On 4/17/15, Andy Isaacson <adi@hexapodia.org> wrote:
... 1. existing SoCs CPUs certainly have errata ... 2. SoCs contain a multitude of "Intellectual Property Blocks" ... 3. SoC interconnects don't have much in the way of security. ... [ more reasons to isolate SoCs ]
for a not designed to fail bus between SoCs, an SPI based protobuf langsec barier'd link between distinct role oriented isolated SoCs would be very useful. the ways to isolate memory and address spaces is cumbersome in all cases for these platforms, so far. and multi-path / multi-home for these links allows as much capacity as you have physical support for. anything bus based or complex like wireless or wired local area networking are pwnholes, and to be avoided... USB condom mode should not be after market; but a core built-in. these are all well known arguments, and i am preaching to the choir :) [ TrustZone, virtualization extensions for ARM, memory read and write once protections, etc. if you trust these, then direct PCIe 4lane interconnect is best, maybe. ]