Security Takes Center Stage for MCUs

Enabling Secure IoT

Embedded systems face security challenges unlike those in the IT realm. To meet those needs, microcontroller vendors continue to add ever-more sophisticated security features to their devices—both on their own and via partnerships with security specialists.

By Jeff Child, Editor-in-Chief

For embedded systems, there is no one piece of technology that can take on all the security responsibilities of a system on their own. Indeed, everything from application software to firmware to data storage has a role to play in security. That said, microcontollers have been trending toward assuming a central role in embedded security. One driving factor for this is the Internet-of-Things (IoT). As the IoT era moves into full gear, all kinds of devices are getting more connected. And because MCUs are a key component in those connected systems, MCUs have evolved in recent years to include more robust security features on chip.

That trend has continued over the last 12 months, with the leading MCU vendors ramping up those embedded security capabilities in a variety of ways—some on their own and some by teaming up with hardware and software security specialists.

Built for IoT Security

Exemplifying these trends, Microchip Technology in June released its SAM L10 and SAM L11 MCU families (Figure 1). The devices were designed to address the increasing risks of exposing intellectual property (IP) and sensitive information in IoT-based embedded systems. The MCU families are based on the Arm Cortex-M23 core, with the SAM L11 featuring Arm TrustZone for Armv8-M, a programmable environment that provides hardware isolation between certified libraries, IP and application code. Security features on the MCUs include tamper resistance, secure boot and secure key storage. These, combined with TrustZone technology, protect applications from both remote and physical attacks.

Figure 1
The SAM L10 and SAM L11 MCU families provide TrustZone for Armv8-M hardware isolation between certified libraries, IP and application code. The MCUs also feature tamper resistance, secure boot and secure key storage.

In addition to TrustZone technology, the SAM L11 security features include an on-board cryptographic module supporting Advanced Encryption Standard (AES), Galois Counter Mode (GCM) and Secure Hash Algorithm (SHA). The secure boot and secure key storage with tamper detection capabilities establish a hardware root of trust. It also offers a secure bootloader for secure firmware upgrades.

Microchip has partnered with Trustonic, a member of Microchip’s Security Design Partner Program, to offer a comprehensive security solution framework that simplifies implementation of security and enables customers to introduce end products faster. Microchip has also partnered with Secure Thingz and Data I/O Corporation to offer secure provisioning services for SAM L11 customers that have a proven security framework.

Wireless MCU

Likewise focusing on IoT security, NXP Semiconductor in February announced its K32W0x wireless MCU platform. According to NXP, it’s the first single-chip device with a dual-core architecture and embedded multi-protocol radio. It provides a solution for miniaturizing sophisticated applications that typically require a larger, more costly two-chip solution. Examples include consumer devices such as wearables, smart door locks, thermostats and other smart home devices.

The K32W0x embeds a dual-core architecture comprised of an Arm Cortex-M4 core for high performance application processing and a Cortex-M0+ core for low-power connectivity and sensor processing. Memory on chip includes 1.25 MB of flash and 384 KB of SRAM. Its multi-protocol radio supports Bluetooth 5 and IEEE 802.15.4 including the Thread IP-based mesh networking stack and the Zigbee 3.0 mesh networking stack.

Figure 2
Security features of the K32W0x MCU include a cryptographic sub-system that has a dedicated core, dedicated instruction and data memory for encryption, signing and hashing algorithms including AES, DES, SHA, RSA and ECC.

Features of the K32W0x’s security system include a cryptographic sub-system that has a dedicated core, dedicated instruction and data memory for encryption, signing and hashing algorithms including AES, DES, SHA, RSA and ECC. Secure key management is provided for storing and protecting sensitive security keys (Figure 2). Support is enabled for erasing the cryptographic sub-system memory, including security keys, upon sensing a security breach or physical tamper event. The device has a Resource Domain Controller for access control, system memory protection and peripheral isolation. Built-in secure boot and secure over-the-air programming is supported to assure only authorized and authenticated code runs in the device.

