Right-Sized Security

Security is a key design consideration of any connected product. Nefarious parties can and will attempt to exploit security flaws in order to capture sensitive data, gain device control, or for a myriad of other reasons.

When considering security needs and implementation in their systems, Device OEMs must balance a number of factors. Security is obviously a very important factor; however, designers must also consider items like bill of material (BOM) targets, device size targets, and design complexity. Factoring in those choices, it is obvious that there is no one security implementation that is right for everyone.

Security can be implemented in software or in hardware. Between those, hardware deployments are generally viewed as the most secure implementation. Security can be implemented in hardware a fully-integrated part of the main processor, as a discrete core siloed from the main processor (though on the same silicon), or as a fully discrete chipset.

When fully-integrated into the main processor, designers can expect to see the least amount of design complexity. There is no extra cost for security, and no size penalties. There is no customization of functionality here though; security capabilities are determined wholly by the design of the processor, and the same for every OEM using the processor. Additionally, the full integration of general and secure processing has proven to not always be the most secure solution, as the recent Meltdown and Spectre solutions have shown. Highly cost- and size-sensitive applications such as security cameras often prefer this approach.

Siloed secure processing is a recent trend. Device OEMs can custom-design processors which have all secure functions in a dedicated secure processing area, physically separate from the main processing (though the two processing elements are located on the same silicon). This approach is believed to be more secure than the fully-integrated approach, as the separation allows additional security layers within the device. As the OEMs are custom-designing the processor, they have the ability to build in the right amount of security required for their users. The siloed approach does not provide any size penalties versus the fully-integrated approach. However, designing a custom processor is often not within the budget of most OEMs, though many processor makers are beginning to offer siloed architectures in standard, off-the-shelf products. Applications such as IoT and automotive often prefer the siloed approach, which balances their needs for greater security with smaller size and lower cost.

Finally, security can be implemented in a discrete chip. Many will argue this to be the most secure design available, as these chips are designed with one purpose – security – and are free of other considerations. Certainly, this is not always true; discrete processors can and have been exploited. The discrete nature of the chips also provides additional protection against accidental backdoors that may occur in fully-integrated designs. But, as discrete chips function for security purposes only, systems will still require general processing. This implementation is likely the most-costly of the options presented, and generally require the most amount of space within the system. The discrete approach is common in data centers, where security is of paramount concern.

There are many ways to best approach chip security, and a single solution is not appropriate for every situation and every device. Designers need to weigh the specific needs for their particular use cases. When one designs with security first in mind, one is able to architect the appropriate level of security for their application and those specific requirements.