 Narrow Connect, Budapest 2017. And who are you? My name is Joakim Beck. I'm working for Linaro, a security working group. So you've been working for a while on the OPTI, right? Yeah, we worked with OPTI as open source, now three years at least in Linaro. And before that, some of us has history for actually the source code before it was open source. So where did the idea come from? And why is it happening at Linaro all this time? Well, there was no open source solution. I think that's the main reason you could only find proprietary solutions. And just like in all other areas, there is a need for something in open source in Linaro also. So how is it possible to do security in open source? Is that possible? Yeah, it is. I mean, you don't really need to hide the things if you do it the right way, I would say. There are still people arguing that it is more secure if you don't have it open. But I don't really agree. I mean, people that are able to figure that out can do it anyway. So you can use open source and just hide whatever it is, right? You don't need to hide it. I mean, the information is well known already. It's the encrypted algorithm, RSA, signatures, and the key components that actually adds the security. It's already open, and it's documented and everything. But there's already a lot of traction, right? There's a lot of the products out there, solutions that are using Opti, but maybe they're not advertising it? True. Even though it's open source, I mean, it's not that the OEMs are kind of shouting out that we are using this solution and that solution and so on. So why is there so much talk about Opti? Yeah, I think we had a chat with you two, three years ago when we were just about to publish the code, I think. And back then it was a little bit slow. People were kind of worried, is this actually something that we can use? And I think it has grown now, and people realized that this is actually a rather stable thing, and there's a lot of people working with it actively. And we have quite a few members now in Lino that are helping us out with making this, I mean, to become a real product. So who are these guys, for example? These guys are from my team, so it's David and James. Yeah. So what kind of stuff have you been doing? I'm mainly working with the Opti. I'm one of the main programmers. And you? And well, I've recently been working on the IoT Bookloader that is in another video, and before that I was working on Opti with some specific application for that. So it's definitely working, right? Or how much work is there to do, still? It depends what, how you define working, but I mean, it's used in some products today on the market, so it is working in that sense, but for sure we have gaps also. If you want to hear things that doesn't work, or that more work to do is like pin inputs, graphical, I mean, secure display, and so on. That is something that we still have some work to do. Because, so it would be great if, does it have to do with the phone, for example, there would be like a secure way of entering a pin? For example, yeah. For example. And that's not yet implemented? Well, the secure side, we have some code that is working, but the thing is like, since we know open source, we know we would like to upstream everything, it's not that easy. I mean, if you're a SOC, you can take shortcuts and make this work, but we would like to get into agreement with all the maintainers involved and everything, so it's quite a big process for us to get that started. So since you're doing all this work with the security, has this influenced how ARM has designed the Cortex-M33, like, do you in mind to get all this stuff more secure in IoT, right? Well, no, I wouldn't say that what we have done have influenced them. I mean, they have quite, they have a team with security people also doing this work. And the V8M work that I guess we will see more about that by the end of year, it looks a bit different to what we used to in the Cortex-A environment. So you're working mostly on the Cortex-A? Well, so far. I mean, with David starting in with MCU Boots, we are starting to put people into the M-Sphere also. So how do you put people into the M-Sphere? How does that work? How do you get this stuff over to Cortex-M? Well, we don't, architecture-wise, they're different. So we're not really moving things from A to M. I mean, we are using what is coming from other people that have been leading the work, so to say. And in this case, I would say it's ARM. It's one of the biggest challenges right now, with ARM, right? Security is the most, maybe the most important, you would say, right? Of course. It's more important than performance. It's more important than power consumption. It's more important than everything else. I guess everyone says that Aria is the most important, but I think they need to play well together also. We have had a couple of discussions this week where if you think them as separate component, they might be good or working, but if you're actually starting to interact with each other, you can still have quite a few things that you need to sort out. So I won't say it's you guys, but what's it called? Somebody hacked some IoT devices and destroyed the US internet for eight hours or something. And so there's a lot of pressure on you, right? To