ARM Announces ARMv8-M Instruction Set For Microcontrollers – TrustZone Comes to Cortex-Mby Ryan Smith on November 10, 2015 12:30 PM EST
Kicking off today in Santa Clara, California is ARM’s annual developer conference and expo, TechCon. Although ARM announces products year-round, they always have a couple of announcements reserved for TechCon and this year is no exception. Being unveiled at 2015’s show is the ARM Cortex-A35 CPU and the ARMv8-M instruction set architecture, the latter being the focus of this article.
As a brief bit of background since we don’t extensively cover ARM’s microcontroller efforts, in recognition of the unique power and performance requirements for microcontrollers, ARM produces a separate instruction set architecture and lineup of CPU cores specifically for these kinds of products. These are the ARM-M ISAs and the Cortex-M series of CPUs respectively. The ARM-M ISAs can be thought of as a cut-down version of ARM’s full ISAs, paring down the features to allow for simpler CPUs as needed in microcontrollers.
At this year’s TechCon, ARM is announcing the latest iteration of the ARM-M ISA, the ARMv8-M ISA. Unlike the full ARMv8 (i.e. ARMv8-A) ISA that we’re accustomed to seeing implemented in products like ARM’s Cortex-A57 CPU, Apple’s Twister CPU, and other products, ARM’s focus on their microcontroller ISA is a bit narrower. Here the focus isn’t on performance or memory space – factors that led to the expansion to 64-bit CPUs with ARMv8-A AArch64 – but rather on continuing with microcontroller-suitable 32-bit CPUs while investing in the new features ARM sees as important over the next half decade or so.
To that end, ARM’s big focus with ARMv8-M is on security. Key to that is that ARM’s TrustZone technology is coming to microcontrollers for the first time.
Previously only available to ARM-A architecture CPUs, TrustZone is now being extended to ARM based microcontrollers. And like their bigger siblings, ARM’s aim here with TrustZone is to lay the groundwork for their customers to build highly secure devices, for all the benefits and drawbacks such a device entails. This includes protecting cryptography engines and certain stored assets (e.g. the secure enclave) against attack, locking down systems to prevent userland applications from breaking into the operating system itself, and various degrees of DRM (one example, as ARM gives is, is firmware IP protection).
ARM over the last few years has been betting increasingly heavy on wearables and ioT, so the announcement of ARMv8-M and their focus on TrustZone is consistent with those bets. ARM microcontrollers are used in a number of devices as the sole processor, and in more devices still as a specialized processor working alongside a full ARMv8-A application processor. So as ARM microcontroller use increasingly expands from industrial devices and simple black boxes to complex devices that end-users interact with, there is a need for better security to follow into these products.
With that said, as microcontrollers are the lowest of the low power devices in the ARM ecosystem, ARM had needed to take some care in implementing that security within the constraints of a microprocessor. Seeking to avoid compromising response time or efficiency, the ARMv8-M TrustZone retains the deterministic properties developers need on such devices, so a TruzeZone interrupt has a low and deterministic latency to the operation. Similarly, the core of the implementation is based on switching states rather than hypervisors, avoiding the overhead and higher resource requirements of the latter.
Of course like the ARMv8-M ISA itself, TrustZone is an ISA and a model for just the CPU. To flesh out the full technology ARM is also making a couple of other ARMv8-M announcements. The first is that the company is announcing the ARM Advanced Microcontroller Bus Architecture 5 (AMBA 5) Advanced High-performance Bus 5 (AHB5) specification. The main system bus for ARM’s microcontrollers, AHB5 goes hand-in-hand with TrustZone to extend the security model to the rest of the SoC. Through AHB5, TrustZone microcontroller CPUs can interact with both trusted and non-trusted devices, including trusted segments of SRAM and flash memory as required for implementing separated storage.
Also being announced today is TrustZone CryptoCell, ARM’s implementation of a TrustZone crypto block, which provides the fixed function hardware necessary for a full TrustZone implementation. The TrustZone CryptoCell includes a secure enclave, key generation/provisioning/management, and the actual fixed function hardware crypto engines.
Ultimately with today’s ARMv8-M and associated security announcements, ARM is looking to further flesh out the ARM ecosystem to support full security at every level and every device from end to end. ARM believes that developers now need an easier and more standardized way to implement security on their microcontroller-equipped devices, and this is what ARMv8-M will provide.
Finally, and not all that surprising, today’s announcement of the ARMv8-M ISA is just for the ISA itself, and not for any specific CPUs. ARM has traditionally announced new Cortex CPU designs separately from the ISA, and in this case it’s no different. To that end ARM isn’t specifically talking about when we’ll see ARMv8-M Cortex-M designs announced, but after today’s announcement it’s safe to say that it’s only a matter of time.
Post Your CommentPlease log in or sign up to comment.
View All Comments
lefty2 - Tuesday, November 10, 2015 - linkI didn't even know you could have 32-bit ARMv8.
ARMv8 normally has a disadvantage for mobile because the 64-bit uses up more memory and mobile devices don't have more than 4GB of memory - so the 64-bit addressing is useless. However, the extra registers provide a preformance boost. So 32 bit ARMv8 has the benefit of the extra registers without the crutch of the 64-bit ness.
sprockkets - Tuesday, November 10, 2015 - linkYou can also have 32bit memory space with 64 bit code. Fun huh? Supposedly android went that route to avoid the problems apple suffered when they went 64 bit (safari anyone?). Though one person said that wasn't the case.
Daniel Egger - Tuesday, November 10, 2015 - linkI thought that AArch32 was covered in an AT article some time ago. AArch64 has more advantages than simply more registers and 64bit address space allows a lot more than just addressing more than 4GB of memory at once. The memory overhead is actually negligible as really the only thing which is always 64bit wide are addresses however in a load-store-architecture there're actually rather few OPs operating directly on addresses so even if the kernel (and only the kernel) was AArch64 to optionally allow for 64bit applications the overhead is probably not even noticeable.
However people love looking for arbitrary reasons to mask their inability to write decent software and most Android applications are real pigs in that regard.
lefty2 - Tuesday, November 10, 2015 - link> AArch64 has more advantages than simply more registers and 64bit address space allows
No, but those are the main advantages
> The memory overhead is actually negligible
Not true and there are benchmarks that actually prove this.
loa - Wednesday, November 11, 2015 - linkThere is a significant disadvantage to using 64-bit pointers if you don't need more than 4gb of adress space.
Just google for "intel x32". This is Intels attempt at having the advantages of x86-64 (mainly more registers) with the smaller pointer size of 32-bit applications.
r3loaded - Tuesday, November 10, 2015 - linkARMv8 was more than just about going 64-bit. It gave ARM a chance to clean up the ISA, removing features such as conditional execution that aren't really necessary nowadays. With v8-M now official and a new release of ARM Compiler 6 due shortly with v8-M support, our general advice to partners in all sectors working on a new project is to target v8, even if they're not interested in 64-bit addressing. There's no reason not to at this point.
Mr Perfect - Tuesday, November 10, 2015 - linkI'm not really sure what these new M parts affect. Phones and tablets have the A series and in-car looks to be R, so what are these Ms used in?
Ryan Smith - Tuesday, November 10, 2015 - linkEverything else. Sensors, wearables, etc. Anything where a very basic processor would fit the bill.
Anato - Wednesday, November 11, 2015 - linkPayment terminals, burglar alarm, industrial monitor & control, I think there will be 2-10 times more applications and use cases for M series than there is A+R combined. You just don't think it as its hidden...
flgt - Wednesday, November 11, 2015 - linkThings like Xbox One controller for another example...