The Value Of Trust

How proven architectures can energize the long tail of the IoT market.


It took 40 years for Alexander Graham Bell’s telephone to go from 10% to 40% global saturation. The smartphone repeated that market penetration in less than a tenth of the time. But even the success of the smartphone is being eclipsed by the lightning pace at which Internet of Things (IoT) products are being born, with Gartner predicting that 95% of all technology products will be IoT-capable by 2020. So, the race is on for companies to bring out new intelligent, connected and service-oriented products, with different regions jostling to be at the forefront of this innovation.

Today, Asia is leading the charge towards the vision of a trillion devices. Through the desire to advance regional economies in places such as China, Japan and South Korea, the pace of innovation is rapidly escalating. Figures from Arm suggest twice as many new IoT projects may be coming from Asia Pacific compared to the US and Europe combined.

The evidence comes from the first full statistics from the Arm DesignStart program, which provides companies with free custom chip design technologies on which they can start to develop their products. The companies are a mix of new-to-market start-ups and established manufacturers looking to revitalize their products roadmaps.  As an estimated 80% of the products now classified as IoT class devices run on Arm technologies, the DesignStart figures serve as a barometer for what is happening in the global market.

The statistics show 2,350+ companies are now working with the DesignStart Eval solution to evaluate the technologies they may like to work with. During 2017, around 200 of those companies moved on to sign full DesignStart Pro contracts to move their products into the prototype and development stages – and of those, almost 70% were from Asia Pacific.

What is also worth noting is the desire among IoT innovators for more compute power, allowing them to create products with new capabilities such as machine learning, as seen in personal assistants that recognize activation keywords. That led to us increasing the breadth of technology covered by the free upfront licensing deal – so that both the Arm Cortex-M0 and Cortex-M3 were now available. Since we added the Cortex-M3 to DesignStart in June 2017, we saw an uptake at a rate of around one new license every calendar day. Again, the majority of those were in Asia.

There are some big trends we can pull out of the DesignStart statistics in addition to geographical insight. We also see the IoT driving the need for much more compute choice, from commercial off-the-shelf (COTS) chips to devices built from standard parts and custom system-on-chip implementations (SoCs). More recently we have seen discussion about using open source, rather than established commercial IP. All of these directions come with their own, often unique, costs extending beyond the upfront license fee or royalties. We have found it is vital that anyone looking to bring a new product to market considers the potential long-term costs of each solution, and the risks that may lead these to escalate. I’d like to examine that thought a little more in this article.

SoC it to ’em
In the majority of cases, SoCs provide notable benefits – combining discrete digital and analog components into a single, low-power integrated circuit. This offers greater design control and the ability to tune cost and performance for customized products with unique form factors. Many of these applications would be impossible to pull off with conventional PCB-based designs using off-the-shelf components.

But creating a custom SoC doesn’t mean creating a brand-new microcontroller from scratch. Building on top of an established, proven architecture is a highly valuable factor in controlling cost, risk, and complexity – especially key for a designer looking to create a highly bespoke product.

Dublin-based S3 Semiconductors develops custom integrated circuits to markets such as satellite communications, industrial control and the IIoT (Industrial Internet of Things). Tasked with designing a smart valve controller for a customer within the oil and gas industry, the company chose to develop a custom SoC. The customer’s original controller was a functional yet bulky device built upon a commercial off-the-shelf (COTS) solution based on legacy Arm hardware, with an equally bulky bill of materials (BOM) attached to it.

“Our client needed to move their products forward in very competitive world,” said Dermot Barry, VP & GM of S3 Semiconductors. The customer was aware that with custom silicon, it could increase its top-line revenue by adding more value to its existing product line, as well as improving its bottom-line profits by reducing electronics BOM costs.

Moving to an Arm-based SoC using the Cortex-M3 processor, available through the DesignStart program, provided S3 Semiconductor and its customer with multiple benefits. The resulting valve controller PCB was 75% smaller and 70% more power efficient than the original, resulting in a reduction in bill of materials (BOM) by over 80%.

And because the previous controller was also Arm based, existing software was easily adapted to run on the new hardware – with significant potential to add new functionality and enhancements in the future. “There are a lot of features on the chip which were not immediately needed by the customer, but they know they will use them in the future,” commented an S3 Semiconductors engineer.

Companies across all industries are discovering the value of moving to an SoC. One car alarm manufacturer noted a $2.91m reduction in BOM, even after NRE (non-recurring engineering) costs to design the SoC, breaking even within eight months of production. Another, manufacturing a disposable health monitoring device, broke even after only 1 million units, reducing its BOM by $3.43m, with an NRE cost of $2.32m.

But choosing an infrastructure upon which to build your SoC isn’t always a straightforward decision, with options ranging from free, open source instruction sets to more regulated commercial IP with up-front licensing fees and royalties. However, the choice is rarely as simple as ‘free is free, commercial is expensive,’ as the steep learning curve and the additional effort associated with less assured options can result in significant cost escalation further down the line. Within this, there are two areas that warrant the most attention: verification and security.

Security is not optional
Secure development and verification costs money: an awful lot of it. But we live in an age in which every single connected device, from a laptop to an IP-enabled ‘smart lightbulb,’ needs to be resilient against the threat from hackers. We saw from the discovery of the new Spectre and Meltdown analysis methods that system security is an evolving state.

Xiongmai, which sells white-label video surveillance products, became a victim of cybercrime in 2016 when hackers exploited a vulnerability in the software of its internet-connected webcams and DVRs. Once infected with the ‘Mirai’ malware, these now-weaponized devices formed an enormous botnet capable of knocking websites offline through DDoS (Distributed Denial of Service) attacks. This botnet crippled Dyn – the DNS provider to online heavyweights such as Twitter, Amazon, PayPal and Netflix. Brands expecting Dyn to be able to weather such a storm instead saw their services – and revenues – suffer for the next 12 hours.

