“As IoT devices proliferate, our focus is shifting toward optimizing Arm Mbed OS to best address the use cases our customers face. In 5.13, we have reduced the number of new features we’re delivering and have instead concentrated on specific optimizations of existing features that benefit our customers.
As with our 5.12 release, the new features we’ve released are primarily concentrated on security, which remains the key challenge in IoT product development, and connectivity.
Separation of Mbed TLS and Mbed Crypto
As our security services in Mbed OS have evolved to meet the requirements of Arm’s Platform Security Architecture (PSA), we have separated the cryptographic capabilities from the network security components of Mbed TLS into two distinct libraries: Mbed TLS remains the cornerstone of embedded network security, and Mbed Crypto delivers support for crypto hardware under the PSA Crypto APIs.
This provides a clear way to use cryptography to secure data while the device both communicates and stores it. With the new APIs, you can also abstract how cryptographic functions are provided: through hardware acceleration, a software-only implementation or through a separate secure execution environment provided by either a secure element, a dual core v7-M platform or a v8-M platform with TrustZone. You can use the same APIs irrespective of how the cryptographic functions are executed.
We have modified Mbed TLS to use the same cryptographic APIs and still provide the encryption services required to protect the data IoT devices communicate to cloud services.
Wi-SUN authentication in Mbed TLS
In Mbed OS 5.12, we released the first open source Wi-SUN stack implementation in Mbed OS. Wi-SUN is based on open standards from IEEE802, IETF, ANSI/TIA and ETSI. As we further evolve the stack, we’ve added support in Mbed TLS for Wi-SUN authentication, which uses certificate-based EAP-TLS and IEEE 802.11 authentication protocols (RFC 5216, IEEE 802.11 4-way handshake protocol and group key handshake protocol).
One connectivity technology for which we see strong customer demand is NB-IoT. This brings specific challenges due to the low data rates supported and the expected battery life of devices. In our 5.13 release, we’ve made some changes that better support NB-IoT, with more optimizations planned for future releases:
We have upgraded our LWIP implementation to 2.1.0, which reduces the RAM required while still supporting full scale TCP functionality.
Our Pelion IoT platform has introduced a long sleeping device model, which allows messages to be stored while the device is asleep, delivering them when the device wakes up without losing the Pelion registration.
Quality improvements for specific drivers
We are always looking to how we can improve the quality of both Mbed OS, and the drivers our silicon partners provide to enable peripheral interfaces in Mbed OS on their MCU platforms. Our Mbed Continuous Integration (CI) system runs thousands of tests every day on a wide range of supported platforms. With this, we can validate both the OS and our Partner hardware platforms. In 5.13, we’ve begun to release tests for the latest addition to our testing strategy, an FPGA test shield. FPGA allows us to test a higher number and configuration of pins and peripherals at higher speeds and with a greater degree of confidence than a similar MCU-based solution would. The shield connects to the physical pins on MCUs and test the GPIO, I2C and SPI drivers, which further improves driver quality. We’ll add these tests to our CI system and distribute additional test shields to our silicon Partners, so they can run these tests in their own test environments.”