As more and more non-traditional computing devices connect to the Internet—the so-called Internet of Things—each networked device brings with it a potential security threat. To help secure this increasingly diverse range of devices, Imagination Technologies has created a full-stack secure computing solution called OmniShield for its system-on-a-chip IP. OmniShield allows operating systems and applications to be segregated into secure and non-secure operating environments through hardware-supported, multi-domain virtualization.
Let's unpack that dense verbiage a little bit. "Multi-domain" means that an SoC with OmniShield support can use the hardware virtualization features in MIPS Warrior CPUs and certain PowerVR 7 GPUs to segregate non-secure operating systems and applications into a virtualized environment, or domain. Any number of operating systems or applications that need a secure environment can then be run in their own secure domains, without any contact with non-secure apps or even other secured programs. Because this virtualization support is implemented in hardware, these features are said to have minimal impact on performance.
If this technology sounds familiar, you might be thinking of ARM's similar TrustZone solution. TrustZone divides its operating environments into two domains: a non-trusted environment called the normal world and a trusted environment called the secure world. TrustZone systems wall off the two environments by running a pair of virtual processors—one for each zone—atop a physical CPU. A special processor mode handles the exchange between normal and secure computing environments.
OmniShield protection extends to the underlying hardware, as well. Since secure and non-secure domains will be running atop the same hardware, Imagination ensures that communications from secure and non-secure domains can't intermix when passing through the SoC. OmniShield provides secure flows of information by using a trusted hypervisor and a secure interconnection fabric between the various devices that make up the SoC.
Applications for OmniShield tech might include smartphones and wearable computers, embedded industrial devices, automotive computing, smart TVs and set-top boxes, and smart home control systems. Imagination Technologies will provide more information on this new tech tomorrow at its Imagination Summit Silicon Valley event.