ARM Holdings plc today unveiled a new chip with specialized antitampering features designed for situations where hackers gain direct physical access to a device.

The Cortex-M35P, as it’s called, is based in part on technology from the company’s SecurCore processors. They’re built for use in biometric credit cards and other so-called smart cards that contain highly sensitive information. ARM argues that connected devices increasingly require a similar level of protection.

“In the past, it was harder to justify protecting against physical attacks beyond payment applications,” Paul Williamson, the vice president of ARM’s connected device business, said in today’s announcement. “However, as IoT gains momentum and more devices with high-value data become connected, the physical attack surface becomes more attractive to hackers.”

The Cortex M35P is designed to protect devices from two types of attacks in particular. One category consists of attempts to compromise a device by directly tampering with its processor, which often involves requires hackers to the system apart. The other, much less intrusive tactic essentially involves eavesdropping on a system.

There are so many variations of the latter approach that they have their own collective designation: side-channel attacks. Hackers can, for example, analyze fluctuations in the electromagnetic field generated by a device to extrapolate the information it’s processing. Research has shown that a system’s power consumption levels sometimes give away sensitive data as well.

On its own, the security risk posed by a single compromised device isn’t too great. But hackers can potentially exploit information they glean from a system to breach the network to which it’s connected, as well as other devices that are vulnerable to the same tactics.

Alongside the antitampering features, ARM has also equipped the Cortex M35P with technology for staving off more traditional attacks that rely on malware. The chip uses the company’s TrustZone software isolation mechanism to restrict applications’ access to key processor functions that can potentially be abused by hackers.

For ARM, addressing the security concerns around connected devices is a major business priority. The company’s processor technology, which it licenses to fellow semiconductor makers, powers the vast majority of smartphones along with many billions of other internet-enabled devices. By making it easier for downstream device makers to protect their hardware against hacking, ARM is helping to keep the demand going. 

Image: Pixabay