SHE Secure Hardware Extension

Size: px
Start display at page:

Download "SHE Secure Hardware Extension"

Transcription

1 SHE Secure Hardware Extension Data Security for Automotive Embedded Systems Workshop on Cryptography and Embedded Security Embedded Nuremberg, February 2012

2 Content Data Security - What does it mean for Automotive? SHE - Secure Hardware Extension - A new Standard? SHE - Implementation Outlook 1

3 Data Security What does it mean for Automotive? Areas of Use Applications EVITA Security Categories 2

4 Areas with Demand for Security It s not only onboard electronics that have an impact 3

5 In-Vehicle Data Security Data Security on the road today On-chip Flash/ROM read-out protection against unauthorized access Solution by Fujitsu: Flash/ROM security Available on 16LX,16FX, FR, FCR4 Future, Enhanced Data Security Protect entire car system not limited to Flash/ROM read-out prevention Authentication, Secure Communication and Data Storage within vehicle between vehicles (C2C) between vehicle and infrastructure (C2X) En-/Decryption is key for future state-of-the-art MCUs Embedded and ASSP solutions will find their market segment Complexity of security implementations scales with use case 4

6 Target Applications Theft protection / Immobilizer Prevent unauthorized operation of vehicle Disable ignition and alike Component Protection Membership validation of all ECUs built in a particular vehicle Exchanging 1 ECU without authentication degrades functionality as unauthenticated functions will not work stops operation of all networked ECUs at next system start E.g. when engine control ECU is affected Feature Activation Enables certain functions in the delivered SW-package Gives OEM opportunity in after sales revenues 5

7 ECUs to be protected by Cryptography Gateway Body Computer Module 1 Body Computer Module 2 Climate Control Thermo Management Unit Active Engine Mount Instrument Cluster Night Vision Battery Management System Charger Safety Computer Adaptive Cruise Control Engine Control Gear Box Electronic Steering Column Lock Power Electronics Hybrid Central Computer Rear Seat Entertainment Sound DVDC TV-Tuner 21 ECU in total SOP

8 EVITA European research project June 2008 Dec 2011 E-safety vehicle intrusion protected applications Objective: Design, verify, and prototype an architecture for automotive on-board networks where security-relevant components are protected against tampering and sensitive data are protected against compromise when transferred inside a vehicle. More found at 7

9 Security Models - Categorization Full EVITA HSM Medium EVITA HSM Light EVITA HSM V2X communication On-board communication On-board communication Maximum level of functionality, security and performance Asymmetric cryptographic engine & Hash engine User-programmable functionality Maximum level of functionality and security Symmetric cryptographic engine User-programmable functionality Optimized for low cost HW-solution Symmetric cryptographic engine e.g. AES-128 Pre-defined functionality Secure 100 MHz Secure 25 MHz Secure Zone no CPU needed 64k 64k Optional NV Memory 512k 512k Optional NV RAM PRNG with TRNG seed PRNG with TRNG seed Optional T/PRNG Security LT > 20 years 8

10 SHE Secure Hardware Extension A New Standard? SHE - Security Objectives SHE - Building Blocks SHE - Performance Requirements 9

11 HIS - SHE HIS = Hersteller Initiative Software SHE = Secure Hardware Extension - meets Light EVITA HSM Specification by HIS Concept: Add a Secure Zone Prevent user access to security functions other than those given by logic Link to HIS & SHE: HIS portal on Security 10

12 SHE - Security Objectives Protect cryptographic keys from software attacks Provide an authentic software environment Let the security only depend on the strength of the underlying algorithm and the confidentiality of the keys Allow for distributed key ownerships Keep the flexibility high and the costs low 11

13 SHE Building Blocks (1) MCU with Secure Zone SHE data storage - volatile - non-volatile - for KEY & MAC Access only via defined command interface 12

14 SHE Perspective from Specification (2) SHE specifies Secure Zone components and algorithms Cryptography En-/decryption unit AES 128 algorithm ROM Secret key storage SECRET_KEY Unique key storage UID RAM RAM key storage PRNG key storage RAM ROM Cryptography NV-Memory NV-Memory Boot key & MAC storage Master key, general purpose key storage 13

15 SHE Perspective from Specification (3) Cryptography carries Encryption unit AES 128-based Applicable Standard Decryption unit AES 128-based RAM Cryptography NV-Memory CMAC Cipher-based Message Authentication Code generator ROM Miyaguchi-Preneel One-way compression function; compressed data cannot be recovered Input requests 128-bit wide chunks of data stream Outputs Hash-values to en-/decoding unit 14

16 SHE Perspective from Specification (3) Cryptography carries Encryption unit AES 128-based Applicable Standard Decryption unit AES 128-based CMAC Cipher-based Message Authentication Code generator RAM ROM NV-Memory Miyaguchi-Preneel One-way compression function; compressed data cannot be recovered Input requests 128-bit wide chunks of data stream Outputs Hash-values to en-/decoding unit 15

17 SHE Perspective from Specification (4) RAM carries RAM_KEY Temporary key used for arbitrary operations RAM Cryptography NV-Memory PRNG_KEY Key used by the Pseudo Random Number Generator ROM PRNG_STATE Keeps status of Pseudo Random Number Generator 16

18 SHE Perspective from Specification (4) RAM carries RAM_KEY Temporary key used for arbitrary operations Cryptography NV-Memory PRNG_KEY Key used by the Pseudo Random Number Generator ROM PRNG_STATE Keeps status of Pseudo Random Number Generator 17

19 SHE Perspective from Specification (5) ROM carries SECRET_KEY Unique key Used for im-/export of all other keys Has to be created with true random number generator (off-chip TRNG ) at production RAM ROM Cryptography NV-Memory UID Unique identifier Authenticates MCU Both SECRET_KEY and UID have to be fixed at production time 16 byte for SECRET_KEY and 15 byte for UID 18

