06 Apr 2015
Security & Microcontroller Design
Rich Miron, from Digi-Key, looks at the various microcontroller options and the related security techniques that can be adopted.
Data security and the continued safe operation of the device are critically important in medical and military applications.
Microcontroller manufacturers have a lot of built-in of features that, if used properly, can detect and respond to device failure as well as the presence of unauthorized code. System Security.
A secure system is basically one that can’t be copied, corrupted, or taken over by unauthorized parties. Typically thought of as a firewall or software responsibility, MCU manufacturers are increasingly building in hardware safeguards that can help prevent, detect, or at worst recover from attacks on embedded systems.
Aspects of security
There are three aspects to security that need to be considered in embedded designs:
Confidentiality - Applicable to information such as passwords or cryptographic keys. Hardware encryption modules can contribute substantially to data confidentiality.
Integrity - Essentially for data being processed as well as the different components of the MCU—flash memory in particular—and root tables and structures.
Authenticity - If data integrity can’t be assured, at least be sure of authenticity—that is, it hasn’t been changed by an attacker.
Virtually all MCUs check their operating integrity when first initialized or when recovering from a low-voltage condition. These checks occur during a power-on reset (POR) or brownout reset (BOR), though resets may also be triggered by access violations during normal operation.
Texas Instruments’ MSP430 MCUs were one of the first to go for the ultra-low-power mantle. For instance, the MSP430G2230IDR contains dedicated security features. The MSP430’s flash memory controller reports an access violation in response to any erroneous attempts to write to flash. Also, any write to any FCTLx register with any value other than 0A5h in the upper byte is reported as a security key violation.
When the MSP430 is first powered up—or when VCC comes back up after a BOR—a POR signal is generated, which in turn generates a Power-Up Clear (PUC) signal. If the PUC results from a POR then the chip starts to initialize normally, activating the CPU and peripherals. However, if the PUC signal is generated by the Watchdog Timer or flash memory controller reporting a security key violation (Fig. 1), then the device is held in the reset state until the issue is addressed.
Figure 1: MSP430 interrupt priorities (Courtesy of Texas Instruments).
Detecting attempts to tamper with the watchdog timer or the contents of flash memory is key toward preventing the takeover of an embedded system or at least heading off data corruption. However, it’s also possible to simply prevent attackers from gaining access to the boot code in the first place. The MSP430 contains a security fuse that protects code programmed into flash memory.
If third parties can’t read or write to the embedded flash memory on an MCU, they’re effectively prevented from tampering with the device. The Renesas RX631 provides multiple protection settings to prevent access to on-chip flash memory by third parties (Fig. 2). They provide three types of protection:
ID code protection—After the MCU is started in boot mode and a Serial Communications Interface (SCI) connection is established with a host device, ID authentication is performed to prevent a third party from connecting and programming, reading, or erasing the on-chip flash memory.
On-chip debugger ID code protection—After the MCU is started in single-chip mode or user boot mode and a connection is established with an on-chip debugger, ID authentication is performed to prevent a third party from connecting and programming, reading, or erasing the on-chip flash memory.
ROM code protection—When a PROM writer is used, third parties are prevented from programming, reading, or erasing the on-chip flash memory.
The various protection functions are enabled by assigning a control code, an ID code, or a ROM code. ID authentication is performed when a connection is attempted. If authentication fails, the connection is not allowed, preventing reading, programming, or erasing the on-chip flash memory.
Figure 2: RX631 protection setting selection chart (Courtesy of Renesas).
Microchip’s PIC24H MCUs provide both boot and program security (CodeGuard) for program flash memory. PIC24H MCUs support Data RAM protection features that enable segments of RAM to be protected when used in conjunction with Boot and Secure Code Segment Security. When coupled with software encryption libraries, CodeGuard Security enables multiple parties to securely share resources (memory, interrupts, and peripherals) on a single chip.
A high percentage of MCUs are based on ARM cores which provide various hardware security features upon which chip vendors can build.
Larger MCUs may use the ARM Cortex-A-series processors, which include TrustZone security extensions. The TrustZone hardware architecture (Fig. 3) partitions both hardware and software resources so that they exist in two domains: the so-called Secure World for sensitive resources and the Normal World for all others. The two worlds communicate via the TrustZone-enabled AMBA3-AXI bus fabric, which creates a strong perimeter boundary between the two domains, ensuring that no Secure World resources can be accessed by the Normal World components.
Figure 3: The ARM TrustZone hardware architecture (Courtesy of ARM).
