EEMBC® SecureMark™ is an objective, standardized benchmarking framework for measuring the efficiency of cryptographic processing solutions. Within SecureMark, EEMBC plans to support test and analysis of various security profiles for different application domains. The first of these to be available for licensing is SecureMark-TLS, which focuses on Transport Layer Security (TLS) for internet of things (IoT) edge nodes.
The SecureMark-TLS benchmark profile models the cryptographic operations required for the Transport Layer Security (TLS) protocol used for secure internet communication. The TLS protocol provides privacy and integrity of the exchanged messages and can authenticate the communicating parties. SecureMark-TLS measures the performance and energy consumption of a physical device (development board or end-product) for a prescribed set of cryptographic functions. The energy measurements are aggregated into a final, single score that is representative for the TLS operations for an IoT edge node device. Other measurements, such as the size and security robustness of the implementation, can be described in a disclosure report. Besides the hardware area and software footprint, the disclosure report can include a description of all relevant implementation details, such as the hardware device tested, the software library version used, compiler options and flags, and hardware crypto engine details if applicable.
The SecureMark-TLS software consists of a host PC application and embedded DUT (device under test) software. The host application drives the execution of the benchmark by using the testbed hardware boards to send commands to the DUT to perform cryptographic operations. It receives the results of the operations for checking, and it obtains power and timing measurements from the Energy Monitor. Since the implementation of the cryptography can be any combination of hardware and software, only an API is defined by EEMBC and not the source code of the implementation.
To simplify porting and provide an easy starting point, the embedded software provided by EEMBC includes a reference port of the required cryptographic operations. It implements the test harness API using the cryptography functions from the ‘mbed TLS’ open source project, an implementation of the TLS protocol stack that is used in many embedded devices.
Key Characteristics of the EEMBC SecureMark-TLS Benchmark
- Analyzes the costs associated with implementing TLS on an edge device using a common IoT cyphersuite comprised of ECC & ECDSA on the NIST secp256r1 curve, SHA256, and AES128-CCM/ECB
- Provides an industry-created and standardized tool for application developers to analyze security implementations
- Measures performance, energy and power
- Tests the combination of microcontroller, hardware and/or software security products, and compiler options (size vs. speed tradeoffs)
Working Group Status
The SecureMark-TLS profile is in beta-test, where members evaluate the release candidate software on their platforms. We are testing for compatibility and ensuring the workload has been properly balanced.
Estimated completion time for this phase is early Q3 2018.
- Mike Borza, Synopsys
- Ruud Derwig, Synopsys
Join the Working Group
Join the EEMBC SecureMark benchmark working group to:
- help determine the exact details of the next SecureMark benchmark;
- ensure the benchmarks are representative of all possible scenarios; and
- avoid a competitive disadvantage!