20 SHE Perspective from Specification (5) ROM carries SECRET_KEY Unique key Used for im-/export of all other keys Has to be created with true random number generator (off-chip TRNG ) at production RAM Cryptography NV-Memory UID Unique identifier Authenticates MCU Both SECRET_KEY and UID have to be fixed at production time 16 byte for SECRET_KEY and 15 byte for UID 19

21 SHE Perspective from Specification (6) NV-Memory carries MASTER_ECU_KEY Set up by OEM (owner) Enables change of other keys BOOT_MAC_KEY Enables particular boot request and thus establishing secure boot BOOT_MAC Authentication of boot code KEY_<n> Dedicated key storage for arbitrary functions 3 10 keys PRNG_SEED Starting value for pseudo random number generator RAM ROM Cryptography NV-Memory Irreversible Write Protection of keys in NV-memory Any key in NV-memory area shall not be changeable throughout life time of the device once write-protection was applied by user 20

22 SHE Perspective from Specification (6) NV-Memory carries MASTER_ECU_KEY Set up by OEM (owner) Enables change of other keys BOOT_MAC_KEY Enables particular boot request and thus establishing secure boot BOOT_MAC Authentication of boot code KEY_<n> Dedicated key storage for arbitrary functions 3 10 keys PRNG_SEED Starting value for pseudo random number generator RAM ROM Cryptography Irreversible Write Protection of keys in NV-memory Any key in NV-memory area shall not be changeable throughout life time of the device once write-protection was applied by user 21

23 SHE - Performance Requirements Start-up / Secure Boot is Critical Path All SHE-equipped nodes have to perform secure boot process Availability to be established before 1 sec elapses MAC latency according SHE < 2 µsec for a 128-bit block MAC = Message Authentication Code Authentication of Flash contents at power up << 100 msec for 1 MByte required Exact requirement depends on Oscillator start-up times Network start-up, NM communication, MCU initializations 22

24 SHE Implementation SHE System SHE Integration SHE Implementation 23

25 SHE System Diagram Host System SHE EEFLASH SHECO SHE Firmware Public Secured NV_MEM IF Data IF Host Interface Command IF SHE Host Driver 24

26 SHE - System Integration (ATLAS-L/TITAN) MPU Sec. 32-bit AHB slave bus 64-bit AHB slave bus Sec. 32-bit AHB master bus 32-bit AHB slave bus Debug / Trace Cortex R4 CPU Boot ROM Cache Interrupt Controller Timing Protection EEFlash MPU MPU Ethernet MediaLB CRC I2S DMA TCFlash SRAM SHE MPU USB MPU System Controller Watchdog RTC External Interrupt Retention RAM Timers Timers Timers Timers GPIO 64-bit Multilayer AXI bus System RAM Quad-SPI Peripheral bus 3 Peripheral Protection Peripheral bus 1 Peripheral bus 0 Peripherals Peripherals Peripherals Peripherals Peripheral Peripheral Bus Peripheral Bridge Bus Bridge Bus Bridge Peripherals Peripherals Peripherals Peripherals MPU PPU Subsystem Content is protected Contains security config Bus master Bus slave 25

27 SHE Implementation 64-bit AHB bus Flash security 32-bit AHB bus 32-bit D bus SHE TRNG I bus SHECO HW barrier NV_MEM_MASTER AES-128 FR60 CPU ROM EEFLASH En-/decode CMAC Miyaguchi-Preneel AHB D RAM Cycle counter Public Sectors (6 x 8 K) Secured Sectors (2 x 8 K) PRNG Tx/Rx FIFOs Register I/F AXI Master PPU protection Data I/F Command/Data I/F Host Interface Bus master Bus slave MPU Host AXI bus Host AHB bus 26

28 SHE - Secured Key Storage (1) EEFLASH SECRET_KEY UID MASTER_ECU_KEY EMPTY EMPTY EMPTY FLAGS FLAGS FLAGS COUNTER BOOT_MAC_KEY EMPTY FLAGS COUNTER BOOT_MAC EMPTY FLAGS COUNTER KEY_<n> EMPTY FLAGS COUNTER RAM PRNG_KEY PRNG_STATE FLAGS FLAGS Common features 32 byte large key slots Access only by SHECO CPU NV memory Empty flag to distinguish between erased keys and keys written to 0xFF Flags and 28bit counters are stored in the same slot as the key SECRET_KEY and UID slots are write protected before device delivery No PRNG_SEED storage needed since on-chip TRNG is implemented RAM PRNG_KEY is calculated from SECRET_KEY during CMD_INIT_RNG command and stored in RAM slot RAM_KEY FLAGS 27

29 SHE - Secured Key Storage (2) Empty Write-protection Secure boot failure Debugger activation Wildcard UID Key usage Plain key Flags to be used for keys SECRET_KEY F 1 T UID F 1 T 2 MASTER_ECU_KEY 4 BOOT_MAC_KEY 4 BOOT_MAC 4 KEY_<n> 4 PRNG_KEY 5 PRNG_STATE 5 RAM_KEY 5 used F used, always false T used, always true 1 Empty flags for SECRET_KEY and UID are set after the keys have been written (by Fujitsu) 2 Write-protection flags for SECRET_KEY and UID are set after the keys have been written (by Fujitsu) 3 SECRET_KEY inherits its protection flags from MASTER_ECU_KEY 4 The initial value after production will be TRUE 5 The initial value after power-up/hw-reset will be TRUE 28

30 SHE Software (Firmware) SHE firmware Implements SHE control logic + EEPROM emulation for key storage Is ROM based (no modification possible!) No debugging possible Entirely developed by Fujitsu Secure Boot Extension of FCR4 Boot-ROM for Secure Boot Validation of boot loader with support of SHE and DMA Block length configured by of SHE_BL_SIZE (SHE parameter) SHE evaluates the status via valid BOOT_MAC_KEY 29

