The pace of technology innovation continues to accelerate. One breakthrough after another quickly supersedes what recently was considered to be state-of-the-art technology.
As intelligence increasingly migrates from the cloud to the edge, the primary challenge for developers is to design more capable edge-deployed devices while working within tight power and space constraints, says Amanda McGregor director of product management at NXP Semiconductors.
Edge devices might be remote and hence need to run from a battery for an extended period of time, or they might be wall-powered yet required to meet new governmental energy efficiency regulations. With billions of connected devices currently deployed, security also remains a perennial concern for designers as malicious access can have serious consequences for consumers, businesses, governments and service providers.
First-generation “smart” edge devices primarily aggregated data and sent it to the cloud for processing, as seen in applications such as voice assistants. Smarter edge devices balance cloud computing with some local processing, allowing them to simplify the data at the source and transmit it to the cloud only when necessary enhancing the solution’s overall efficiency.
Today’s intelligent edge devices can perform local data interpretation and analysis and then make some meaningful decisions without cloud intervention. This approach can be very powerful in terms of system benefits for end users. For example, an early home security camera might simply capture a video stream and store it locally, while intelligent edge cameras add new functionalities such as face recognition, enabling different actions to be performed depending upon the context.
Intelligent edge cameras capable of face recognition can monitor and identify frequent or authorised visitors such as employees, delivery persons, family and friends. Going beyond this capability, aware edge vision systems can trigger actions based on the face and context.
For example, the camera system may simply announce the presence of an unknown person during daylight hours. However, if there is an unknown visitor in the middle of the night, the aware camera system can communicate with other security devices to send an alarm, switch on lights, ensure the house and vehicles are locked, and even alert security monitoring personnel and local law enforcement.
Advanced applications processors for aware edge computing
Highly advanced applications processors are necessary to enable aware edge computing in small, secure and energy-efficient solutions. Given the design constraints of connected devices at the edge, these processors must provide scalable computing power along with the security and energy efficiency necessary to build a secure and capable multi-sensor system.
The i.MX 9 and i.MX 8ULP applications processors from NXP Semiconductors, for example, offer an inbuilt, hierarchical and fine-grained power partitioning and management architecture. Most multi-functional applications processors contain peripheral functions such as audio, video, graphics, DSP, I/O, sensor interfaces and memory management, but not all of these functions are required all of the time.
For example, a sensor for a slow-moving parameter, such as soil acidity for agricultural IoT applications, may only take a reading every few hours or so.
NXP’s applications processors recognise that different on-chip elements have varying power needs. With NXP’s innovative Energy Flex architecture, multiple individually-powered, defined domains can be powered on and off as required by the system. In an edge application, this means that significant portions of the system can remain powered down until an event occurs such as a “wake word” for an assistant, a camera detecting motion, or a timed event such as a sensor reading. Only the processor’s highly efficient real-time domain requires constant power, reducing chip-level power consumption to a low level compatible with button cells or energy harvesting.
Securing the edge
Security is a particular concern for thousands of edge applications as each connected device provides a potential attack surface and entry point into wider systems and networks that can allow malicious individuals to take control of critical infrastructure. This concern is further heightened as edge devices by their very nature may be located in remote areas where an attacker can carry out a physical attack on a vulnerable device without being detected.
Securing edge devices requires a powerful yet easy-to-implement security framework based on strong isolation and tested, proven hardware security technologies. NXP is addressing this challenge with the EdgeLock secure enclave, a preconfigured, self-managed and autonomous on-die security subsystem integrated in i.MX 9 and i.MX 8ULP applications processors.
EdgeLock secure enclave eases the complexity of implementing a robust, system-wide security architecture to help protect edge devices against physical and network attacks. The self-contained hardware security subsystem has its own dedicated security core with internal memory and supports state-of-the-art side channel attack resilience with crypto accelerators and hashing functions.
The secure enclave also enables autonomous management of critical security functions including silicon root of trust, run-time attestation, trust provisioning, SoC secure boot enforcement, and fine-grained key management augmented by extensive crypto services for advanced attack resistance.
The EdgeLock secure enclave is designed to intelligently track power transitions when end user applications are running on the processors. This exceptional “power-aware” capability enhances resistance and prevents new attack surfaces from emerging by enforcing security policies when the processor’s heterogeneous cores enter different power modes.
While EdgeLock is highly sophisticated, it is designed to be simple to use. The preconfigured security policies help developers streamline the process of implementing edge device security while avoiding costly errors. Developers can now focus on differentiating their applications and tackling time-to-market challenges and let the EdgeLock secure enclave handle the underlying complexities of securing the edge.
The author is Amanda McGregor, director of product management at NXP Semiconductors.
About the author
Amanda leads product innovation for NXP’s advanced edge processing business. Having received a B.Eng in Biomedical Engineering, she has spent her career driving the definition and introduction of multiple generations of highly successful applications processors. Amanda instills excitement for the technology across numerous markets, including automotive, industrial, and consumer IoT.
She is passionate about creating strong partnerships through her collaborations with engineering and sales communities and OEMs globally. Using past experiences to inform new and better ways of building products, she enables and implements new ideas that positively impact our daily lives.
Follow us and Comment on Twitter @TheEE_io