM Product Overview