To extend the on-chip security features of the K32W0x MCU platform, NXP has collaborated with B-Secur, an expert in biometric authentication, to develop a system that uses an individual’s unique heart pattern (electrocardiogram/ECG) to validate identity, making systems more secure than using an individual’s fingerprint or voice.

IP Boosts Security

For its part, Renesas Electronics addressed the IoT security challenge late last year when it expanded its RX65N/RX651 Group MCU lineup.  …

Read the full article in the October 339 issue of Circuit Cellar

Don’t miss out on upcoming issues of Circuit Cellar. Subscribe today!

Note: We’ve made the October 2017 issue of Circuit Cellar available as a free sample issue. In it, you’ll find a rich variety of the kinds of articles and information that exemplify a typical issue of the current magazine.

MCUs Bring Enhanced Security to IoT Systems

Microchip has announced its SAM L10 and SAM L11 MCU families addressing the growing need for security in IoT applications. The new MCU families are based on the Arm Cortex-M23 core, with the SAM L11 featuring Arm TrustZone for Armv8-M, a programmable environment that provides hardware isolation between certified libraries, IP and application code. Security features on the MCUs include tamper resistance, secure boot and secure key storage. These, combined with TrustZone technology, protect applications from both remote and physical attacks.

In addition to TrustZone technology, the SAM L11 security features include an on-board cryptographic module supporting Advanced Encryption Standard (AES), Galois Counter Mode (GCM) and Secure Hash Algorithm (SHA). The secure boot and secure key storage with tamper detection capabilities establish a hardware root of trust. It also offers secure bootloader for secure firmware upgrades.

Microchip has partnered with Trustonic, a member of Microchip’s Security Design Partner Program, to offer a comprehensive security solution framework that simplifies implementation of security and enables customers to introduce end products faster. Microchip has also partnered with Secure Thingz and Data I/O Corporation to offer secure provisioning services for SAM L11 customers that have a proven security framework.

Both MCU families offer Microchip’s latest-generation Peripheral Touch Controller (PTC) for capacitive touch capabilities. Designers can easily add touch interfaces that provide an impressively smooth and efficient user experience in the presence of moisture and noise while maintaining low power consumption. The touch interface makes the devices ideal for a myriad of automotive, appliance, medical and consumer Human Machine Interface (HMI) applications.

The SAM L10 and SAM L11 Xplained Pro Evaluation Kits are available to kick-start development. All SAM L10/L11 MCUs are supported by the Atmel Studio 7 Integrated Development Environment (IDE), IAR Embedded Workbench, Arm Keil MDK as well as Atmel START, a free online tool to configure peripherals and software that accelerates development. START also supports TrustZone technology to configure and deploy secure applications. A power debugger and data analyzer tool are available to monitor and analyze power consumption in real time and fine tune the consumption numbers on the fly to meet application needs. Microchip’s QTouch Modular Library, 2D Touch Surface Library and QTouch Configurator are also available to simplify touch development.

Devices in the SAM L10 series are available starting at $1.09 (10,000s). Devices in the SAM L11 series are available starting at $1.22 (10,000s).

Microchip Technology | www.microchip.com

Verifying Code Readout Protection Claims

Think Like an Attacker

How do you verify the security of microcontrollers? MCU manufacturers often make big claims, but sometimes it is in your best interest to verify them yourself. In this article, Colin discusses a few threats against code readout and looks at verifying some of those claimed levels.

By Colin O’Flynn

You’ve got your latest and greatest IoT toaster designed, and you’re looking to move forward with production. But one thing concerns you: How do you know this stellar code isn’t going to be cloned as soon as you release it to the market?

You turn to the firmware protection features of your chosen microcontroller, but how good is it? This article can’t hope to answer that question in general, rather it will instead give you a short example of how to help answer that question for any specific microcontroller.

