Improving IoT security

i.MX 7 Series Applications Processor market for secure IoT milti-market applicationsFull featured power efficient microprocessor based on ARM® Cortex®-A7 and Cortex®-M4 cores enabling secure applications within Internet of Things

NXP is perfecting IoT by providing solutions to the security and battery lifetime concerns for these kinds of applications. The i.MX 7 series, with i.MX 7Solo and i.MX 7Dual, were recently released with capabilities that enable power efficiency and data protection, among other features.

 
 

Heterogeneous Multicore Processing

The i.MX 7 series operates with HMP in order to achieve power and security improvements. Dual Cortex-A7 operating at 1 GHZ and Cortex-M4 operating at 200 MHz paired together provide an efficient use of system resources and low-power processing. This processor integration enables the execution of rich OS on Cortex-A and real-time software on Cortex-M, which enhances low-power capabilities as well as increases system integrity and security and provides leverage proven software solutions. A shared bus topology allows flexibility to adapt to new use cases. ARMv7-A and ARMv7-M define exclusive access instructions. Exclusive access bus signals generated by the CPUs are connected to monitors in the memory gaskets to support load/store exclusive instructions. This exclusive access is widely used for synchronization in SMP (Single MP) systems. However, it is applicable to HMP systems that have architectural support. In HMP systems, the memory referenced during exclusive accesses must be configured such that the access will occur at the point of coherency for the Central Processing Units.

Resource Domain Controller

RDC provides a centralized programming model in order to configure isolation and sharing of system resources. RDC allows master resources, CPUs and bus mastering peripherals to be assigned to a resource domain and configure R/W access for slave peripherals based on resource domain. Memory can also be partitioned into regions with separate domain access control. It is also possible to configure R/W access for memory regions based on resource domain and an integral semaphore hardware that enables cooperative software to safely access peripherals with access by multiple domains. The semaphore can only be unlocked by the locking processor. There is also an optional interrupt notification after a failed lock attempt to indicate when the semaphore is unlocked. Enforcement of semaphore usage to reject access by master resources that have not obtained the semaphore lock is an additional feature.

The shared bus topology provides flexibility to repartition the resources for new use cases. Memory partitioning is necessary to specify shared and isolated regions. Potential issues can be isolated for the protection of other resources provided by RDC and CSU (Channel Service Unit). Also, mailbox registers to send/receive messages are provided where messaging control is done by interrupts or polling. Each processor has 4 RX/TX registers as well as 3 general purpose flags. Interprocessor interrupts are also available.

Power Domain Partitioning

System resources are partitioned into multiple power domains so when there are unused resources in a power domain, it can be powered down under software control to save power leakage. Cortex-M and low-power peripherals are located in a separate low-leakage domain to enable low-power processing.

i.MX 7Solo/7Dual

i.MX 7Solo/7Dual

The i.MX 7Solo operates with a single ARM Cortex-A7 up to 800 MHz and a Cortex-M4 up to 200 MHz. A 512KB L2 Cache and 16/32 bit DDR3/DDR3L and LPDDR2/3 at 533 MHz integrate the MPU as well. Single Gigabit Ethernet (AVB) is available as well as full security with tamper resist. The i.MX 7Dual offers the same characteristics as the i.MX 7Solo, differentiating by operating with Dual ARM Cortex-A7 up to 1 GHz, Dual Gigabit Ethernet (AVB), an EPD controller and PCIe (x1 lane).

Resources

 

Target Applications

These series of MPUs aim at mobile devices with LPDDR2/3 and small package characteristics as well as connected devices that require a low cost DDR3 and a larger pitch package. Target devices are:

  • Healthcare / Patient Monitoring
  • Wearables
  • IoT
  • Point of Sale
  • eReaders
  • HMI Control / Security
  • Printing
  • Home Control
  • General Embedded Control
 

Hardware/Software Enablement

NXP is offering the SABRE Board for Smart Devices hardware solution for i.MX enablement and comes with an SD card pre-installed with the Linux operating system. Android™ BSP is also available for the Cortex®-A7 core, as well as FreeRTOS BSP for the Cortex®-M4 core. Additionally, the Yocto Project is a software enablement tool for these series.

i.MX 7 series overview

The i.MX 7 series from NXP combines HMP, RDC, domain partitioning and hardware semaphore, among other features, and provides an attractive solution for IoT challenges. These solutions are delivered with innovative technology.

NXP imx7 solo block diagram

NXP imx7 dual block diagram

Parts

i.MX 7Solo: 1X Cortex-A7

  • MCIMX7S3DVK08SC
  • MCIMX7S3EVK08SC
  • MCIMX7S5EVK08SC
  • MCIMX7S5EVM08SC

i.MX 7Dual: 2x Cortex-A7

  • MCIMX7D3DVK10SC
  • MCIMX7D3EVK10SC
  • MCIMX7D5EVM10SC
  • MCIMX7D7DVK10SC
  • MCIMX7D7DVM10SC
 

Resources

NXP

NXP i.MX 7 series

The i.MX 7 series is a highly integrated multi-market applications processor designed to enable secure and portable applications within the Internet of Things.

NXP i.MX 7 Series

NXP

i.MX 7Dual SABRE board for smart devices

The i.MX 7Solo operates with a single ARM Cortex-A7 up to 800 MHz and a Cortex-M4 up to 200 MHz.