For the majority of the different embedded processor devices available on the market, there is a software development environment created to enable software coders to do their job. This includes a variety of elements including source code capture, debuggers, compilers, linkers, test tools, and visualization tools. The differentiation between one embedded processor and the next is as much about performance as it is about ease of use and productivity. In addition, interoperability between other third party productivity tools is a major consideration. Those who architect and implement design environments for embedded processors tend to prioritize these two factors.
With high security products and projects that fully utilize secure hardware, however, an additional primary objective is to provide a ‘Trusted Development Environment’. This represents a high degree of either third party certification of the integrity of design software elements, or extensive documentation and interoperability testing between disparate elements of the design tool suite.
The primary goal is to ensure that neither malicious nor hidden code elements are implemented during any step of the development process, as well as track and monitor potential vulnerabilities created in the design hand-off process. This somewhat non-standard approach allows design assurance to be tested from threats both from outside the design environment, and from within the design environment as well. Intentional and non-intentional inside threats are often overlooked, and are one of the most dangerous vulnerabilities in embedded systems.
CPU Tech has prioritized ‘Trust’ in developing the Acalis and Acalis Sentry design environment. This is to allow developers with security as their highest priority to provide a more secure product to their end customers. Ease of use and productivity are high priorities as well, but we call this particular approach towards the design environment ‘Trust-Oriented’.
Trust-oriented design environments are all about ‘safety first’ with respect to malicious circuits and subroutines.