In this IoT era of connected devices, microcontrollers have begun taking on new roles and gaining new capabilities revolving around embedded security. MCU vendors are embedding ever-more sophisticated security features into their MCU devices and other supporting security solutions.
By Jeff Child, Editor-in-Chief
As the Internet-of-Things (IoT) phenomenon proliferates, platforms of all kinds are getting more connected—everything from factories to cars to consumer devices. For their part, microcontrollers (MCUs) are key components in those connected systems. In turn, those MCUs have in recent years had to embed ever-more sophisticated security features on chip.
No single category of technology is the sole piece of the embedded security puzzle. The problems are multi-faceted: preventing intrusions by hackers, encrypting the data in case an intruder gets in, ensuring the components themselves aren’t tampered with—there are many layers to consider. Everything from application software to operating systems to data storage has a role to play in security. For the purposes of this article, we’ll focus on the technology solutions in the form of security-focused MCUs, software tool solutions and dedicated security edge devices. Over the last 12 months, the leading MCU vendors have beefed up those embedded security capabilities in a variety of diverse ways.
According to Julian Watson, senior principal analyst, IoT Connectivity at IHS Markit, the exponential growth of IoT devices is expected to continue on its upward trend and is predicted to jump an average of 12% per year from 27.8 billion units in 2017 to over 135 billion units in 2030. More IoT devices in the market means that more of consumers’ personal data is at risk and designers of these devices need to be responsible for ensuring that the IoT ecosystem is genuinely safe and secure for users.
PSoC MCU for IoT Security
Exemplifying those trends, in February Cypress Semiconductor released a new line of its PSoC 6 MCUs aimed at IoT security. The PSoC 64 Secure MCUs integrate standards-based system layer security software with the hardware layer features available in the ultra-low-power PSoC 6 architecture. Specifically, PSoC 64 Secure MCU devices provide an isolated root-of-trust with true attestation and provisioning services (Figure 1).
In addition, the product line includes devices that deliver a pre-configured secure execution environment supporting the system software of various IoT platforms, providing TLS authentication, secure storage and secure firmware management. The MCUs also include a rich execution environment for application development, with an embedded RTOS from Cypress’ ModusToolbox suite that manages communication with the secure execution environment.
PSoC 64 Secure MCUs were one of the first Arm Cortex-M processors to be certified as Level 1 compliant within the Arm Platform Security Architecture (PSA) certification scheme, PSA Certified, utilizing a secure Trusted Firmware-M (TF-M) implementation integrated into the Arm Mbed OS open-source embedded operating system. The line is well suited for cloud-connected products that require protection of user data and trustworthy firmware updates, including personal healthcare devices, medical and chronic disease management equipment and home security solutions.
The line of PSoC 64 Secure MCUs is supported in Cypress’ ModusToolbox suite, which will allow designers to select the system firmware of secure IoT platforms—such as Amazon Web Services (AWS), Arm Pelion and Alibaba—to develop their application, and then configure and verify their secure boot images. The MCUs include a hardware-based root-of-trust consisting of secured storage and firmware, establishing a command-based set of trusted services. The root-of-trust includes hardware accelerated cryptography, as well as true random number generation (TRNG).
Ultra-Small Secure MCUs
The latest MCU from Renesas Electronics with an IoT security twist was rolled out in July. The company announced four new RX651 32-bit MCUs supplied in ultra-small 64-pin BGA and LQFP packages. The MCUs are aimed at addressing advanced security needs for endpoint devices employing compact sensor and communication modules in industrial, network control, building automation and smart metering systems operating at the IoT edge. The new lineup expands Renesas’ RX651 MCU Group with a 64-pin (4.5 mm x 4.5 mm) BGA package that reduces footprint size by 59% compared to the 100-pin LGA, and a 64- pin (10 mm x 10 mm) LQFP that offers a 49% reduction versus the 100-pin LQFP.
The RX651 MCUs integrate connectivity, Trusted Secure IP (TSIP) and trusted flash area protection that enable flash firmware updates in the field through secure network communications (Figure 2). The increase in endpoint devices operating at the edge has increased the need for secure over-the-air (OTA) firmware updates. The new RX651 devices support this reprogramming requirement with integrated TSIP, enhanced flash protection and other technology advancements that offer a more secure and stable solution than other available solutions on the market. …
Read the full article in the September 350 issue of Circuit Cellar
(Full article word count: 2873 words; Figure count: 6 Figures.)
Cypress Semiconductor | www.cypress.com
Maxim Integrated | www.maximintegrated.com
Microchip | www.microchip.com
NXP Semiconductor | www.nxp.com
Renesas Electronics America | www.renesas.com
STMicroelectronics | www.st.com
The Things Industries | www.thethingsindustries.com
Don’t miss out on upcoming issues of Circuit Cellar. Subscribe today!