Arm pitches tamper-resistant Cortex-M35-P CPU cores

Arm has released a new processor core design for Cortex-M-powered system-on-chips that will try to stop physical tampering and side-channel attacks by hackers.

The microcontroller-grade Cortex M35-P CPU cores are aimed at embedded IoT devices that operate in public or areas where there is a risk someone will either crack open the device or get close enough to perform a proximity-based attack. Think things like smart meters or connected street lights in a major city.

For more information see The Register article:

Arm pitches tamper-resistant Cortex-M35-P CPU cores


British Smart Meters cost £28 million EACH

“That’s right.  Britain’s smart meters are now officially the most expensive smart meters in the world.” Full article by Nick Hunn can be found here:

British Smart Meters cost £28 million EACH

For those of you who have not been following the story, let me provide a brief précis.  Back in 2010 the Government mandated that every home in Britain should have a smart gas and a smart electricity meter by 2020.   Instead of using off the shelf smart meters, they decided to design their own.  DECC worked with some vested industry interests to do a classic Government IT committee job, producing the most complex smart meter specification the world has seen.  That design was called SMETS1 – short for Smart Metering Equipment Technical Specification.  Not only was it the most expensive, but it was also insecure.  When GCHQ looked at it and considered the potential implications of connecting it to our national infrastructure they demanded a redesign, resulting in the SMETS2 specification.  SMETS1 meters look as if they won’t work with the SMETS2 software infrastructure, so any SMETS1 meters already installed will probably need to be replaced.  Throughout this fiasco, the Government has not relaxed its requirements for every home to have a smart meter fitted by 2020, which means fitting around 50 million new meters.

Which brings us to today.  The SMETS2 meters are enormously complex and are pushing the limits of the industry to design them.  With the 2020 deadline barely 30 months away you’d hope that the bulk of them would be fitted by now.  But I’ve just been talking to contacts in the industry who have told me that currently there are only around 80 SMETS2 meters fitted.  Do the sums based on what has been spent so far on the GB smart Metering programme and you’ll find that it equates to around £28 million for each of these meters.  It is an obscene example of a Government IT project going wrong.  But it gets worse.  Not only will the overall project cost consumers around £12 billion, it has the potential to destroy Britain’s leading position in the development of the Internet of Things.

Key Trends from the #IoT Developer Survey 2018

The Eclipse Internet of Things Working Group IoT Developer Survey 2018 collected feedback from 502 individuals between January and March 2018.

The key findings in this year’s edition of the survey include the following:

  • Amazon AWS and Microsoft Azure are the top 2 cloud services for IoT. Google Cloud Platform is failing to get traction.
  • MQTT remains the standard of choice for IoT messaging, while AMQP is becoming more and more popular as companies scale their IoT deployments and backend systems.
  • 93% of the databases and data stores used for IoT are open source software. Data collected and used in IoT applications is incredibly diverse, from time series sensor data to device information to logs.

For More Information see:

Key Trends from the IoT Developer Survey 2018

NIST Report on Lightweight Cryptography

National Institute of Standards and Technology (NIST) have published a report on Lightweight Cryptography.


NIST approved cryptographic standards were designed to perform well on general purpose computers. In recent years,there has been increased deployment of small computing devices that have limited resources with which to implement cryptography. When current
NIST approved algorithms can be engineered to fit into the limited resources of constrained environments, their performance may not be acceptable. For these reasons, NIST started a lightweight cryptography project that was tasked with learning more about the issues and developing a strategy for the standardization of lightweight cryptographic algorithms. This report provides an overview of the lightweight cryptography project at NIST, and describes plans for the standardization of
lightweight cryptographic algorithms.

To view this report, see:

NIST Report on Lightweight Cryptography

NIST seeks industry help to secure tiny #IoT medical devices

Cryptography experts specializing in secure communications at the National Institute of Standards and Technology (NIST) are looking for ways to protect data created by tiny networked devices that are being used in Internet of Things applications and projects.

These tiny IoT devices, which include sensors, actuators (components of a machine that move or control a mechanism or system) and other micromachines will need a new class of defense mechanisms against cyberattacks.

The devices will work on scant electrical power and use less complex circuitry than chips found in the simplest cell phone, according to the NIST.

For more information see:

NIST seeks industry help to secure tiny IoT medical devices


Microsoft built its own custom Linux kernel for its new IoT service

Microsoft have announced the launch of a secure end-to-end IoT product that focuses on microcontroller-based devices — the kind of devices that use tiny and relatively low-powered microcontrollers (MCUs) for basic control or connectivity features. Typically, these kinds of devices, which could be anything from a toy to a household gadget or an industrial application, don’t often get updated and hence, security often suffers.

At the core of Azure Sphere is a new class of certified MCUs. As Microsoft president and chief legal officer Brad Smith stressed in today’s announcement, Microsoft will license these new Azure Sphere chips for free, in hopes to jump-start the Azure Sphere ecosystem.

For more information see the TechCrunch article:

Microsoft built its own custom Linux kernel for its new IoT service


Qualcomm launches its new vision intelligence platform for IoT devices

Earlier this year Qualcom launched its new embedded platform for IoT developers; and it’s introducing two new systems-on-a-chip for IoT, the QCS605 and QCS603, that combine a multicore ARM processor with the company’s AI engine and an image signal processor.

The standard use for these chips is in smart security cameras for both consumers and industry, as well as sports cameras, wearable cameras, VR, robotics and smart displays — anywhere you need a good amount of computing power at the edge, as well as the ability to interpret images and run pre-trained machine learning models.

For more information see Techcrunch article:

Qualcomm launches its new vision intelligence platform for IoT devices:

Qualcomm launches its new vision intelligence platform for IoT devices


Intel Divorces Wind River Subsidiary

Wind River’s business is based on real-time operating systems and other high-reliability embedded software used in Internet of Things devices, ranging from sensors in connected cars to massive industrial machines that gather reams of data and send it to the cloud. And for the last decade, Wind River has been part of Intel.

But that will soon change. Wind River announced Tuesday that it had been sold to the investment firm TPG and will return to being an independent company. Jim Douglas, Wind River’s current president, will lead the company after the transaction closes in the second quarter. Other terms of the transaction were not announced.

See full article in Electronic Design:

Intel Divorces Wind River Subsidiary, a Decade After Acquisition


Why nobody has succeeded at running IoT on the blockchain

From the permissioned blockchain networks of IBM to the newly introduced Hashgraph technology, some of the largest technology and financial conglomerates have been testing the applicability and potential of blockchain with the Internet of Things (IoT) market since the beginning of 2016.

Yet, with nearly $4 billion invested in blockchain research and development, not a single company has been able to demonstrate the successful integration of blockchain technology with IoT.

…….For this sort of system to be deployed commercially, the scale of the blockchain-based IoT network would have to increase drastically in order to support hundreds of thousands of users. This would require the system to manage tens of thousands of data points per second, all of the which would need to go through the blockchain.

See full article at TNW:

Here is why nobody has succeeded at running IoT on the blockchain