31 SHE Software (AUTOSAR Driver) AUTOSAR driver V4.xx Implements SHE user accessible functions Handles hardware Interaction E.g I/F error handling Host driver for SHE will become a Fujitsu product 30

32 Outlook Cryptography becomes general trend for embedded systems Majority of ECU/MCU will have to support en-/decryption Data security will become mandatory feature for automotive applications Scaled between low-cost solutions like SHE for many ECUs and High protection requirements for a subset of ECUs SHE will be on the road in

33 Thank you for your attention 32

34 33

CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules

CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules Dr. Frederic Stumpf, ESCRYPT GmbH Embedded Security, Stuttgart, Germany 1 Introduction Electronic Control Units (ECU) are embedded

More information

Security in Automotive Applications

Security in Automotive Applications Security in Automotive Applications Renesas Electronics America Inc. Renesas Technology & Solution Portfolio 2 Microcontroller and Microprocessor Line-up 2010 2013 32-bit 8/16-bit 1200 DMIPS, Superscalar

More information

Vehicular On-board Security: EVITA Project

Vehicular On-board Security: EVITA Project C2C-CC Security Workshop 5 November 2009 VW, MobileLifeCampus Wolfsburg Hervé Seudié Corporate Sector Research and Advance Engineering Robert Bosch GmbH Outline 1. Project Scope and Objectives 2. Security

More information

EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications

EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications 7 th escar Embedded Security in Cars Conference November 24 25, 2009, Düsseldorf Dr.-Ing. Olaf Henniger, Fraunhofer SIT Darmstadt Hervé

More information

Hello and welcome to this presentation of the STM32L4 Firewall. It covers the main features of this system IP used to secure sensitive code and data.

Hello and welcome to this presentation of the STM32L4 Firewall. It covers the main features of this system IP used to secure sensitive code and data. Hello and welcome to this presentation of the STM32L4 Firewall. It covers the main features of this system IP used to secure sensitive code and data. 1 Here is an overview of the Firewall s implementation

More information

Vehicular Security Hardware The Security for Vehicular Security Mechanisms

Vehicular Security Hardware The Security for Vehicular Security Mechanisms escrypt GmbH Embedded Security Systemhaus für eingebettete Sicherheit Vehicular Security Hardware The Security for Vehicular Security Mechanisms Marko Wolf, escrypt GmbH Embedded Security Embedded Security

More information

AUTOSAR Security Modules

AUTOSAR Security Modules AUTOSAR Security Modules Current Status V1.00 2015-05-27 Agenda 1. AUTOSAR 2. CAL & CSM 3. SecOC 2/40 AUTOSAR Introduction Automotive Open System Architecture Software for electronic control units (ECU)

More information

Bootloader with AES Encryption

Bootloader with AES Encryption ...the world's most energy friendly microcontrollers Bootloader with AES Encryption AN0060 - Application Note Introduction This application note describes the implementation of a bootloader capable of

More information

STM32 F-2 series High-performance Cortex-M3 MCUs

STM32 F-2 series High-performance Cortex-M3 MCUs STM32 F-2 series High-performance Cortex-M3 MCUs STMicroelectronics 32-bit microcontrollers, 120 MHz/150 DMIPS with ART Accelerator TM and advanced peripherals www.st.com/mcu STM32 F-2 series The STM32

More information

Hardware Security Modules for Protecting Embedded Systems

Hardware Security Modules for Protecting Embedded Systems Hardware Security Modules for Protecting Embedded Systems Marko Wolf, ESCRYPT GmbH Embedded Security, Munich, Germany André Weimerskirch, ESCRYPT Inc. Embedded Security, Ann Arbor, USA 1 Introduction &

More information

SecureDoc Disk Encryption Cryptographic Engine

SecureDoc Disk Encryption Cryptographic Engine SecureDoc Disk Encryption Cryptographic Engine FIPS 140-2 Non-Proprietary Security Policy Abstract: This document specifies Security Policy enforced by SecureDoc Cryptographic Engine compliant with the

More information

System-on-a-Chip with Security Modules for Network Home Electric Appliances

System-on-a-Chip with Security Modules for Network Home Electric Appliances System-on-a-Chip with Security Modules for Network Home Electric Appliances V Hiroyuki Fujiyama (Manuscript received November 29, 2005) Home electric appliances connected to the Internet and other networks

More information

Digitale Signalverarbeitung mit FPGA (DSF) Soft Core Prozessor NIOS II Stand Mai 2007. Jens Onno Krah

Digitale Signalverarbeitung mit FPGA (DSF) Soft Core Prozessor NIOS II Stand Mai 2007. Jens Onno Krah (DSF) Soft Core Prozessor NIOS II Stand Mai 2007 Jens Onno Krah Cologne University of Applied Sciences www.fh-koeln.de jens_onno.krah@fh-koeln.de NIOS II 1 1 What is Nios II? Altera s Second Generation

More information

Secure Key Management A Key Feature for Modern Vehicle Electronics

Secure Key Management A Key Feature for Modern Vehicle Electronics 13AE-0069 Secure Key Management A Key Feature for Modern Vehicle Electronics Christian Schleiffer, Marko Wolf, André Weimerskirch, and Lars Wolleschensky ESCRYPT Copyright 2012 SAE International ABSTRACT

More information

AppliedMicro Trusted Management Module

AppliedMicro Trusted Management Module AppliedMicro Trusted Management Module Majid Bemanian, Sr. Director of Marketing, Applied Micro Processor Business Unit July 12, 2011 Celebrating 20 th Anniversary of Power Architecture 1 AppliedMicro

More information

Secure Wireless Application Platform

Secure Wireless Application Platform Texas Instruments SW@P Secure Wireless Application Platform New Challenges for Wireless Handsets Open Environment Multi-application, Interoperability Multiple Access Data Paths GSM/GPRS, EDGE, 802.11,

More information

Wireless Microcontrollers for Environment Management, Asset Tracking and Consumer. October 2009

