Experts at the table, part 2: Why it’s so hard to make the IoT secure, and different approaches for reducing power.
Semiconductor Engineering sat down with Steve Hardin, director of product development for AT&T’s IoT Solutions Group; Wayne Dai, CEO of VeriSilicon; John Koeter, vice president of the Solutions Group at Synopsys; and Rajeev Rajan, vice president for IoT at GlobalFoundries. What follows are excerpts of that conversation. To view part one, click here.
SE: Which process nodes and materials are best-suited for which IoT applications?
Rajan: Performance is determined by the profile of the application that needs it. If you look at the IoT sphere today, it’s the higher-end, edge-node, mission-critical kinds of applications that need core constant performance all the time—sustaining peak megahertz or gigahertz performance. For the lower or mid-nodes, which are either sensors or gateways, you need power islands to give you sustained performance and then back to where it was with the always-on capability. A majority of applications fall into that sphere. So performance is important, but at particular points in time, not sustained. And that can be translated to extended battery life savings. It’s the automotive or edge gateways that need to talk to the fog environment, and need to process lots of data sooner. They need sustained peak performance. The low- and mid-performance applications are moving toward the 55/40nm nodes, and possibly 28 and 22nm, and then the higher-performance applications are going to the finFET-class nodes.
SE: But performance is still an issue for some of these lower-level applications, which is why GlobalFoundries created a 22nm FD-SOI process, right?
Rajan: That’s right. It is a differentiator for price to power/performance. If you need peak performance, then 28nm would be the one we would recommend. If you need performance to go across the board, from low to mid to high, it would go to 22nm.
SE: What’s the balance between performance, power and cost?
Hardin: With automotive, we see the same exact chip set used in the latest and greatest smart phone being allocated in the automotive space. The one catch tends to be the longevity factor. The automotive guys want to source the same product for 7 to 10 years. That becomes a challenge. That’s why we see suppliers designating specific platforms that they’re going to make available for those longer periods of time. One thing we’re seeing in the automotive space is that, just like keeping up with the latest technology in their cell phone and tablet, people want to do that in their vehicle. How are you going to do that when your vehicle had what was brand-new technology three years ago? How are you going to evolve that and keep it up to date? That’s definitely a big challenge. On the other end of the spectrum, with wearables, there are some very simple use cases where these SoC designs need to be extremely low power with as much functionality as people can get out of them. If you’re doing something like gathering biometric data, you don’t want to have to take a device off and charge it. There is definitely a broad range of use cases. Some have permanent power like an alarm power, where you don’t have to worry about the battery or current leakage. But out in the forest or with a gas line, you need extremely low leakage. We keep getting more functionality and the package gets smaller.
Dai: You use a different part of the chip to optimize different things. If something is always on, you need a low leakage part. Once in a while you bring up dynamic power and leakage is not as important. You have forward biasing and reverse biasing. Body biasing is software controlled. Voltage scaling continues, so you have low and high scaling. But body biasing continues, so you have another dimension to work with. That’s very powerful. But using existing tools, how do you get dynamic software control? This is not using transistors or block by block. Timing signoff is a little bit of a challenge here. EDA tools need to explore that dimension of body biasing and timing signoff. That way, rather than having an ARM big.LITTLE, sometimes a chip can behave like the big core and sometimes like the little core, but you don’t need two different cores.
SE: Security affects everything in the IoT. How do we implement it for low cost, with low power, and so that it doesn’t interfere with the usefulness of these devices?
Koeter: If you look at the categories of the Internet of Things, with smart home and smart appliances being two of the biggest, I don’t want my toaster spying on me. But if you go out and talk to a number of people designing IoT products, there are a couple of major themes. Number one is they all know they need to secure the device, but they’re not sure how to do it. The second big theme is they want to implement enough security to get the job done, but that’s it, because they’re viewing security as a cost, so they want to minimize it—especially on a low-cost edge device. If you’re on a high-end device, you probably can afford to have a dedicated security perimeter with a hardware root of trust. That is a secure, closed perimeter where you can uniquely identify the device and safely download and authenticate the keys. On the lower end of the edge devices, what you’ll see is the processors having security features added to them. So with a relatively small gate count—maybe 5% to 10% of the processor—you can add a reasonable level of security so that you can have a secure boot.
Rajan: Security is not a new thing. It always has existed in the M2M (machine-to-machine) world. With the SIM (subscriber identity module) cards that are in phones today, that was the smallest element that needed to be secured from an M2M standpoint. We’re trying to reinvent the same capabilities from an activation, provisioning, RMA commissioning standpoint for the Internet of Things. Whether it’s at a service level, or whether it’s at a thing or device level, it needs to be end-to-end. When we talk about security, we really don’t think about privacy. Those are two different things. They’re parts of the same coin, in a way, but the difference between security and privacy is that with security, you can fix it. With privacy, if there’s a breach it’s out there it’s difficult to pull it back. You need to harness the capabilities right at the get-go. A lot of companies have been talking about PUF (physically unclonable function) technologies, as well as silicon as a service. The challenge is making that real and offering that as a turnkey solution. There are a lot of providers that provide unique proprietary solutions for security. They’re all good technologies, but there is no unique base to compare them to. When the technologies do get integrated at the process or thing or network level, it becomes too expensive to engage them in a $1 node or end part. Then it becomes a business issue rather than a technology. The model the carriers have had, where it’s end to end and it gets factored into the subscription cost, is an interesting model to think about. You don’t think about it twice. It’s a given.
Hardin: In that consumer model it’s a very controlled device and ecosystem. But when you get out into the Internet of Things, it’s a wide-open space. While we can control the radio-accessed network, all of the other elements of that end-to-end device are wide open. We’ve produced white papers and recommendations. GSMA (Groupe Spécial Mobile Association) has brought together a lot of the carriers internationally. There is a lot of work going on right now in the GSMA efficiency groups on developing security recommendations for IoT developers. Some of this stuff is not obvious to people, such as areas of risk where people potentially can hack your solutions. But when we certify devices we’re certifying it on the radio performance on the network. We’re not certifying the end-to-end application unless it’s an AT&T application that we’re enforcing. Just because we certify a specific IoT device, how someone uses it and implements it is up to them. We encourage our partners to provide that kind of information to integrators.
Rajan: For 5G, all of the elements need to be baked into the system. Security is something they’re still evaluating. There is a problem there. It has to be considered part of the system. It has to be designed in. It’s not an afterthought. That has to lead to a degree of standardization. There has to be a single common platform, whether it’s at the silicon layer or the hardware layer or above that can protocolize it from an end-to-end standpoint so that all the other partners can get behind it. It is critical.
What’s Important For IoT—Power,Performance Or Integration?Pt.1
Different approaches are being considered for reducing power across a wide range of devices and applications, but pricing is still a challenge.
Power, Standards, And The IoT Part 1
What’s missing from power standards and who will benefit once they’re created.
Grappling With IoT Security
Updating connected devices creates a whole new challenge as threats continue to evolve.