Establishing hardware roots of trust for internet-of-things devices

What is claimed is: 1 . An apparatus comprising: a system-on-chip (SoC), the SoC comprising: a security processor comprising an instruction set, the instruction set comprising one or more trusted instructions; an encrypted memory unit operably coupled to the security processor, the encrypted memory unit to store a plurality of information elements and to isolate a first one of the plurality of information elements from a second one of the plurality of information elements; and one or more security primitive logic units (SPLUs) operably coupled to the security processor, at least one of the one or more trusted instruction to comprise logic to be executed, at least in part, by the one or more SPLUs. 2 . The apparatus of claim 1 , the security processor to execute at least one of the one or more trusted instructions to provide a plurality of roots of trust in a network of physical objects. 3 . The apparatus of claim 1 , comprising a general purpose input and output (GPIO) connector operably coupled to the SoC, the SoC to send or receive a control signal to one or more auxiliary devices via the GPIO connector. 4 . The apparatus of claim 3 , the SoC device comprising an input and output (I/O) interconnect controller operably coupled to the security processor and the one or more SPLUs, the I/O interconnect controller to communicatively couple the security processor and the one or more SPLUs. 5 . The apparatus of claim 4 , the I/O interconnect controller comprising: a high throughput I/O interconnect; and a low throughput I/O interconnect. 6 . The apparatus of claim 5 , comprising a fabric router operably coupled to the low throughput I/O interconnect and the one or more SPLUs, the fabric router to route at least one of the trusted instructions or one of the plurality of information elements between the low throughput I/O interconnect and the one or more SPLUs. 7 . The apparatus of claim 6 , the GPIO connector operably coupled to the SoC via the low throughput I/O interconnect and the fabric router. 8 . The apparatus of claim 7 , the one or more auxiliary devices comprising a sensor, an actuator, or an indicator. 9 . The apparatus of claim 7 , the one or more auxiliary device comprising an indicator to communicate a secure pin via an out-of-band channel to establish a root of trust. 10 . The apparatus of claim 9 , the indicator a light emitting diode (LED), an organic LED, a liquid crystal display, a cathode ray tube display, a speaker, a haptic indicator, a short wave radar transmitter, or a near field communication (NFC) radio. 11 . The apparatus of claim 9 , the root of trust to attest to the authenticity of the apparatus or to provision the apparatus with security settings. 12 . The apparatus of claim 1 , the encrypted memory unit comprising a memory controller, the memory controller to receive a control signal to include an indication that the first one of the plurality of information elements corresponds to a first task and the second one of the plurality of information elements corresponds to a second task and to isolate the first one of the plurality of information elements from the second one of the plurality of information elements based on the received control signal. 13 . The apparatus of claim 1 , the one or more SPLUs comprising a one time programmable fuse, a cryptographic key, an asymmetric storage key, a secure boot read only memory, a cryptographic accelerator, an elliptic curve cryptography accelerator, a modular exponentiation accelerator, or a random number generator. 14 . The apparatus of claim 1 , the security processor a low power processor, a uIA class processor, or a 64-bit processor. 15 . The apparatus of claim 1 , the one or more trusted instructions to comprise one or more cryptographic instructions. 16 . A system for establishing roots of trust in a network comprising: a system-on-chip (SoC), the SoC comprising: a security processor comprising an instruction set, the instruction set comprising one or more trusted instructions; an encrypted memory unit operably coupled to the security processor, the encrypted memory unit to store a plurality of information elements and to isolate a first one of the plurality of information elements from a second one of the plurality of information elements; and one or more security primitive logic units (SPLUs) operably coupled to the security processor, at least one of the one or more trusted instruction to comprise logic to be executed, at least in part, by the one or more SPLUs; one or more auxiliary devices operably coupled to the SoC; and a radio operably coupled to the SoC. 17 . The system of claim 16 , the security processor to execute at least one of the one or more trusted instructions to provide a plurality of roots of trust in an network. 18 . The system of claim 16 , comprising: a high throughput I/O interconnect; a low throughput I/O interconnect; a fabric router operably coupled to the low throughput I/O interconnect and the one or more SPLUs, the fabric router to route at least one of the trusted instructions or one of the plurality of information elements between the low throughput I/O interconnect and the one or more SPLUs. 19 . The system of claim 18 , comprising a general purpose input and output (GPIO) connector operably coupled to the SoC via the fabric router, the SoC to send or receive a control signal to one or more auxiliary devices via the GPIO connector. 20 . The system of claim 19 , the one or more auxiliary devices comprising a sensor, an actuator, or an indicator. 21 . The system of claim 16 , the encrypted memory unit comprising a memory controller, the memory controller to receive a control signal to include an indication that the first one of the plurality of information elements corresponds to a first task and the second one of the plurality of information elements corresponds to a second task and to isolate the first one of the plurality of information elements from the second one of the plurality of information elements based on the received control signal. 22 . The system of claim 16 , the one or more SPLUs comprising a one time programmable fuse, a cryptographic key, an asymmetric storage key, a secure boot read only memory, a cryptographic accelerator, an elliptic curve cryptography accelerator, a modular exponentiation accelerator, or a random number generator. 23 . The system of claim 16 , the security processor a low power processor, a uIA class processor, or a 64-bit processor. 24 . A method comprising: receiving, at a secure System-on-Chip (SoC), a first task request, the first task request to include an indication to execute a first one of a plurality of trusted instructions, the secure SoC comprising a security processor and an encrypted memory, the security processor comprising an instruction set comprising the plurality of trusted instructions; executing the first one of the plurality of trusted instruction to provide one or more roots of trust in an network; and enforce a boundary of the first task request. 25 . The method of claim 24 , comprising: generating a first information element based on the first task request; and storing the first information element in the encrypted memory. 26 . The method of claim 25 , comprising: receiving, at the secure SoC, a second task request, the second task request to include an ind