Wireless Microcontrollers for Environment Management, Asset Tracking and Consumer. October 2009 Wireless Microcontrollers for Environment Management, Asset Tracking and Consumer October 2009 Jennic highlights Jennic is a fabless semiconductor company providing Wireless Microcontrollers to high-growth

More information

Secure Network Communications FIPS 140 2 Non Proprietary Security Policy

Secure Network Communications FIPS 140 2 Non Proprietary Security Policy Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles

More information

Embedding Trust into Cars Secure Software Delivery and Installation

Embedding Trust into Cars Secure Software Delivery and Installation Embedding Trust into Cars Secure Software Delivery and Installation André Adelsbach, Ulrich Huber, Ahmad-Reza Sadeghi, Christian Stüble Horst Görtz Institute for IT Security, Bochum, Germany Third Workshop

More information

Safety and security related features in AUTOSAR

Safety and security related features in AUTOSAR Safety and security related features in Dr. Stefan Bunzel Spokesperson (Continental) Co-Authors: S. Fürst, Dr. J. Wagenhuber (BMW), Dr. F. Stappert (Continental) Automotive - Safety & Security 2010 22

More information

M2M For industrial and automotive

M2M For industrial and automotive M2M For industrial and automotive Content ST at a glance... 4 Where to find us... 5 The value chain... 5 Secure MCU... 6 Focus on ST33 secure microcontrollers... 6 M2M fields of application... 7 What is

More information

SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES

SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES Contents Introduction... 3 DRM Threat Model... 3 DRM Flow... 4 DRM Assets... 5 Threat Model... 5 Protection of

More information

SECURE USB FLASH DRIVE. Non-Proprietary Security Policy

SECURE USB FLASH DRIVE. Non-Proprietary Security Policy SECURE USB FLASH DRIVE Non-Proprietary Security Policy FIPS 140-2 SECURITY POLICY VERSION 9 Page 1 of 10 Definitions and Acronyms AES Advanced Encryption Standard CBC Cipher Block Chaining CRC Cyclic Redundancy

More information

VASCO Data Security International, Inc. DIGIPASS GO-7. FIPS 140-2 Non-Proprietary Cryptographic Module Security Policy

VASCO Data Security International, Inc. DIGIPASS GO-7. FIPS 140-2 Non-Proprietary Cryptographic Module Security Policy VASCO Data Security International, Inc. DIGIPASS GO-7 FIPS 140-2 Non-Proprietary Cryptographic Module Security Policy Security Level: 2 Version: 1.7 Date: August 12, 2015 Copyright VASCO Data Security

More information

NXP & Security Innovation Encryption for ARM MCUs

NXP & Security Innovation Encryption for ARM MCUs NXP & Security Innovation Encryption for ARM MCUs Presenters Gene Carter- International Product Manager, NXP Semiconductors Gene is responsible for marketing of the ARM7 and Cortex-M3 microcontrollers.

More information

Trusted Boot Loader Steve Johnson, Panasonic Chair Security WG San Jose April 12, 2006

Trusted Boot Loader Steve Johnson, Panasonic Chair Security WG San Jose April 12, 2006 Trusted Boot Loader Steve Johnson, Panasonic Chair Security WG San Jose April 12, 2006 April 12th, 2006 1 Synopsis Background Trusted boot Security enhancements to boot loader Necessary code U-Boot Kernel

More information

KeyStone Architecture Security Accelerator (SA) User Guide

KeyStone Architecture Security Accelerator (SA) User Guide KeyStone Architecture Security Accelerator (SA) User Guide Literature Number: SPRUGY6B January 2013 Release History www.ti.com Release Date Description/Comments SPRUGY6B January 2013 Added addition engine

More information

PUF Physical Unclonable Functions

PUF Physical Unclonable Functions Physical Unclonable Functions Protecting next-generation Smart Card ICs with SRAM-based s The use of Smart Card ICs has become more widespread, having expanded from historical banking and telecommunication

More information

Cut Network Security Cost in Half Using the Intel EP80579 Integrated Processor for entry-to mid-level VPN

Cut Network Security Cost in Half Using the Intel EP80579 Integrated Processor for entry-to mid-level VPN Cut Network Security Cost in Half Using the Intel EP80579 Integrated Processor for entry-to mid-level VPN By Paul Stevens, Advantech Network security has become a concern not only for large businesses,

More information

NEXT GENERATION OF AUTOMOTIVE SECURITY: SECURE HARDWARE AND SECURE OPEN PLATFORMS

NEXT GENERATION OF AUTOMOTIVE SECURITY: SECURE HARDWARE AND SECURE OPEN PLATFORMS NEXT GENERATION OF AUTOMOTIVE SECURITY: SECURE HARDWARE AND SECURE OPEN PLATFORMS André Groll, Jan Holle University of Siegen, Institute for Data Communications Systems {andre.groll,jan.holle}@uni-siegen.de

More information

IoT Security Concerns and Renesas Synergy Solutions

IoT Security Concerns and Renesas Synergy Solutions IoT Security Concerns and Renesas Synergy Solutions Simon Moore CTO - Secure Thingz Ltd Agenda Introduction to Secure.Thingz. The Relentless Attack on the Internet of Things Building protection with Renesas

More information

Period covered: from 1 July 2008 to 31 December 2011 Dissemination level: Public

Period covered: from 1 July 2008 to 31 December 2011 Dissemination level: Public Project acronym: EVITA Project title: E-safety vehicle intrusion protected applications Project reference: 224275 Programme: Seventh Research Framework Programme (2007-2013) of the European Community Objective:

More information

Atmel Norway AVR Introduction

Atmel Norway AVR Introduction Atmel Norway 2005 AVR Microcontrollers 1 The Growing AVR Family TINY The AVR Growing family AVR Family 8-32 pin general purpose microcontrollers 16 family members MEGA AVR family 32-100 pin general purpose

