The next generation Cortex-M series microcontroller, likely to be the Cortex-M5, will incorporate a version of ARM’s TrustZone security technology, which creates highly secure processing elements within the chip.

TrustZone creates two modes of operation, one for standard operating systems, the other for the trusted tasks, including booting the system.

TrustZone has been embedded in ARM’s higher performance processors in the Cortex-A series.

ARM believes it is possible to add this level of on-chip security to much lower cost Cortex-M series microcontrollers.

“We know we need to solve the security problem at the foundation level, and this means in the sub-$1 microcontroller,” Gary Atkinson, director of emerging technologies at ARM told the IoT Design Conference in London last week.

“This will mean bringing TrustZone to our lower cost cores in the Cortex-M series,” said Atkinson.

Another ARM executive from the Cortex-M series processor group told Electronics Weekly that this could happen as soon as next year and could be in the next Cortex-M5 release.

Running secure software such as financial transactions and healthcare data on embedded systems, such as smartphones, has been a development requirement for a number of years.

But it is the emergence of internet of things (IoT) applications, with wearable devices and control systems connected to the internet, which has raised the need for embedded security to a new level.

ARM plans to introduce both symmetrical and asymmetrical data encryption to its lower cost IoT devices.

This feature, which Atkinson called CryptoCell, will be in first Cortex-M series devices next year.

The other feature of the IoT is that many of these internet-connected devices will be very low cost.

“Everything that connects to the internet is potentially at risk,” said Atkinson. “With IoT cloud services everything is always on and always connected.”

Securing the software which runs on a processor may ultimately be a harder task, so the embedded community is rapidly moving to a situation where embedding security feature such as authentication, data encryption and processor partitioning deep within the chip.

And with the IoT this needs to be available on low cost chips and must be easy to design in.

“We want to move the market to a situation where IoT application developers do not have to be security experts,” said Atkinson.

ARM started adding hardware based security, called TrustZone, to its processors 10 years ago.

The technology allows trusted tasks to run in secure mode, limiting attacks on private keys and digital certificates.

The aim was to allow designers to develop ARM-based hardware with in-built levels of security against attacks on secret keys and certificates.

The move was originally driven by the increasing need for security in mobile phone design to control software and application upgrades and signed transactions with digital signatures.

But inevitably any system using an embedded operating system needs security.

“The need for software security is rippling all the way down embedded systems from the top,” said ARM’s chief technology officer, Mike Muller.