Arm recognizes how security and efficiency are key concerns for developers creating IoT devices, which is why Arm’s latest release of Mbed OS, Mbed OS 5.12, ushers in Platform Security Architecture (PSA) support. This latest addition builds upon previous advances, such as Mbed TLS and Pelion Device Management by incorporating the industry standard for practical, accessible device life cycle security.
Other features include:
Platform Security Architecture (PSA)
Additional security and partitioning offer greater resilience without adding complexity or the need to amend a single line of code. Plus, it can run on any processor with the same APIs because PSA is not architecture specific.
Main firmware developers can now carry out cryptographic operations behind the security wall without having to deal with cryptographic key material directly. PSA delineates cryptography API between end users and a lower level device driver API, meaning developers can augment crypto algorithms without having to modify the API itself.
A new reference implementation called Mbed Crypto (directly derived from Mbed TLS) now provides support for all crypto primitives including:
- Network security.
- Crypto accelerators.
- Hardware random number generators.
- Software reference implementations.
The PSA initial attestation service allows devices to report on their own identity and status to a requesting remote entity. Hardware serial numbers, firmware versions and life cycle status can be packaged into a small data report (less than 1kB). This improves trust levels between shared devices and enhances protection of private keys that are enrolled into services with their own identities.
PSA secure storage
PSA Internal Storage (ITS) and Protected Storage (PS) further bolster resilience while allowing confidential data to be stored on untrusted devices, such as SD cards. Mbed OS 5.12 implements PSA secure storage on top of its existing storage stack. To find out more, please see our security certification for IoT devices.
Open source Wi-SUN stack:
The Wi-SUN Field Area Network (FAN) is based on open standards from IEEE802, IETF, ANSI/TIA and ETSI. The Wi-SUN FAN operates on the license-exempt sub-GHz RF band and uses frequency hopping to lower interference. Therefore, Wi-SUN is well-suited for outdoor installations and dense urban neighborhoods.
Mbed OS 5.12 features the first Wi-SUN stack available open source. The Mbed OS Wi-SUN stack is built on IPv6 over Low power Wireless Personal Area Networks (6LoWPAN), which itself builds on IEEE 802.15.4 to offer Internet Protocol (IP) based networking. IP provides the core mechanism for relaying datagrams across IP networks, and its routing capabilities enable internetworking.
Additionally, this release contains many minor enhancements and fixes and brings support for 179 target development boards. To discover more about the 5.12 release or deep dive into the technical detail, please review our release notes, or join our live stream on March 29th at 16:00 GMT.