In particular, it will teach you to “think like an attacker” when reading through datasheets. Look for small loopholes that could have big consequences, and you will have a much better time navigating the landscape of potential attacks.

Know What’s Out There

One of the most important things is to keep an eye out for new and interesting attacks against these devices. In my January 2018 article (Circuit Cellar 330) I described how there is a published attack against some of the NXP LPC devices, which makes it very easy to unlock them. You can see the presentation entitled “Breaking Code Read Protection on the NXP LPC-family Microcontrollers” by Chris Gerlinsky which describes this attack. Another recent one is an attack against STMicroelectronics’ STM32F0 devices entitled “Shedding Too Much Light on a Microcontroller’s Firmware Protection” by Johannes Obermaier and Stefan Tatschner. That one is a little more limited, but still has some interesting information regarding potential security attacks.

I’m hoping to distill some of these attacks down into common problems, which will help you close a few loopholes before someone rips off your IoT toaster design. At least now if it fails in the marketplace you have no one to blame but yourself.
To give you something concrete to read (and for me to reference), I’ve chosen to use the ST STM32F303 series because it’s a device I’ve been using myself lately. I’m not going to be revealing any unknown vulnerabilities—so if you’re reading this from your office at  STMicroelectronics, no need to sweat. It also has some pretty common configuration options, so makes for a nice reference you can apply to a range of other devices.

ST Read Protection (RDP)

The first step when you are looking at a new device should be to very carefully inspect the security or debug lock protection portion of the datasheet. They will typically go into a fair amount of detail around how the protection mechanism works.
The STM32F3 Reference Manual (RM0316) has this split into two sections. Section 5, entitled “Option byte description” provides information about how the flags are stored in flash. Section 4.3 entitled “Memory Protection” details how this is actually used to protect the code in your device.

Table 1
This excerpt from the datasheet shows how the flash memory read protection levels are defined for the STM32F3 device.

The two important pieces of information for us are replicated in Table 1 and
Table 2. They are the flash memory protection levels, and the associated access allowed at each level. The RDP byte is a special “option byte”, which is the value of a specific location in flash memory. Note the scheme they have chosen uses two bytes, where one is always programmed to be the complement of the other byte. This is presumably used for error checking, and if a byte is not matched with a complement, an error flag is set.

Table 2
Code protection levels 1 and 2 have differing protection abilities. This excerpt from the datasheet shows where flash memory can be read/written/executed from.

Right away you should notice that this scheme does not fall victim to the same problem as the LPC attack I talked about before. In particular the LPC attack exploited the fact a fault or glitch could corrupt the flag value, which caused the CPU to disable the protection.

With the STM32F303, these invalid levels will all map to Protection Level 1. This protection level does not allow external flash access, which “should” be a good sign. The highest protection level also claims to be impossible to remove, but if we could corrupt the value of the option bytes in memory we could downgrade from Protection Level 2 to Protection Level 1. In fact, this “downgrade” is exactly what was presented by Obermaier & Tatschner. The downgrade used a chip decapsulation and light to flip the bits, which is relatively invasive. Other fault attacks (such as voltage or EM) might work but would require investigation before assuming that. Such temporary fault attacks would require the value is read and latched.

But as a good designer, you should assume such faults could be made possible. In this case it would be possible to “downgrade” the device from Protection Level 2 to Protection Level 1. So, what happens if an attacker performed this downgrade? That takes us into the second part of this article. …

Read the full article in the July 336 issue of Circuit Cellar

Don’t miss out on upcoming issues of Circuit Cellar. Subscribe today!

Note: We’ve made the October 2017 issue of Circuit Cellar available as a free sample issue. In it, you’ll find a rich variety of the kinds of articles and information that exemplify a typical issue of the current magazine.

Microchip Launched Two New MCU Families

Microchip Technology has made available its new SAM D5x and SAM E5x microcontroller (MCU) families. These new 32-bit MCU families offer extensive connectivity interfaces, high performance and robust hardware-based security for a wide variety of applications. The SAM D5/E5 MCUs combine the performance of an ARM Cortex-M4 processor with a Floating Point Unit (FPU). This combination offloads the Central Processing Unit (CPU), increasing system efficiency and enabling process-intensive applications on a low-power platform.

