AMD Flexes ARM to Enhance Hardware Security
AMD is teaming up with ARM to use the latter's TrustZone technology in its products. TrustZone is a system-wide approach to security that's integrated into the ARM Cortex-A processor family. A consistent hardware-based security architecture and implementation can decrease software development costs and ultimately provide more robust security, said AMD's Mike Wolfe.
Jun 13, 2012 11:33 AM PT
AMD on Wednesday announced it will develop a platform security processor based on the ARM Cortex-A5 processor. The company has entered a strategic partnership with ARM that will let it use ARM's TrustZone technology.
AMD plans to provide development platforms with TrustZone security features on select APUs in 2013 and expand that to more products later.
Intel is already incorporating McAfee DeepSAFE technology, which the two firms developed jointly, into its Intel Core i3, i5 and i7 processors. That raises the question of whether AMD is trying to play catch-up.
"AMD is pursuing a dedication to openness rather than proprietary technology," Mike Wolfe, senior vice president and CIO of AMD, told TechNewsWorld. "Our vision along with TrustZone is to develop a consistent, secure computing environment across devices, whether they are powered by ARM-based processors or AMD's APUs and other x86-based processors for our customers."
About ARM TrustZone
TrustZone technology is a system-wide approach to security that's integrated into the ARM Cortex-A processor family. It was launched in 2004.
TrustZone extends throughout a computer system through the AMBA AXI bus and specific TrustZone System IP blocks. This lets users secure peripherals such as secure memory, cryptography blocks, keyboards and screens to protect them from malware.
AMBA stands for Advanced Microcontroller Bus Architecture. Developed by ARM, the AMBA protocol is an open standard, on-chip interconnect spec for the connection and management of functional blocks in a system on a chip (SOC). SoC processors are widely used in smartphones and other mobile devices.
Initially, AMD will implement TrustZone technology in low-power APUs for tablets and notebooks. It will expand this to other products, including embedded and server offerings, the company's Wolfe said.
Why Hardware-Level Security?
A consistent hardware-based security architecture and implementation can decrease software development costs and ultimately provide more robust security, in AMD's case across platforms from both it and ARM, AMD's Wolfe said. Software developers will be able to more easily create "strong end-to-end security solutions, from clients to servers to embedded devices and the cloud."
AMD hasn't released specifics about how TrustZone hardware-based security will be implemented on its platforms, Wolfe stated.
Security and virtualization technologies "have been designed into every AMD processor since 2008, including our AMD Opteron 6000 and 4000 series processors," Wolfe pointed out. "Regardless of the SKU chosen, customers buying AMD-based offerings have full access to these features."
"Security used to be seen as a wrapper that you put on top of a product," Intel spokesperson Suzy Greenberg told TechNewsWorld. "By integrating in hardware, software gets a fundamentally new vantage point on security."
How Hardware Level Security Works With McAfee DeepSAFE
Intel has touted the advantages of hardware-based security for years, and it purchased McAfee in 2010 to further its work in this field.
McAfee DeepSAFE, which the two developed jointly, sits below the operating system and close to the silicon, Intel's Greenberg said. This lets McAfee products peer into the computing stack to better protect systems. McAfee Deep Defender is the first product using the McAfee DeepSAFE technology layer below the OS.
A software layer that sits below the operating system provides "a direct view into system memory and access capacity," Greenberg elaborated. "Hardware-assisted security products built on this platform can employ new techniques that not only detect infections but also prevent malicious activity" that might go undetected with traditional security methods that protect above the OS.
In the future, chips "will be designed with features and services that, when coupled with software, help protect people and businesses against security breaches," Greenberg said. "There will be breakthrough algorithms that help shape accessibility privileges; encryption technologies that safeguard against complex malware attacks; multi-layer silicon and software security that monitor system vulnerabilities; and solutions for fraud deterrence, cloud security and identity and asset management."