Oryx Embedded, an ST Partner Program member, published benchmarks demonstrating the STM32H5 can perform cryptographic computations up to 169% faster than the STM32F4. This significantly increases accessibility of networking and security solutions for embedded systems engineers.
In essence, Oryx Embedded enables more efficient microcontroller-based development compared to costlier alternatives like microprocessors. Protocol implementations like TCP, STP and common encryption mechanisms such as SSH, SSL, TLS are straightforward on Unix due to robust libraries, but not as developed for microcontrollers.
Oryx Embedded addresses this challenge by delivering full network and security stacks optimized for real-time operating systems. Their solutions allow developers to focus on applications rather than recreating lower level functionality from scratch. This streamlines projects using the STM32H5 and other microcontrollers for tasks previously reserved solely for more powerful platforms.
Overall, the performance and partner ecosystem advances embedded security and Internet of Things applications by collapsing barriers between microcontrollers and traditional networked systems.
What security on microcontrollers means today
It’s a way to care for end users
Microcontrollers now handle not only increased data processing but also highly sensitive user data like locations, private details and banking information. As a result, hackers face greater incentives to compromise systems, and vulnerabilities carry dramatically severe consequences compared to past years.
This is why ST remains committed to initiatives like STM32Trust and Secure Manager, a turnkey system-level solution simplifying implementation of core protections such as a root of trust. By providing a ready-built system like our new STM32H5 Development Kit with Secure Manager support, our goal is encouraging developers to adopt stronger security best practices in their applications from the outset.
As connected devices proliferate and store ever more valuable and personally identifying information, prioritizing built-in defenses becomes imperative. ST’s solutions aim to make robust security an accessible and painless part of the design process, helping protect end users and the reputation of our customers.
It’s a way to democratize machine learning at the edge
Security is an increasingly important concern with the rise of machine learning applications deployed at the edge. A failure to protect RAM, for instance, could enable hackers to surreptitiously modify neural network algorithms and skew results unknown to users or developers. Similarly, an unsecured network risks man-in-the-middle attacks intercepting sensitive data that could corrupt model training or inferences. Even more severely, a rootkit compromising the system at boot level could block important over-the-air updates intended to evolve a neural network.
While safeguarding networks and bootloaders is not novel, machine learning brings new vulnerabilities that elevate the importance of robust protections. Personalized and autonomous decision-making based on powerful algorithms introduces risks of manipulated outcomes impacting people's lives, private data or critical systems. With edge AI deployment growing rapidly, strong security must be prioritized to maintain integrity of insights and prevent potentially serious cyberattacks. ST's solutions are well-suited to address these challenges and enable trustworthy machine learning everywhere.
It’s a way to innovate
Emerging trends in embedded systems necessitate increasingly stringent security requirements as regulators more closely monitor compliance. However, developers now face pressures to rapidly learn the intricate underpinnings of complex security features in order to adequately safeguard their applications. In essence, some are expected to master specialized domains normally taking years to study—an unrealistic demand impeding innovation.
Moreover, migrating to a microprocessor with embedded Linux is often not commercially viable. Yet designing security solutions from scratch for a microcontroller risks a prohibitively long and difficult development cycle. Experienced with ease-of-use on PCs and Linux, some underestimate the extensive optimization work required under constrained memory and processing conditions of microcontrollers. Integrating with an RTOS further compounds these challenges versus desktop environments.
Without approaches easing this transition, accountability standards risk stifling product development. Expedient security integration remains a crucial need for embedded innovators navigating these technical and market pressures. Approaches like Secure Manager help meet this need through offloading optimization work while upholding assurances.
Why Oryx Embedded Benchmarked the STM32H5 and what can developers expect
STM32F4 vs. STM32H5
Given the pressures on embedded developers, Oryx Embedded conducted thorough benchmark tests comparing the STM32H5 and STM32F4. They evaluated encryption and decryption across multiple algorithms, from AES and MD5 to 3DES, RSA, Diffie-Hellman up to 2048 bits and beyond.
With AES, the STM32H5 demonstrated at least 105% faster performance, and around 150% quicker in many instances. Asymmetric algorithms like RSA also benefited tremendously, realizing approximately 35-40% boosts attributable to the higher clock speed and optimized memory handling.
These substantial gains, published to aid developers, translate directly into real-world impact. Applications leveraging Oryx Embedded's software stack stand to see transformed responsiveness simply by migrating from STM32F4 to STM32H5. The benchmarks validate the STM32H5 helps embedded innovators meet new demands for stringent yet expedient security integration on resource-constrained systems.
Overall, the results demonstrate how the STM32H5 extends the boundaries of what's possible through strengthened yet accessible embedded cryptography perfectly aligned with emerging requirements.
Software vs. Hardware acceleration
Notably, the benchmarks outlined previously examined solely software implementations, failing to leverage the STM32H5's built-in hardware acceleration capabilities for symmetric (AES) and asymmetric (ECDSA, ECDH, RSA, etc.) cryptography.
Therefore, Oryx Embedded conducted additional tests comparing software versus hardware accelerated results. For example, AES-128 encryption or decryption using the dedicated IP exceeds 10 times faster performance over software alone. Similarly, RSA 2048-bit digital signing calculates near instantly at 48.5 ms with hardware, versus 293.3 ms in software – a substantial 6x reduction.
This demonstrates the STM32H5 opens up entirely new application possibilities previously unfeasible due to unacceptable latency from software implementations. Hardware acceleration dramatically shrinks processing times, allowing securely deployed solutions at the edge running algorithms that were computationally prohibitive before.
Collectively, the analysis highlights how the STM32H5 extends the boundaries of embedded security through both optimized software and dedicated cryptographic hardware, transforming the viability of confidentiality and integrity at the endpoint.
Creating secure applications from the start
Oryx Embedded has long delivered stacks and libraries enabling familiar protocols and security across STM32s. However, with the STM32H5's integrated Ethernet, developers can build gateways, web servers and remote systems requiring few if any external modules. This translates to supporting parallel connections without crippled performance or accelerating handshakes for smoother user experiences without compromising security.
Initially using ST's Hardware Abstraction Layer, Oryx Embedded customized even lower levels over time through bare-metal code. This deepened understanding of STM32 architectures, accelerating porting of libraries to new models. Today they offer GPLv2 open-source versions and evaluations, lowering access barriers regardless of experience.
As an ST Partner, Oryx Embedded exemplifies our goal of advancing embedded security accessibility. By directly optimizing for our hardware, they extend the development horizons of all engineers – from beginners to professionals – aligning with ST's mission of empowering innovation through both high-performance solutions and approachable partners. This collaboration continuously enhances what's possible at the endpoint through strengthened yet streamlined security integration.