35352057604_77bb4aab93_m

Running at up to 120 MHz, the D5x and E5x MCUs feature up to 1 MB of dual-panel Flash with Error Correction Code (ECC), easily enabling live updates with no interruption to the running system. Additionally, these families are available with up to 256 KB of SRAM with ECC, vital to mission-critical applications such as medical devices or server systems.

These new MCUs have multiple interfaces that provide design flexibility for even the most demanding connectivity needs. Both families include a Quad Serial Peripheral Interface (QSPI) with an Execute in Place (XIP) feature. This allows the system to use high-performance serial Flash memories, which are both small and inexpensive compared to traditional pin parallel Flash, for external memory needs.

The SAM D5/E5 devices also feature a Secure Digital Host Controller (SDHC) for data logging, a Peripheral Touch Controller (PTC) for capacitive touch capabilities and best-in-class active power performance (65 microA/MHz) for applications requiring power efficiency. Additionally, the SAM E5 family includes two CAN-FD ports and a 10/100 Mbps Ethernet Media Access Controller (MAC) with IEEE 1588 support, making it well-suited for industrial automation, connected home and other Internet of Things (IoT) applications.

Both the SAM D5x and E5x families contain comprehensive cryptographic hardware and software support, enabling developers to incorporate security measures at a design’s inception. Hardware-based security features include a Public Key Cryptographic Controller (PUKCC) supporting Elliptic Curve Cryptography (ECC) and RSA schemes as well as an Advanced Encryption Standard (AES) cipher and Secure Hash Algorithms (SHA).

The SAM E54 Xplained Pro Evaluation Kit is available to kick-start development. The kit incorporates an on-board debugger, as well as additional peripherals, to further ease the design process. All SAM D5x/E5x MCUs are supported by the Atmel Studio 7 Integrated Development Environment (IDE) as well as Atmel START, a free online tool to configure peripherals and software that accelerates development. SAM D5x and SAM E5x devices are available today in a variety of pin counts and package options in volume production quantities. Devices in the SAM D5/E5 series are available starting at $2.43 each in 10,000 unit quantities. The SAM E54 Xplained Pro Evaluation Kit is available for $84.99 each.

Microchip | www.microchip.com

Reliability and Failure Prediction: A New Take

HALT methodology has been a popular way to test harsh environment reliability. A new approach involves PCB design simulation for vibration and acceleration for deeper yet faster analyses.

By Craig Armenti & Dave Wiens—Mentor Board Systems Division

Many electronic products today are required to operate under significant environmental stress for countless hours. The need to design a reliable product is not a new concept, however, the days of depending on a product’s “made in” label as an indicator of reliability are long gone. PCB designers now realize the importance of capturing the physical constraints and fatigue issues for a design prior to manufacturing to reduce board failure and improve product quality.

Simulation results should be available in a two-phase post-processor for each simulation, providing broad input on the PCB’s behavior under the defined conditions.

Simulation results should be available in a two-phase post-processor for each simulation, providing broad input on the PCB’s behavior under the defined conditions.

Although every product is expected to fail at some point. That’s inevitable. But premature failures can be mitigated through proper design when proper attention is paid to potential issues due to vibration and acceleration. ….

Read this article in the August 325 issue of Circuit Cellar

Not a Subscriber yet? Become one today:

 

Or purchase the August 2017 issue at the  CC-Webshop

 

Power Analysis of a Software DES Encryption Routine

This article continues the foray into breaking software security routines, now targeting a software implementation of DES. This builds on a previous example of breaking a hardware AES example.

By Colin O’Flynn

In the previous column, I broke a simple XOR password check using side-channel power analysis. How can we apply this to more complex algorithms though? In my Circuit   Cellar   313   (August   2016) story, I demonstrated how to break the AES encryption standard running on a FPGA.