More information

Chapter 13. PIC Family Microcontroller

Chapter 13. PIC Family Microcontroller Chapter 13 PIC Family Microcontroller Lesson 01 PIC Characteristics and Examples PIC microcontroller characteristics Power-on reset Brown out reset Simplified instruction set High speed execution Up to

More information

Security in Vehicle Networks

Security in Vehicle Networks Security in Vehicle Networks Armin Happel, Christof Ebert Stuttgart, 17. March 2015 V1.1 2015-04-28 Introduction Vector Consulting Services supports clients worldwide in improving their product development

More information

Integrated Cryptographic Hardware Engines on the zseries Microprocessor

Integrated Cryptographic Hardware Engines on the zseries Microprocessor Integrated Cryptographic Hardware Engines on the zseries Microprocessor IBM Corporation Jeffrey A. Magee Thomas S. Fuchs Seth R. Greenspan Thomas Koehler Bernd Nerz Timothy J. Slegel Overview Cryptography

More information

Security Policy: Key Management Facility Crypto Card (KMF CC)

Security Policy: Key Management Facility Crypto Card (KMF CC) Security Policy: Key Management Facility Crypto Card (KMF CC) Version 2.12.2 2/7/11 1.0 Introduction 3 1.1 Scope 3 1.2 Overview 3 1.3 KMF CC Implementation 4 1.4 KMF CC HW/SW version numbers 4 1.5 KMF

More information

Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion

Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion By Kerry Maletsky, Business Unit Director Crypto Products Summary There is a growing need for strong hardware security devices

More information

M-Shield mobile security technology

M-Shield mobile security technology Technology for Innovators TM M-Shield mobile security technology making wireless secure Overview As 3G networks are successfully deployed worldwide, opportunities are arising to deliver to end-users a

More information

Freescale Variable Key Security Protocol Transmitter User s Guide by: Ioseph Martínez and Christian Michel Applications Engineering - RTAC Americas

Freescale Variable Key Security Protocol Transmitter User s Guide by: Ioseph Martínez and Christian Michel Applications Engineering - RTAC Americas Freescale Semiconductor User s Guide VKSPTXUG Rev. 0, 06/2008 Freescale Variable Key Security Protocol Transmitter User s Guide by: Ioseph Martínez and Christian Michel Applications Engineering - RTAC

More information

utomotive 16-bit Microcontroller F 2 MC-16FX Family MB96610/620/630/640/650/660/670/ 680/690/6A0/6B0/6C0 Series

utomotive 16-bit Microcontroller F 2 MC-16FX Family MB96610/620/630/640/650/660/670/ 680/690/6A0/6B0/6C0 Series A utomotive 16-bit Microcontroller F 2 MC-16FX Family 670/ 680/690/6A0/6B0/6C0 Series Twelve series of new products (53 products) for meter control and body control have been added to the lineup of our

More information

Northrop Grumman M5 Network Security SCS Linux Kernel Cryptographic Services. FIPS Security Policy Version 2.42. www.northropgrumman.

Northrop Grumman M5 Network Security SCS Linux Kernel Cryptographic Services. FIPS Security Policy Version 2.42. www.northropgrumman. Northrop Grumman M5 Network Security SCS Linux Kernel Cryptographic Services FIPS Security Policy Version 2.42 www.northropgrumman.com/m5/ SCS Linux Kernel Cryptographic Services Security Policy Version

More information

DesignWare IP for IoT SoC Designs

DesignWare IP for IoT SoC Designs DesignWare IP for IoT SoC Designs The Internet of Things (IoT) is connecting billions of intelligent things at our fingertips. The ability to sense countless amounts of information that communicates to

More information

USB Portable Storage Device: Security Problem Definition Summary

USB Portable Storage Device: Security Problem Definition Summary USB Portable Storage Device: Security Problem Definition Summary Introduction The USB Portable Storage Device (hereafter referred to as the device or the TOE ) is a portable storage device that provides

More information

FLASH-BASED MICROCONTROLLERS

FLASH-BASED MICROCONTROLLERS FLASH-BASED MICROCONTROLLERS STRATEGY Leverage core NVM competency into unique memory and logic products. EPROMS Micro/ Peripherals Telecommunications, Computers Nonvolatile Memories Consumer Automotive

More information

FIPS 140-2 Security Policy 3Com Embedded Firewall PCI Cards

FIPS 140-2 Security Policy 3Com Embedded Firewall PCI Cards FIPS 140-2 Security Policy 3Com Embedded Firewall PCI Cards 3Com Corporation 5403 Betsy Ross Drive Santa Clara, CA 95054 USA February 24, 2006 Revision Version 0.4 Page 1 of 15 1. Introduction The following

More information

Secure My-d TM and Mifare TM RFID reader system by using a security access module Erich Englbrecht (info@eonline.de) V0.1draft

Secure My-d TM and Mifare TM RFID reader system by using a security access module Erich Englbrecht (info@eonline.de) V0.1draft Application Report Secure My-d TM and Mifare TM RFID reader system by using a security access module Erich Englbrecht (info@eonline.de) V0.1draft Embedded RF ABSTRACT This application report describes

More information

High-Performance, Highly Secure Networking for Industrial and IoT Applications

High-Performance, Highly Secure Networking for Industrial and IoT Applications High-Performance, Highly Secure Networking for Industrial and IoT Applications Table of Contents 2 Introduction 2 Communication Accelerators 3 Enterprise Network Lineage Features 5 Example applications

More information

Pulse Secure, LLC. January 9, 2015

Pulse Secure, LLC. January 9, 2015 Pulse Secure Network Connect Cryptographic Module Version 2.0 Non-Proprietary Security Policy Document Version 1.1 Pulse Secure, LLC. January 9, 2015 2015 by Pulse Secure, LLC. All rights reserved. May

More information

Von der Hardware zur Software in FPGAs mit Embedded Prozessoren. Alexander Hahn Senior Field Application Engineer Lattice Semiconductor

