Arm TechCon 2017 – The Long View on Securing and Enabling IoT

By Charles King, Pund-IT, Inc.  November 1, 2017

In technology, as well as most every other sector, marketing relies on compartmentalization—crafting messages that make large subjects easily consumable and complex ideas modest in scope. But that practice tends to enforce the notion that those subjects and ideas somehow stand alone and are discretely independent from one another.

Nothing could be further from the truth. In fact, rather than existing in a vacuum, successful technologies are interdependent and gain value from playing off the strengths of other products and services. Evolving emerging technologies, like the Internet of Things (IoT), offers insights into how this works and last week’s Arm TechCon 2017 conference in Santa Clara, CA firmly underscored the process in action. 

Taking a very long view

The set-up for this conference began at last year’s TechCon, shortly after Arm Holdings was acquired by Softbank, the Japanese telecoms conglomerate, for £24.1B (or about $32B). In his opening keynote, Softbank founder, chairman and CEO Masayoshi Son envisioned the shape of technology in 20 years (2035), including a global footprint for IoT spanning over 1 trillion connected endpoint sensors, actuators and other devices.

Son is no stranger to long range strategizing, having authored a 300-year business plan for Softbank (extolling the company’s “Information Revolution — Happiness for everyone” philosophy). But while TechCon 2016 served to highlight Son’s visionary goals for the acquisition, it also set the stage for Arm executives to use this year’s event to detail how they will pursue that goal.

Main tent security

That was achieved through main tent presentations, beginning with Arm CEO Simon Segars on “Honoring the IoT Digital Contract.” Segars detailed a new company Security Manifesto that focuses on the need to pursue and enable network-wide security as a central issue for IoT. Though somewhat generic in tone (that “no company is exempt from the Social Contract with users” and that “security is a collective responsibility”), the Manifesto also highlights fundamental challenges that the tech industry has largely failed to address.

It may reflect a cultural shortcoming—that in security, the industry’s traditional love of entrepreneurial efforts has hit a brick wall that no individual can or will ever crack. You could also argue that the underlying technologies are simply too complex for conventional targeted solutions to address, or that modern cyber-criminals are better-organized, motivated and funded than the vast majority of corporate-directed security services. Whatever the case, Segars and other Arm executives deserve kudos for their willingness to touch-on and consider a controversial industry sore spot.

Some presenters focused their attention on broad Arm innovations, including the company’s new Platform Security Architecture (PSA) and the related open source Arm Trusted Firmware-M and security intellectual property (IP). Others highlighted new company security components, like Arm TrustZone CryptoIsland (a security subsystem integrated on-die) and the Arm CoreInsight SDC-600 secure debug channel.

Tackling a trillion

Others examined related, germane subjects. For example, Dr. Mary Aiken, a cyber-psychologist from the University of Dublin, explored the need to factor human behavior into designing/implementing security solutions. As cybercriminals become increasingly adept at targeting individual consumers and workers, the need to cultivate such solutions seems both obvious and necessary.

A particularly interesting presentation was Arm R&D Fellow Rob Aitken’s keynote; “How to Build & Connect a Trillion Things” which examined the issues and challenges inherent in Masayoshi Son’s vision of a trillion connected things. Scaling to that number of devices is clearly a multi-year (or decade) effort that will require new and as-yet undeveloped device efficiency, cross-system security, automated management and global network resiliency features.

Aitkens also noted that, “Solutions don’t need to be perfect, but they should be invisible to users.” Consciously or not, this emphasized a point that I haven’t seen much discussed—the degree to which IoT today reflects the goals of on-demand and utility-style computing that have floated around for the past couple of decades. It may simply be another example of how adept the tech industry is at building the tools required to achieve the future it desires.

Final analysis

So what was my final impression of TechCon2017? Compared to what I’ve seen from other vendors, including those focused intently on IoT, the points that Arm and its leadership drilled into over and again focused more on strategic vision than practical solutions. That’s at least partly due to the shape of the company. Arm, after all, focuses on developing and licensing silicon IP, not the chips and related components and products developed and manufactured by its licensed partners and customers.

As a result, the company’s rhetoric at TechCon 2017 could be interpreted as a broad, “We’ve got your back!” message aimed at those whose livelihoods and success depend on Arm continuing to deliver compelling technologies and future-focused solutions. Considered that way, the “Security Manifesto” and “IoT Digital Contract” underscore both Arm’s understanding of how crucial security issues are to the success of IoT, as well as its intention to address those points today and over the very long term.

Some, particularly Arm’s competitors, may consider that message more nebulous than their own IoT-focused products and strategies. But taken alongside past Arm innovations and the remarkable success they helped spark, the company’s view of and plans for IoT loud were clear and gratifying for Arm TechCon 2017 attendees.

© 2017 Pund-IT, Inc. All rights reserved.