Designing Secure IoT Devices with the Arm Platform Security Architecture and Cortex-M33

Designing Secure IoT Devices with the Arm Platform Security Architecture and Cortex-M33

1st Edition - April 28, 2022

Write a review

  • Author: Trevor Martin
  • eBook ISBN: 9780128214732
  • Paperback ISBN: 9780128214695

Purchase options

Purchase options
DRM-free (EPub, PDF)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order


Designing Secure IoT devices with the Arm Platform Security Architecture and Cortex-M33 explains how to design and deploy secure IoT devices based on the Cortex-M23/M33 processor. The book is split into three parts. First, it introduces the Cortex-M33 and its architectural design and major processor peripherals. Second, it shows how to design secure software and secure communications to minimize the threat of both hardware and software hacking. And finally, it examines common IoT cloud systems and how to design and deploy a fleet of IoT devices. Example projects are provided for the Keil MDK-ARM and NXP LPCXpresso tool chains. Since their inception, microcontrollers have been designed as functional devices with a CPU, memory and peripherals that can be programmed to accomplish a huge range of tasks. With the growth of internet connected devices and the Internet of Things (IoT), “plain old microcontrollers” are no longer suitable as they lack the features necessary to create both a secure and functional device. The recent development by ARM of the Cortex M23 and M33 architecture is intended for today’s IoT world.

Key Features

  • Shows how to design secure software and secure communications using the ARM Cortex M33-based microcontrollers
  • Explains how to write secure code to minimize vulnerabilities using the CERT-C coding standard
  • Uses the mbedTLS library to implement modern cryptography
  • Introduces the TrustZone security peripheral PSA security model and Trusted Firmware
  • Legal requirements and reaching device certification with PSA Certified


Embedded systems engineers, software engineers, and computer engineering students taking a course on embedded systems

Table of Contents

  • Cover image
  • Title page
  • Table of Contents
  • Copyright
  • Foreword
  • Chapter 1: Introduction
  • Abstract
  • Arm Platform Security Architecture
  • Assumptions
  • Structure of the book
  • Tutorial exercises
  • Important
  • Chapter 2: Arm platform security architecture
  • Abstract
  • Introduction
  • Analyze
  • Architect
  • Implement
  • PSA certification
  • Conclusion
  • Chapter 3: Development tools and device platform
  • Abstract
  • Introduction
  • Hardware
  • Software
  • <  to do  > Install community license
  • Conclusion
  • Chapter 4: Cryptography—The basics
  • Abstract
  • Introduction
  • mbedTLS
  • Information assurance
  • Security services
  • Ciphers
  • Streaming block ciphers
  • Hash functions
  • Authenticated encryption
  • Random numbers
  • Managing keys
  • Conclusion
  • Chapter 5: Cryptography—Secure communications
  • Abstract
  • Introduction
  • Asymmetric ciphers
  • Elliptic curve cryptography
  • Message signing
  • Using asymmetrical ciphers
  • Man in the Middle
  • Public key infrastructure
  • X.509 certificates
  • Certificate validation
  • Certificate lifetime
  • Certificate revocation list
  • Certificate encoding
  • Certificate authority selection
  • Certificate chain
  • Exercise: Creating X.509 certificates
  • Putting it all together
  • Exercise: TLS server authentication
  • Conclusion
  • Chapter 6: IoT networking and data formats
  • Abstract
  • Introduction
  • Message queued telemetry transport (MQTT)
  • Data formats
  • Conclusion
  • Chapter 7: Using an IoT cloud service
  • Abstract
  • Introduction
  • AWS account
  • AWS IoT
  • Connect a device
  • Create a connection policy
  • Adding the Dynamo DB database
  • Action rules
  • IoT analytics
  • Logs
  • Lambda
  • Device services
  • Conclusion
  • Chapter 8: Software attacks and threat modeling
  • Abstract
  • Introduction
  • Common security exploits and vulnerabilities
  • Mitigation
  • Threat modeling
  • Conclusion
  • Chapter 9: Building a defense with the PSA security model
  • Abstract
  • Introduction
  • Software architecture
  • Temporal barrier
  • Runtime isolation
  • PSA Execution environment
  • Runtime partitions
  • Secure services
  • Secure Boot
  • PSA parameters
  • Lifecycle
  • Device requirements
  • Conclusion
  • Chapter 10: Device partitioning with TrustZone
  • Abstract
  • Introduction
  • TrustZone security extension
  • Programmers model
  • TrustZone operation
  • TrustZone configuration
  • TrustZone interrupt handling
  • TrustZone system control block
  • SysTick
  • Exercise: TrustZone SysTick support
  • Using an RTOS with TrustZone
  • Memory protection unit (MPU)
  • CMSIS-zone
  • Conclusion
  • Chapter 11: The NXP LPC55S69 a reference IoT microcontroller
  • Abstract
  • Introduction
  • Trusted execution environment (TEE)
  • Security architecture
  • Hardware accelerators
  • Conclusion
  • Chapter 12: Trusted firmware
  • Abstract
  • Introduction
  • Installation
  • Exercise: TF-M setup and testing
  • TF-M software design
  • Conclusion
  • Chapter 13: Trusted firmware secure services
  • Abstract
  • Introduction
  • Nonsecure client
  • Security services
  • Conclusion
  • Chapter 14: The PSA Secure Bootloader
  • Abstract
  • Introduction
  • Updatable bootloader
  • Upgrade strategies
  • Firmware update service
  • Image encapsulation
  • Image signing
  • BL2 configuration
  • Updating the bootloader keys
  • Exercise: Bootloader keys
  • Bootloading by hardware key
  • Image encryption
  • Measured boot
  • Conclusion
  • Bibliography
  • Index

Product details

  • No. of pages: 496
  • Language: English
  • Copyright: © Newnes 2022
  • Published: April 28, 2022
  • Imprint: Newnes
  • eBook ISBN: 9780128214732
  • Paperback ISBN: 9780128214695

About the Author

Trevor Martin

Trevor Martin graduated from Brunel University in 1988 with an Honors degree in electrical and electronics engineering. In the same year, he began work as a junior hardware engineer at Philips Medical Systems. He joined Hitex in 1992 as a technical specialist for 8-bit microcontroller development tools. This included the 8051,68HC11\05\08 microcontrollers. He also gained experience with networking protocols such as CAN, USB, and TCP/IP. Since 2000, he has been supporting ARM-based microcontrollers, initially ARM7 and ARM9 CPU then moving to Cortex-M processor. To promote these devices, he has worked closely with both NXP and ST and also TI and Freescale to a lesser extent. Since 2005, he has written a number of “Insider’s Guide” books that are introductory tutorials to ARM-based microcontroller families such as LPC2000, STR9, and STM32. He also runs regular training courses, a general Cortex Microcontroller workshop and also device-specific courses.

Affiliations and Expertise

Technical Specialist, Hitex (UK) Ltd., Coventry, England, UK

Ratings and Reviews

Write a review

There are currently no reviews for "Designing Secure IoT Devices with the Arm Platform Security Architecture and Cortex-M33"