Von der Hardware zur Software in FPGAs mit Embedded Prozessoren. Alexander Hahn Senior Field Application Engineer Lattice Semiconductor Von der Hardware zur Software in FPGAs mit Embedded Prozessoren Alexander Hahn Senior Field Application Engineer Lattice Semiconductor AGENDA Overview Mico32 Embedded Processor Development Tool Chain HW/SW

More information

Meeting the Demands of Robotic Space Applications with CompactPCI

Meeting the Demands of Robotic Space Applications with CompactPCI 1 of 6 1/10/2006 3:26 PM Meeting the Demands of Robotic Space Applications with CompactPCI The robotic tasks in manned and unmanned space applications need increasing sophistication, intelligence and autonomy,

More information

Standardized software components will help in mastering the. software should be developed for FlexRay were presented at

Standardized software components will help in mastering the. software should be developed for FlexRay were presented at Embedded Software for FlexRay Systems Special aspects and benefits of implementing modularized software Standardized software components will help in mastering the growing complexity of the interplay of

More information

7a. System-on-chip design and prototyping platforms

7a. System-on-chip design and prototyping platforms 7a. System-on-chip design and prototyping platforms Labros Bisdounis, Ph.D. Department of Computer and Communication Engineering 1 What is System-on-Chip (SoC)? System-on-chip is an integrated circuit

More information

ARM System Solutions

ARM System Solutions ARM System Solutions www.renesas.eu 2011.02 ARM system solutions by Renesas Electronics Renesas is a major supplier of microcontrollers to the embedded market. Besides offering a very wide choice of 8-bit,

More information

USB Portable Storage Device: Security Problem Definition Summary

USB Portable Storage Device: Security Problem Definition Summary USB Portable Storage Device: Security Problem Definition Summary Introduction The USB Portable Storage Device (hereafter referred to as the device or the TOE ) is a portable storage device that provides

More information

W ith an estimated 14 billion devices connected to

W ith an estimated 14 billion devices connected to Renesas Synergy Security Portfolio Delivers Comprehensive Protection from Industrial and IoT Threats Advanced capabilities give developers tools to counter attacks W ith an estimated 14 billion devices

More information

ES_LPC4357/53/37/33. Errata sheet LPC4357/53/37/33. Document information

ES_LPC4357/53/37/33. Errata sheet LPC4357/53/37/33. Document information Rev. 1.1 8 August 2012 Errata sheet Document information Info Keywords Abstract Content LPC4357FET256; LPC4357FET180; LPC4357FBD208; LPC4353FET256; LPC4353FET180; LPC4353FBD208; LPC4337FET256; LPC4337FET180;

More information

AN4839 Application note

AN4839 Application note Application note Level 1 cache on STM32F7 Series Introduction In the Cortex -M7 the MPU allows the modification of the Level 1 (L1) cache attributes by region. The cache control is done globally by the

More information

Trusted Platforms for Homeland Security

Trusted Platforms for Homeland Security Trusted Platforms for Homeland Security By Kevin Schutz, Product Manager Secure Products Summary Ongoing threats from hackers, viruses, and worms continue to make security a top priority for IT and business

More information

Understand Electronic-Meter Design to Better Craft Intelligent and Secure Systems

Understand Electronic-Meter Design to Better Craft Intelligent and Secure Systems Understand Electronic-Meter Design to Better Craft Intelligent and Secure Systems driving trust Author, INSIDE Secure As more utility companies install smart electric and other types of utility meters

More information

MICROCONTROLLER BASED TEMPERATURE INDICATOR SUBMITTED BY:

MICROCONTROLLER BASED TEMPERATURE INDICATOR SUBMITTED BY: MICROCONTROLLER BASED TEMPERATURE INDICATOR SUBMITTED BY: 1 INTRODUCTION The aim of this project is to design an ambient temperature measurement circuit. The motivation for doing this project is the fact

More information

Application Note. Atmel CryptoAuthentication Product Uses. Atmel ATSHA204. Abstract. Overview

Application Note. Atmel CryptoAuthentication Product Uses. Atmel ATSHA204. Abstract. Overview Application Note Atmel CryptoAuthentication Product Uses Atmel Abstract Companies are continuously searching for ways to protect property using various security implementations; however, the cost of security

More information

Hardware Security for Trustworthy C2X Applications Marko Wolf

Hardware Security for Trustworthy C2X Applications Marko Wolf Hardware Security for Trustworthy C2X Applications Marko Wolf C2C-CC/CAMP Harmonization Workshop, Wolfsburg, Germany, 15.3.2012 Outline 1. Three General Reasons for Automotive Hardware Security Modules

More information

MP3 Player Presentation Based on VS1005 SoC

MP3 Player Presentation Based on VS1005 SoC MP3 Player Presentation Based on VS1005 SoC June 2012 Table of Contents What is VLSI Solution? Current MP3 Player Trends Structure of a Typical MP3 Player MP3 Player Based on VS1005 SoC New Features of

More information

DMA Module. 2008 Microchip Technology Incorporated. All Rights Reserved. PIC32 DMA Module Slide 1. Hello and welcome to the PIC32 DMA Module webinar.