Mercifully for Xiongmai, the vulnerability was software-based and therefore, through software update mechanisms, relatively easily patched. Challenges in hardware are much harder to fix and preventing them in the first place requires a level of expertise and years of experience that few companies possess. With device-level IoT security standards potentially just over the horizon and data becoming an increasingly important commodity, the need to build in a secure hardware foundation from the ground up becomes even more important.

Arm CEO Simon Segars set out the risks of an unsecure future and ideas for possible solutions in the recently-published Arm Security Manifesto. He also spoke of a digital social contract obliging all companies to act responsibly to secure our digital future. It is thinking that is resonating widely.

For Arm, security has always been a primary design consideration. Arm’s TrustZone technology, available in its Arm Cortex-A, Cortex-M23 and Cortex-M33 based systems, goes a step further by employing hardware isolation, with each SoC containing separate ‘secure’ and ‘non-secure’ worlds.

The Arm Security Manifesto suggests a number of ways companies can ensure device security. Arm’s own solution is its Platform Security Architecture or PSA. The PSA is a ‘recipe’ for building a secure system – from initial analysis to final architecture. It defines a secure foundation for connected devices based on a common set of principles: device identity, trusted boot, secure over-the-air (OTA) updates and certificate-based authentication. By sticking to these principles, Arm partners can reduce the cost, time and risk associated with security today. PSA provides a holistic toolkit including threat models, security analysis, hardware and firmware specifications, reference designs and reference code – enabling designers to create the appropriate level of security, scalable for all connected devices, large or small.

Verify, verify, verify and verify again
Responsible IP design companies make building secure, reliable systems that people can trust their top priority. Ensuring that SoC technology works as expected means spending vast amounts of time in verification, working with customers as partners, providing vital design support and complementing any level of in-house expertise to ensure that this IP is implemented safely, effectively and with the minimum of delay.

Arm brings out new CPUs each year and every design has spent years in development and testing before it ships. For the highest performance processors with architectural enhancements, getting to volume production can take up to eight years.

Much of the development time is spent in verification; for example, the latest high-performance Cortex-A processor was subjected to 97 person-years and 1600 CPU years of tremendous scrutiny in comprehensive and geographically-diverse test suites, generating over 156 gigabytes of data per nightly run, to verify its stability.

Arm invests early in R&D, many years before production starts

The higher the stakes, the greater the need for a stable ISA
Commercial markets are generally far more standardized and managed, yet this does not preclude freedom to innovate. Instead, regulation can enable acceleration of development and deployment in a trusted and reliable ecosystem because the rules are set. Take the smartphone market, where connectivity and security standards have driven a huge and trusted apps network.

In markets like this, there is a need for ISA stability to ensure the supporting software ecosystem is viable. For an architecture to be successful, users need to be assured that compiling and executing their code will be a straightforward process and that all programs will run the same way. The only way to ensure this happens is to regulate; when designers are free to create proprietary architectural extensions (compute instructions), fragmentation is almost inevitable. Once this happens the software ecosystem breaks down; every variant needs its own hardware, its own compiler and therefore its own compatible operating system (OS) variant. Imagine if every PC needed a slightly different version of Windows; costs would rise at every point and the hardware and software industries would be swamped with complexity.

On the shoulders of giants

Images courtesy of H20Pro

Arm’s ecosystem also features the widest selection of development tools and software, ensuring that there is a solution to meet every need. This has given rise to a vast knowledge base of examples and know-how, compiled by engineers with long-term experience in Arm development at every level. The proliferation of accessible tools and knowledge not only enables a vastly reduced learning curve, it significantly reduces risk.

The availability of free tools for programming the Arm processor using standard C language was an enabler for California-based H2OPro in bringing its IoT Wi-Fi enabled smart sprinkler. The company was keen to scale its technology quickly to help deal with California’s water drought challenges but also build a sustainable long-term business. It began by deploying proprietary Wi-Fi modules with add-on microcontroller ICs, but while the technology worked, it quickly became difficult to maintain and guarantee stability as it lacked the compactness of an SoC.

According to Tom O’Dell, co-founder of H20Pro: “Moving to a custom SoC based on the Arm Cortex-M4 enabled us to build a low-cost and highly reliable solution. The large suite of example software for the Arm Cortex-M4 covered most use applications and was extremely valuable for learning and fast application development.”

Tooled up
Designing a great product doesn’t stop at choosing the right technology, as there is a need for continual support. For this reason, Arm and its ecosystem partners provide comprehensive physical design libraries, development tools and consultancy under the Arm Approved design partners accreditation scheme. Customers are also helped by direct provision of software including Arm CMSIS (Cortex-M Microcontroller Software Interface Standard), an abstraction layer providing a simple software interface to Cortex-M processors and peripherals. This approach is succeeding, with CMSIS comfortably on track for over 400,000 downloads in 2017, a year-on-year increase of 30%.

The desire to reduce the learning curve while continually increasing new product quality and security has never been more evident. I see this as the beginning of a stable foundation for the IoT on which we can keep building the world of a trillion devices as envisaged by SoftBank’s CEO and Chairman Masayoshi Son.

While the start of this article showed statistics suggesting that Asia Pacific was the region from which most IoT innovation was springing, in reality we now have a global ecosystem of technology companies supporting global advancement. This benefits everyone, everywhere. We are in a world where ecosystems and shared expertise matters, especially in tackling the ever-present challenges around protecting the integrity of data and devices.

Leave a Reply

(Note: This name will be displayed publicly)