The Prpl Foundation and EEMBC have teamed up to launch an initiative to protect IoT hardware from hackers by using virtualization technology within these devices.
The two organizations announced a formal partnership to advance the use of security-by-separation in IoT edge devices.
Prpl (pronounced ‘purple’) is a community-driven, non-profit organization with a focus on enabling the security and interoperability of embedded devices for the IoT, while EEMBC is an industry alliance that develops benchmarks to help designers of systems understand their performance and energy characteristics.
Together, they are aiming to develop an industry-standard hypervisor benchmark, with a view to shattering the industry perception that hardware virtualisation in low-power embedded devices comes with big performance and energy overheads.
Efficiency and security
Virtualization is used to separate an operating system from the underlying hardware as this generally improves the efficiency of computers. It also comes with security benefits, too, through the isolation or ‘separation’ of users, tenants and applications running on a given piece of hardware.
This approach is well understood and widely used in data centers, but not traditionally in resource-constrained embedded systems such as those found in IoT devices – precisely because of those ‘overhead’ concerns. EEMBC and Prpl hope to demonstrate that any such limitations can be mitigated through new development techniques.
Today, the way that software or ‘firmware’ gets assembled leaves makers with little control over all the components that make up their device. By using hypervisors at the hardware level to create security through separation, supply chain security issues could be greatly reduced, while preserving the core functionality of the device, according to the two partners – even if a security issue arises with another component of the system or if it is compromised by malware such as Mirai.
The partnership will see EEMBC’s Markus Levy and Art Swift of the Prpl Foundation co-chair the joint EEMBC/prpl HyperBench Working Group to assess the performance of new lightweight embedded hypervisors paired with System on Chips (SoCs) with hardware support for virtualization.
“EEMBC sees value in HyperBench in two ways. The first way follows our traditional model of creating benchmarks to help system developers select the most optimal processing solution for their applications; in this case, HyperBench will allow processor vendors to fairly demonstrate their performance advantages,” said Markus Levy, EEMBC president.
“HyperBench will help out the industry in general by demonstrating that with advanced hardware assist for virtualization, the performance impact of hypervisors will be minimal.”
“Security of IoT is not a problem that any one company or entity can solve on its own,” said Art Swift, president of the Prpl Foundation. “It will take cooperation at all levels to work towards best practices and developing universal standards. A separation-based approach rooted in hardware can create a more secure IoT without significant performance penalties.”