Activity around prpl Foundation is fast moving and can be hard to keep up with. In order to keep everyone in the loop, we’ve created a quarterly newsletter called prpl Perspectives. You can check out the first issue and please subscribe to all future issues. Enjoy!
New article in Embedded Computing Design: Integrate dynamic voltage and frequency scaling into instruction-accurate virtual platforms.
In embedded systems, extra-functional requirements, such as power consumption, have been increasing in importance. In a cooperative effort between OFFIS and Imperas Software, the Open Virtual Platforms (OVP) technology has been equipped with support to express and execute dynamic voltage and frequency scaling (DVFS) compatible power models. Software on the virtual platform can access the actual power consumption and perform power management through DVFS. The technology has been successfully demonstrated for an ARM-based multi-core platform, running a synthetic bare-metal DVFS test application and Linux power management.
The world’s great and good of the information security industry descended on San Francisco this week for RSA Conference 2017. On the surface, it looked like more of the same this year. There weren’t a huge amount of new companies exhibiting this year and the traditional vendors all seemed to be consolidating and streamlining their product lines in attempt to demystify buyers. It even saw the McAfee brand back this year after a noticeable absence in the previous “Intel Security” era.
What was extremely apparent, however, was a return to the future. By this I mean the return of focus on securing the endpoint. From laptops, desktops and mobile phones, BYOD reared its head again under a different guise – Bring Your Own Anything. The reason for this is likely the shift to the cloud and away from traditional on-premises offerings, where RSA vendors have typically focused in the past. This trend has meant that as applications, services and virtual workloads move to the cloud and third parties, the corporate data centre is becoming less and less central to IT budgets. As such, we are now seeing a trend where established vendors are following suit and looking once again the endpoint as a source of revenue, albeit from a slightly different perspective this time.
This difference comes in the form of Internet of Things (IoT) – which, based on the amount of presentations at RSA this year, is clearly of major significance within the industry. Kaspersky jumped on the bandwagon and announced its platform for IoT and AT&T, IBM, Symantec and others announced an IoT Cybersecurity Alliance.
But is IoT just another buzzword? The scepticism comes from the fact that traditionally, RSA has been a datacenter/network security event. Granted, network perimeters are changing significantly with the advent of things like the cloud and IoT, but I’m still unconvinced that people can define IoT successfully in this context. It simply isn’t a problem that traditional network security is going to fix, as evidenced in prpl’s extensive research into how to secure the IoT. We know that security IoT has to start at the hardware level, and that traditional RSA conference vendors have little understanding of this space
It was encouraging to see a large presence by the not for profit Cloud Security Alliance that was poised to tackle the IoT issues and the crowd for the CSA seminar exceeded 1,400 – with queues out of the door for attendance. Its approach, which advocates open standards, is one which prpl aligns itself with and it is heartening to see everyone coming together in an organised manner to undertake the problems associated with IoT security.
Finally, the last significant observation for me at RSA was the emerging role of identity as it relates to securing corporate data. There was a lot of innovation happening around the idea of making passwords obsolete and start-up UnifyID even took the RSA Innovation Sandbox contest with its implicit authentication platform that combines machine learning and the array of devices around us to match our bodies, and more specifically the way we move, to our identities.
It’s innovations like these and the group mentality of coming together to face security issues head on that mean RSA will be successful for years to come. It just needs scratching away at the surface to get to the real innovation: end to end security cloud to silicon.
Within the prpl Foundation Security Working Group, Imperas is providing solutions for embedded hypervisor/OS developers. Simon Davidmann, Imperas CEO, wrote a guest blog for RTC Magazine, which focusses on embedded computing, including information for both hardware and software developers of embedded systems.
“Most of the public discussion about security presents various aspects of the problems, or a high level view of risks/solutions, or an individual company’s solution to their slice of the problem. The prpl Foundation’s Security Working Group is taking a pragmatic, cross-functional approach to security in embedded devices and systems. What do I mean by pragmatic and cross-functional?…”