Wednesday, November 01, 2017
The proliferation of the Internet of Things (IoT) has spawned numerous security and privacy challenges, prompting the development of more secure memories — particularly flash.
Winbond Electronics last week announced it was meeting these challenges with the expansion of its TrustME Secure Flash products portfolio based on the Trusted Computing Group (TCG) Device Identifier Composition Engine (DICE) Architecture specification, which defines new security and privacy technologies applicable to systems and components. The goal is to provide new approaches to enhancing security and privacy with minimal silicon requirements.
The company also announced an expansion of its TrustMETM Secure Flash products portfolio aligned with Platform Security Architecture (PSA) from Arm. Winbond's TrustMETMW75F Secure Flash provides designers with secure memory solution for IoT, mobile, artificial intelligence, and other demanding applications that call for a secure root of trust, privacy, authentication, code and data confidentiality.
Ilia Stolov, general manager of Winbond Israel and one of the leads on the company's TrustME initiative, said the current generation of secure controllers is based on embedded flash memory architecture. This architecture provides strong security levels for code and data. But there are major constraints, too, he said, including memory scalability, cost and limited performance and foundry capabilities. “Today, the smallest available manufacturing process node for embedded flash is 40nm,” Stolov said.
Meanwhile, said Stolov, system-on-chip (SoC) devices for advanced applications, such as smart grids, advanced driver-assistance systems (ADAS) and artificial intelligence require high-performance, high-security levels and large memory densities, which could be met on manufacturing process nodes 22nm and smaller where embedded memory is unavailable. He said TrustME W75F Secure Flash was created to address the need for a secure, non-volatile storage that is independent of the SoC process node and foundry capabilities.
“This storage had to be at least as secure and robust as an embedded flash,” Stolov said.
Rigorous security was the obvious, primary driver for the TrustME product, said Stolov. “The major challenge was to design a flash device as secure as embedded flash without compromising on cost and performance. The flash memory design flow and flash memory manufacturing process are significantly different compared to digital design methods and techniques,” he said.
Winbond had challenges at all steps and levels, starting from the device architecture up to challenges on the back-end flow, and design verification, he said. “We adjusted existing methods and invented new ones to meet the main goal: security," he added. "We had to implement all the needed logic inside a flash die using Winbond's in-house process.”
Another challenge was security certification of the product with Common Criteria EAL5+ level. “At that time nobody knew which protection profile to use for the first secure memory evaluation,” said Stolov. Winbond worked with well-known and most credible partners to define protection profile and to evaluate the secure memory.
Outside of security, a key goal from a usability standpoint was making the interface transparent the CPU so performance was sacrificed, while supporting ease of coding and existing software techniques, said Stolov. “We have gone to great extent to make our Secure Flash interface IP easy to integrate and test in customers' platforms by offering full verification environment, FPGA version and demo systems," he said.
Prior to the IoT boom, Winbond targeted mobile wallet, biometric data storage and embedded UICC in smartphones for its secure memory, said Stolov. “In the near future, our smartphones will not just replace credit cards but also carry our biometric passports and identification cards, and allow the usage of several SIM cards — all that will drive to solutions with much bigger secure memories.”
He said the ARM Platform Secure Architecture (PSA) clearly outlines a requirement for secure boot, root of trust and secure storage for every IoT MCU and SoC, and by providing Common Criteria EAL5+ certification, TrustME can meet those requirements. Stolov said standards are an excellent driving force, but that implementation and deployment move at a faster pace than what standardization bodies can address. “ARM PSA in one attempt in closing this gap, but it is by no means a standard. It is a set of requirements created by one company to address urgent needs of the market," Stolov dsif. We feel the same about TrustME.”
Stolov said Winbond isn't aware of an alternative to its TrustME technology, other than embedded flash in a secure monolithic chip. “The usage of disruptive memory technologies such as MRAM and RRAM in secure devices is yet unknown,” he added. “These technologies have been in development for many years and thus have not been exposed to rigorous security analysis and evaluation. Flash, on the other hand, is a tried-and-true solution, which passed security certifications on many devices.”
Memory security started attracting attention in the early 2000s ago due in large part to Spansion, now part of Cypress Semiconductor, said Jim Handy, principal analyst with Objective Analysis. “It's been more important in the automotive market than anywhere else in the last 15 years." An early example would be in the control memory for transmissions, which could be hacked out or tuned by an engineer for performance enhancements that caused the engine “to blow up” during the warranty period, he said.
The modifications couldn't be detected so the automotive industry asked Spansion for features to inhibit reprogramming. “Zoom ahead 15 years and you have people with malware wanting to reprogram just about anything.” Handy said hackers could potentially send remote firmware updates to a device with an “evil piece of code” and hold a home hostage by manipulating its temperature through a NEST thermostat. “I could picture hackers programming SSDs to find sensitive information,” Handy said.
Winbond started out as an SRAM company in the 1990s, Handy noted, but has gone into NOR flash in a big way, and is primed to take the business Spansion previously had. “I'm not aware of anyone else that has security hooked into their NOR flash the way Spansion does,” Handy said. “What [Winbond is] doing is positioning themselves to take to take Spansion's business from that market.”
Copyright © 2017 CST, Inc. All Rights Reserved