SPRADO0 November   2024 F29H850TU , F29H859TU-Q1

 

  1.   1
  2.   Abstract
  3.   Trademarks
  4. 1Introduction
  5. 2The Need for a Comprehensive Security Approach
  6. 3Cryptographic Functions
    1. 3.1 Encryption and Decryption
    2. 3.2 Hashing, Digital Signing, and Authentication
    3. 3.3 Random Number Generators (RNGs)
  7. 4Establishing a Root of Trust
    1. 4.1 Secure Storage of Secrets
    2. 4.2 Preserving Key and Code Security
    3. 4.3 Secure Boot
  8. 5Secure Execution Environment
  9. 6Security Countermeasures
  10. 7Debug Security
  11. 8Conclusion

2 The Need for a Comprehensive Security Approach

Cybersecurity in embedded microcontrollers is directly connected to the safety and functionality of the systems they are deployed in. These systems are often used for critical applications, such as automotive systems, medical devices and industrial control systems. These devices can be vulnerable to various types of attacks, such as data and intellectual property theft, denial-of-service, malware injection, remote control, and physical tampering. Even devices not directly connected to the internet can be exploited by these types of attacks, as evidenced by high-profile exploits such as Stuxnet and Rowhammer. In the automotive market, vehicle thefts accomplished using man-in-the-middle attacks and CAN injection exploits have risen in prominence and frequency, highlighting the need for stronger run-time security protections.

The increased complexity of embedded software in these systems also provides more opportunities for attackers to gain a foothold. For instance, while secure debug (“JTAG Lock”) can provide a reasonably strong protection for the boundary of the chip, communication interfaces such as CAN, SPI and I2C can provide potential entry points for malware or malicious input. Additionally, side-channel analysis and fault injection attacks can be used to bypass existing security protections, or even extract secrets and encryption keys. A cryptographically authentic root of trust, known as secure boot, is necessary to defend against malware that can be potentially introduced into the system through unauthorized firmware updates. A wide variety of embedded devices today feature some form of secure boot to ensure firmware integrity before execution, whether code is stored in external or internal Flash memory.

However, even in embedded flash microcontrollers, secure boot alone is not sufficient. Effective context isolation and memory protection serves to protect critical system code from malware introduced through vulnerable external interfaces, such as communication ports.

Additionally, software implementations of cryptographic algorithms have been the subject of many side-channel attacks, such as timing attacks, resulting in exposed secrets. Software cryptographic algorithms may also fail to meet system performance requirements due to their computational complexity. Hardware cryptographic accelerators can significantly improve the performance of these algorithms, and provide built-in protections against common attacks.