DMA Module. 2008 Microchip Technology Incorporated. All Rights Reserved. PIC32 DMA Module Slide 1. Hello and welcome to the PIC32 DMA Module webinar. PIC32 DMA Module 2008 Microchip Technology Incorporated. All Rights Reserved. PIC32 DMA Module Slide 1 Hello and welcome to the PIC32 DMA Module webinar. I am Nilesh Rajbharti, Applications Engineering

More information

ontroller LSI with Built-in High- Performance Graphic Functions for Automotive Applications

ontroller LSI with Built-in High- Performance Graphic Functions for Automotive Applications C ontroller LSI with Built-in High- Performance Graphic Functions for Automotive Applications 1-chip solution for color display, video input and meter control with built-in highperformance CPU core FR81S

More information

Fondamenti su strumenti di sviluppo per microcontrollori PIC

Fondamenti su strumenti di sviluppo per microcontrollori PIC Fondamenti su strumenti di sviluppo per microcontrollori PIC MPSIM ICE 2000 ICD 2 REAL ICE PICSTART Ad uso interno del corso Elettronica e Telecomunicazioni 1 2 MPLAB SIM /1 MPLAB SIM is a discrete-event

More information

the world s most energy friendly microcontrollers

the world s most energy friendly microcontrollers Batteries worldwide celebrate the arrival of the world s most energy friendly microcontrollers Introduction The explosion in use of battery operated electronics is followed by the need for the battery

More information

Develop a Dallas 1-Wire Master Using the Z8F1680 Series of MCUs

Develop a Dallas 1-Wire Master Using the Z8F1680 Series of MCUs Develop a Dallas 1-Wire Master Using the Z8F1680 Series of MCUs AN033101-0412 Abstract This describes how to interface the Dallas 1-Wire bus with Zilog s Z8F1680 Series of MCUs as master devices. The Z8F0880,

More information

Designing a System-on-Chip (SoC) with an ARM Cortex -M Processor

Designing a System-on-Chip (SoC) with an ARM Cortex -M Processor Designing a System-on-Chip (SoC) with an ARM Cortex -M Processor A Starter Guide Joseph Yiu November 2014 version 1.02 27 Nov 2014 1 - Background Since the ARM Cortex -M0 Processor was released a few years

More information

ARM Cortex STM series

ARM Cortex STM series ARM Cortex board 1 ARM Cortex STM series 2 STM32 Series 3 Abbreviation FS full speed HS high speed MC motor controller MSI multi speed internal oscillator RNG random number generator SDIO secure digital

More information

Software Hardware Binding with Quiddikey

Software Hardware Binding with Quiddikey Software Hardware Binding with Quiddikey Mass scale solution against software piracy Secure your digital life Software-Hardware Binding solutions are typically required for Flash-based systems in which

More information

Bus Data Acquisition and Remote Monitoring System Using Gsm & Can

Bus Data Acquisition and Remote Monitoring System Using Gsm & Can IOSR Journal of Electrical and Electronics Engineering (IOSR-JEEE) e-issn: 2278-1676,p-ISSN: 2320-3331, Volume 8, Issue 3 (Nov. - Dec. 2013), PP 88-92 Bus Data Acquisition and Remote Monitoring System

More information

FIPS 140 2 Non Proprietary Security Policy: Kingston Technology DataTraveler DT4000 Series USB Flash Drive

FIPS 140 2 Non Proprietary Security Policy: Kingston Technology DataTraveler DT4000 Series USB Flash Drive FIPS 140 2 Non Proprietary Security Policy Kingston Technology Company, Inc. DataTraveler DT4000 G2 Series USB Flash Drive Document Version 1.8 December 3, 2014 Document Version 1.8 Kingston Technology

More information

SPI I2C LIN Ethernet. u Today: Wired embedded networks. u Next lecture: CAN bus u Then: 802.15.4 wireless embedded network

SPI I2C LIN Ethernet. u Today: Wired embedded networks. u Next lecture: CAN bus u Then: 802.15.4 wireless embedded network u Today: Wired embedded networks Ø Characteristics and requirements Ø Some embedded LANs SPI I2C LIN Ethernet u Next lecture: CAN bus u Then: 802.15.4 wireless embedded network Network from a High End

More information

Embedded Display Module EDM6070

Embedded Display Module EDM6070 Embedded Display Module EDM6070 Atmel AT91SAM9X35 Based Single Board Computer BY Product Overview Version 1.0 Dated: 3 rd Dec 2013 Table of Contents Product Overview... 2 Introduction... 2 Kit Contents...

More information

Zynq Architecture. Zynq 14.2 Version. Copyright 2012 Xilinx. This material exempt per Department of Commerce license exception TSU

Zynq Architecture. Zynq 14.2 Version. Copyright 2012 Xilinx. This material exempt per Department of Commerce license exception TSU Zynq Architecture Zynq 14.2 Version This material exempt per Department of Commerce license exception TSU Objectives After completing this module, you will be able to: Identify the basic building blocks

More information

Cautions When Using BitLocker Drive Encryption on PRIMERGY

Cautions When Using BitLocker Drive Encryption on PRIMERGY Cautions When Using BitLocker Drive Encryption on PRIMERGY July 2008 Fujitsu Limited Table of Contents Preface...3 1 Recovery mode...4 2 Changes in hardware configurations...5 3 Prior to hardware maintenance

More information

SKP16C62P Tutorial 1 Software Development Process using HEW. Renesas Technology America Inc.

SKP16C62P Tutorial 1 Software Development Process using HEW. Renesas Technology America Inc. SKP16C62P Tutorial 1 Software Development Process using HEW Renesas Technology America Inc. 1 Overview The following tutorial is a brief introduction on how to develop and debug programs using HEW (Highperformance

More information

Architekturen und Einsatz von FPGAs mit integrierten Prozessor Kernen. Hans-Joachim Gelke Institute of Embedded Systems Professur für Mikroelektronik

Architekturen und Einsatz von FPGAs mit integrierten Prozessor Kernen. Hans-Joachim Gelke Institute of Embedded Systems Professur für Mikroelektronik Architekturen und Einsatz von FPGAs mit integrierten Prozessor Kernen Hans-Joachim Gelke Institute of Embedded Systems Professur für Mikroelektronik Contents Überblick: Aufbau moderner FPGA Einblick: Eigenschaften

More information

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

More information

Safety and Security Features in AUTOSAR

Safety and Security Features in AUTOSAR Safety and Security Features in AUTOSAR Nagarjuna Rao Kandimala, Michal Sojka Czech Technical University in Prague 166 27 Praha 6, Czech Republic Thursday 15 th November, 2012 Contents 1 Introduction 2