get this right? What you're doing right now is a big deal? Yeah, of course it is. I mean, in some cases, if you break something, it might not be that bad, but there could be applications. I mean, personal information, you wouldn't be happy if all your money got in some other people's hands without you knowing it. If there isn't that much, maybe it's better. Well, okay. Then we should start by having you as a target. I think, I mean, sometimes people ask about it's impossible to get 100% security and I think that's impossible. I think you should make it as hard as possible. So it's not really worth doing it. It will cost too much and you will only gain a little bit of information. So you are sure that you're making it really hard for these guys? We're trying. And you're working with them, right? You're telling them, hey, give us some feedback, right? That would be nice. I mean... You have IRC logins and stuff Can you go and chat around with the people that hacked the Hillary Clinton? Not really. But I mean, for sure it would be nice if people were kind of scrutinized the solutions a little bit more. I mean, we have our way of verifying things and so on. And for Opti, we have a quite big test suite. A lot of test cases running. But still, I mean, when we develop a feature and we're kind of happy with it and test cases are passing, then you don't pay that much attention to it anymore. But the bad guys, if we say so, they can probably spend quite a lot of time continuing trying to find out the issues and so on. So is it fun to work in security? To work on this kind of stuff? Of course, it's very fun and challenging. And did you cover all the bases? You need to cover everything. And do you have to think about it or how does it work? You have to be critical when you do coding and think of ways that can break and stuff. And you have experience in breaking things and fixing them and stuff like that? Not that much in breaking. Not officially, right? Yeah. All right, that's cool. So this has been a proactive neuroconnect? Yeah, I think so. You have lots of meetings. It was really difficult to find you at the time. What kind of meetings do you have? I mean, I have meetings with... You can imagine all the members that are interested in talking about security and then we have overlaps. I mean, some people... I just came from a session that I had about power management and security. So there we have one area and we have... Jens and I, we had one session about an idea that we would like to use device tree in firmware. So that's another set of people. So basically, let's walk just over here. You are in the embedded space right here. And then there's the LHG, the home group. We have quite a lot of things to do with LHG also. The servers? Well, we have touch servers. There are some of our members that are using servers and they have been playing with Opti also. Yeah. And the mother? LMG, I mean the mobile team, of course. Mobile team, yeah. That is another team that we need to interact with since we have Android and AOSP and so on. Everybody. Everybody. I mean, I think I've been in five meetings with ARM this week in different... Both Cortex-A and them and everything, so... And are people coming with revolutionary new ideas and you're saying, oh my God, this is great. Let's put it in. There are new ideas. I mean, there are things that... There are companies, for example, working with things that we don't really know about and they could actually have been working with it for a while. And that could typically connect either they go public with it officially or they introduce it to us the first time. So there's always some kind of new starting point when we're at Connect that we didn't really know about, that we need to add up. And the work that you're doing might... Because people have been shipping TrustZone and chips for a long time and maybe they weren't using them so much. So maybe there will be much more use of TrustZone now. I definitely think it has. I mean, it is used in quite a few products today, but you're right. I mean, it had quite a slow start. It's been available on ARM chip since 2004 or 2005. Maybe even a bit sooner than that, so... I think I did a video 10 years ago about it. Yeah, exactly. Oh my God, we can get rid of passwords. Yeah, exactly. But it's still passwords. It's still passwords. I mean, that's another thing that people are working with. You're probably aware of FIDE Alliance, I guess. And they're working also with making these for you as a user to get rid of passwords and so on. Are you too? Is it part of your work too? Well, we would like to. But yeah, there's some kind of limit how much we can do at the same time. And they enable 100% security, right? No, not again. Not again. I don't think you can gain 100% security. Even though I really would like that it should be possible. I don't think it's possible. I think so. I hope so. You think so? I'm still saying that if you make it too costly and you gain too little by investing that cost to break a device, then you probably have quite good security. If it costs a million dollars to hack one light, then it's OK. Then it's OK. But if it costs one million to hack 10 million light bulbs and you can use them in a botnet, then things will probably need to be looked into.