Framework offers secure domains on virtualized MIPS-based cores - Embedded.com

Framework offers secure domains on virtualized MIPS-based cores

Imagination Technologies announced a new security architecture that will cover its MIPS, graphics and radio cores. OmniShield aims to enable multiple secure domains on any virtualized hardware block using open software interfaces.

The technology could help Imagination differentiate its cores in an industry increasingly dominated by ARM and the x86. It already has helped fuel participation in a working group in its prpl Foundation developing open APIs for OmniShield.

Imagination will release a reference platform by the end of the year that implements its approach which includes a hardware root of trust and secure boot capability. The APIs will take longer given they are being defined by an industry group that includes representatives of Broadcom, Qualcomm, Lantiq and others.

OmniShield will be able to create up to 255 separate secure domains. Existing PowerVR graphics and MIPS series 5 and 6 cores have the hardware virtualization support it requires. Future PowerVR video and vision and Enigma radio cores will be designed to support it, too.

Imagination is working with a partner to develop open source versions of a hypervisor and trusted operating system for OmniShield. It expects third parties will eventually create tools to configure and manage secure domains.

OmniShield can enable multiple secure domains across CPU, GPU and radio cores.

OmniShield can enable multiple secure domains across CPU, GPU and radio cores.

The use of multiple secure domains will be useful in many applications. For example car makers could use a common GPU for separately secured dashboard, infotainment and driver assistance jobs. Imagination foresees SoC and system makers using OmniShield even for designs that use a mix of PowerVR and ARM or x86 cores.

Imagination and partners will provide a range of virtualized root-of-trust blocks for OmniShield. They will include crypto, Public Key Accelerator, random number generator, secure I/O for external Trusted Platform Modules and secure ROM blocks.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.