The TrustZone architecture enables a single core to run two virtual processors—one in each domain—via a context switch called Monitor Mode, access to which is tightly controlled to ensure the security of both domains.
The 536 MHz Atmel SAMA5D3 MCUs are Cortex-A5 based and incorporate 128 KB of RAM, 128 KB of flash memory, and a high data bandwidth architecture. With its secure boot mechanism, hardware accelerated engines for encryption (AES, TDES) and hash function (SHA), the SAMA5D3 ensures anti-cloning, code protection, and secure external data transfers.
Being able to partition off two operating systems can provide excellent security, but going this route raises issues of cost, complexity, and code size. MCUs more commonly use Cortex-M-series processors, which are optimized for low-cost, low-power, and mixed-signal embedded.
Cortex-M4, Cortex-M3, and Cortex-M0+ MCUs include an optional memory protection unit (MPU) that provides fine-grain memory control, enabling applications to implement security privilege levels and separate code, data, and stack on a task-by-task basis.
Cortex-M4 processors (Fig. 4) are the largest of the M-series line. For security they provide an optional 8-region MPU. If access is made to an area of memory without the required permissions, a permission fault is raised, triggering a non-maskable interrupt (NMI) that initiates protective action by the RTOS or application code.
Figure 4: ARM Cortex-M4 block diagram (Courtesy of ARM).
In addition to an MPU, STMicroelectronics’ Cortex-M4-based STM32F2 MCU features a CRC calculation unit to verify data transmission or storage integrity. The CRC calculation unit helps compute a software signature during runtime that is compared with a reference signature generated at link-time and stored at a given memory location.
Cortex-M3 processors are basically Cortex-M4s without DSP instructions and an (optional) floating point unit. Texas Instruments’ Stellaris M3 line includes the Cortex-M3 MPU as well as system control block (SCB) registers that can only be accessed from privileged mode. In addition, the flash memory controller (FMC) allows application of flash memory protection on a 2 KB block basis. For more information check out TI’s Product Training Modules “Introduction to Stellaris Cortex M3 Microcontroller” and “Stellaris Cortex M3 Microcontroller Feature Set” on Digi-Key’s website (http://www.digikey.com/ptm/ptmmaster.page).
Silicon Labs’ Cortex-M3-based SiM3C167 Precision32 MCUs have a register lock and key mechanism that prevents any undesired accesses of the peripherals from firmware (Fig. 5). A key sequence must be written to the KEY register to modify any of the bits in PERIPHLOCKx. Any subsequent write to KEY will then inhibit any accesses of PERIPHLOCKx until it is unlocked again through KEY. If a peripheral’s registers are locked, all writes will be ignored. The registers can always be read, regardless of the peripheral’s lock state. The Digi-Key Product Training Module “Precision32 ARM Cortex-M3 MCU Introduction” provides more insight into the product.
Figure 5: Precision32 peripheral lock scheme (Courtesy of Silicon Labs).
The low-power Cortex M0+ processors also include the optional 8-region MPU available in its larger counterparts. Freescale’s Cortex-M0+-based Kinetis KL02 adds security circuitry to prevent unauthorized access to RAM and flash contents. When flash security is active, the SWD port cannot access the memory resources of the MCU.
NXP’s LPC4350 includes a Cortex-M4 processor and a Cortex-M0 coprocessor on a single chip. While the tiny Cortex-M0 is lacking in security features, the larger core takes up the slack. In addition to the MPU, the LPC4350 offers hardware to protect stored data content and to accelerate processing for data decryption, data integrity, and proof of origin.
Device security is both a software and hardware problem that can be made easier by the presence of various MCU safety features. Taking advantage of them can result in safe operation in otherwise risky environments.
Page 1 of 1
About the author
Rich Miron is Technical Content Engineer at Digi-Key Corporation in Thief River Falls, Minnesota. His previous experience includes a position as a Senior Engineer for the Bettis Atomic Power Laboratory outside Pittsburgh, Pennsylvania. His main task was the maintenance of manuals for reactor systems in US Navy nuclear ships and the examination and troubleshooting of instrumentation and control systems.
Digi-Key Corporation, based in Thief River Falls, Minn., is a global, full-service provider of both prototype/design and production quantities of electronic components, offering more than four million products from over 650 quality name-brand manufacturers. With over one million products in stock and an impressive selection of online resources, Digi-Key is committed to stocking the broadest range of electronic components in the industry and providing the best service possible to its customers.
Most popular articles in Processing & embedded
Share this page
Want more like this? Register for our newsletter