ZAYA μContainers are a brand new feature for Arm Cortex M Microcontrollers to provide high-level security for IoT Edges. ZAYA μContainer are security-less execution and following sections explains how ZAYA μContainers are protected.
1. Isolation Limitation of Traditional RTOSes: Due to lack of isolation hardware’s such as MMU on the microcontrollers, there is no isolation between, Kernel and User Applications(s) and code can access to all address range of the device. Herein, when an application is malfunctioned (e.g. Code Injection), can get the control of the whole IoT Device, including secrets (e.g. crypto keys) of other modules. It is the most critical security leak at the moment for the IoT Edge devices.
As mentioned before, ZAYA μContainer are isolated executables, and any malfunctioned user application or container cannot violate a μContainer.
Isolation is a requirement for almost all security certifications.
1.1 Arm Platform Security Architecture(PSA)
Arm PSA Level 1 requires isolation between Secure Processing Environment(SPE) and Non-Secure Processing Environment(NSPE).
Herein, a ZAYA μContainer runs in ZAYA User Space is equivalent to PSA NSPE and ZAYA Kernel Space is an equivalent to PSA SPE which is isolated from ZAYA User Space.
1.2. SESIP (v1.3)
SESIP requires two levels of isolation. a. Isolation of Platform: SESIP requires isolation of IoT Platform Layer from the IoT Application Layer. ZAYA Kernel space is the platform layer which is isolated from ZAYA User Space. Containers run in User Space which meets the requirement. b. Isolation of Application Parts: SESIP requires isolation between user applications. ZAYA Secure Kernel provides Process Isolation, and ZAYA Containers make uses of ZAYA Process isolation to isolate themselves from other user-space executables which meets the SESIP requirement.
2. μContainer Authentication
ZAYA μContainers have a signature (public-key cryptography) of the μContainer. ZAYA Containers must be signed by a trusted source. ZAYA uses public-key authenticity to authenticate the Containers.
At device startup, ZAYA Secure Kernel does integrity and authenticity checks for all Containers and runs a μContainer if it is verified.
3.Arm PSA Functional API ZAYA Secure Kernel is an PSA Certified™ Functional API Operating System and implements Arm PSA Functional API using the proven security stacks. ZAYA Secure Kernel passes all Arm PSA Test Suite Tests.
ZAYA containers make use of ZAYA’s PSA Functional API from ZAYA Secure Kernel to have security services such as Cryptography, Secure Storage, Attestation.
ZAYA Containers do not need to handle basic cryptographic algorithm nor secure key-storage which is already handled in isolated and certified Kernel Space. Therefore, ZAYA Containers are security free pure user executables.
4. Access Control Check ZAYA containers can have different access rights to access sensitive resources protected in Kernel Space. The system designer can define custom sensitive and nonsensitive resources and can also define access rights for containers; only containers which have a valid access rights can access sensitive resources.
For more details and demonstrations, please contact firstname.lastname@example.org