The EFF’s “Deep Crack” board could brute force a DES key in a matter of days. (Photo courtesy of Electronic Frontier Foundation)

The EFF’s “Deep Crack” board could brute force a DES key in a matter of days. (Photo courtesy of Electronic Frontier Foundation)

While I originally considered breaking a software implementation of AES in this column, there was just too much overlap between those columns. So instead I decided to pick on something new. This time, I’ll cover how we can break a software implementation of DES. The actual process ends up being very similar. But by using a different algorithm, it might help give you a bit of perspective on how the underlying  attack  works.  ….

Read this article in the August 325 issue of Circuit Cellar

Not a Subscriber yet? Become one today:

 

Or purchase the August 2017 issue at the  CC-Webshop

 

CC266: Microcontroller-Based Data Management

Regardless of your area of embedded design or programming expertise, you have one thing in common with every electronics designer, programmer, and engineering student across the globe: almost everything you do relates to data. Each workday, you busy yourself with acquiring data, transmitting it, repackaging it, compressing it, securing it, sharing it, storing it, analyzing it, converting it, deleting it, decoding it, quantifying it, graphing it, and more. I could go on, but I won’t. The idea is clear: manipulating and controlling data in its many forms is essential to everything you do.

The ubiquitous importance of data is what makes Circuit Cellar’s Data Acquisition issue one of the most popular each year. And since you’re always seeking innovative ways to obtain, secure, and transmit data, we consider it our duty to deliver you a wide variety of content on these topics. The September 2012 issue (Circuit Cellar 266) features both data acquisition system designs and tips relating to control and data management.

On page 18, Brian Beard explains how he planned and built a microcontroller-based environmental data logger. The system can sense and record relative light intensity, barometric pressure, relative humidity, and more.

a: This is the environmental data logger’s (EDL) circuit board. b: This is the back of the EDL.

Data acquisition has been an important theme for engineering instructor Miguel Sánchez, who since 2005 has published six articles in Circuit Cellar about projects such as a digital video recorder (Circuit Cellar 174), “teleporting” serial communications via the ’Net (Circuit Cellar 193), and a creative DIY image-processing system (Circuit Cellar 263). An informative interview with Miguel begins on page 28.

Turn to page 38 for an informative article about how to build a compact acceleration data acquisition system. Mark Csele covers everything you need to know from basic physics to system design to acceleration testing.

This is the complete portable accelerometer design. with the serial download adapter. The adapter is installed only when downloading data to a PC and mates with an eight pin connector on the PCB. The rear of the unit features three powerful
rare-earth magnets that enable it to be attached to a vehicle.

In “Hardware-Accelerated Encryption,” Patrick Schaumont describes a hardware accelerator for data encryption (p. 48). He details the advanced encryption standard (AES) and encourages you to consider working with an FPGA.

This is the embedded processor design flow with FPGA. a: A C program is compiled for a softcore CPU, which is configured in an FPGA. b: To accelerate this C program, it is partitioned into a part for the software CPU, and a part that will be implemented as a hardware accelerator. The softcore CPU is configured together with the hardware accelerator in the FPGA.

Are you now ready to start a new data acquisition project? If so, read George Novacek’s article “Project Configuration Control” (p. 58), George Martin’s article “Software & Design File Organization” (p. 62), and Jeff Bachiochi’s article “Flowcharting Made Simple” (p. 66) before hitting your workbench. You’ll find their tips on project organization, planning, and implementation useful and immediately applicable.

Lastly, on behalf of the entire Circuit Cellar/Elektor team, I congratulate the winners of the DesignSpark chipKIT Challenge. Turn to page 32 to learn about Dean Boman’s First Prize-winning energy-monitoring system, as well as the other exceptional projects that placed at the top. The complete projects (abstracts, photos, schematic, and code) for all the winning entries are posted on the DesignSpark chipKIT Challenge website.