More information

NXP Secure Smart Card Controllers P5CD016V1D / P5CD021V1D / P5CD041V1D / P5Cx081V1D with DESFire EV1

NXP Secure Smart Card Controllers P5CD016V1D / P5CD021V1D / P5CD041V1D / P5Cx081V1D with DESFire EV1 NXP Secure Smart Card Controllers P5CD016V1D / P5CD021V1D / P5CD041V1D / P5Cx081V1D with DESFire EV1 Rev. 1.1 24 October 2011 BSI-DSZ-CC-0707 Evaluation documentation Document information Info Keywords

More information

System Design Issues in Embedded Processing

System Design Issues in Embedded Processing System Design Issues in Embedded Processing 9/16/10 Jacob Borgeson 1 Agenda What does TI do? From MCU to MPU to DSP: What are some trends? Design Challenges Tools to Help 2 TI - the complete system The

More information

Security Policy. Trapeze Networks

Security Policy. Trapeze Networks MP-422F Mobility Point Security Policy Trapeze Networks August 14, 2009 Copyright Trapeze Networks 2007. May be reproduced only in its original entirety [without revision]. TABLE OF CONTENTS 1. MODULE

More information

AUTOSAR V4.0.3 MCAL Development for FlexRay

AUTOSAR V4.0.3 MCAL Development for FlexRay AUTOSAR V4.0.3 MCAL Development for FlexRay Remya S Shenoi Pratap Kumar S. Suresh G. Post Graduate Student, NIELIT, Calicut Scientist/Engineer-E, NIELIT, Calicut Senior Engineer, TBU, Tata Elxsi Ltd.,

More information

Optimizing ARM Cortex-A9 support in Windows Embedded Compact

Optimizing ARM Cortex-A9 support in Windows Embedded Compact Optimizing ARM Cortex-A9 support in Windows Embedded Compact A DISCUSSION OF RANDOM HANGS AND OTHER ISSUES USING WINDOWS EMBEDDED COMPACT ON FREESCALE I.MX6 APPLICATION PROCESSOR AND HOW THEY WERE SOLVED

More information

Confidentio. Integrated security processing unit. Including key management module, encryption engine and random number generator

Confidentio. Integrated security processing unit. Including key management module, encryption engine and random number generator Confidentio Integrated security processing unit Including key management module, encryption engine and random number generator Secure your digital life Confidentio : An integrated security processing unit

More information

SIT153 Introduction to Computation

SIT153 Introduction to Computation SIT153 Introduction to Computation Lecture 4-1 Computer Organisation I chapter 5 6 April 2016 Admin matters (1) for the next 2 weeks Study units: (4) Computer organisation (5) Networks Week Date Day Activity

More information

Secure Hardware PV018 Masaryk University Faculty of Informatics

Secure Hardware PV018 Masaryk University Faculty of Informatics Secure Hardware PV018 Masaryk University Faculty of Informatics Jan Krhovják Vašek Matyáš Roadmap Introduction The need of secure HW Basic terminology Architecture Cryptographic coprocessors/accelerators

More information

Message Authentication Codes

Message Authentication Codes 2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,

More information

Microtronics technologies Mobile: 99707 90092

Microtronics technologies Mobile: 99707 90092 For more Project details visit: http://www.projectsof8051.com/rfid-based-attendance-management-system/ Code Project Title 1500 RFid Based Attendance System Synopsis for RFid Based Attendance System 1.

More information

No Safety without Security

No Safety without Security 1 / 6 No Safety without Security Dr. Günther Heling, Vector Informatik GmbH Dr. Christof Ebert, Vector Consulting Services GmbH V0.91 2014-11-26 No Safety without Security Automotive Trends Vector Congress

More information

Reverse engineering hardware for software reversers: studying an encrypted external HDD

Reverse engineering hardware for software reversers: studying an encrypted external HDD Reverse engineering hardware for software reversers: studying an encrypted external HDD Joffrey Czarny & Raphaël Rigo / AGI / TX5IT 2015-10-02 / Hardwear.io 2015-10-02 / Hardwear.io 2 Introduction Why

More information

Customer Experience. Silicon. Support & Professional Eng. Services. Freescale Provided SW & Solutions

Customer Experience. Silicon. Support & Professional Eng. Services. Freescale Provided SW & Solutions September 2013 Silicon Support & Professional Eng. Services Customer Experience Freescale Provided SW & Solutions Provide Valued Software, Support & Professional Engineering Services, Competitively 2 Customer

More information

MICROCONTROLLAR BASED DIGITAL CLOCK WITH ALARM

MICROCONTROLLAR BASED DIGITAL CLOCK WITH ALARM MICROCONTROLLAR BASED DIGITAL CLOCK WITH ALARM www.microsyssolution.com Page 1 A BRIEF INTRODUCTION TO 8051 MICROCONTROLLER-: When we have to learn about a new computer we have to familiarize about the

More information

Side Channel Analysis and Embedded Systems Impact and Countermeasures

Side Channel Analysis and Embedded Systems Impact and Countermeasures Side Channel Analysis and Embedded Systems Impact and Countermeasures Job de Haas Agenda Advances in Embedded Systems Security From USB stick to game console Current attacks Cryptographic devices Side

More information

Deliverable D2.2: Specification of security services incl. virtualization and firewall mechanisms

Deliverable D2.2: Specification of security services incl. virtualization and firewall mechanisms Project acronym: OVERSEE Project title: Open Vehicular Secure Platform Project ID: 248333 Call ID: FP7-ICT-2009-4 Programme: 7th Framework Programme for Research and Technological Development Objective:

More information

Chapter 13 Embedded ARM Applications

Chapter 13 Embedded ARM Applications Chapter 13 Embedded ARM Applications Introduction The VLSI Ruby II advanced communication processor The VLSI ISDN subscriber Processor The OneC TM VWS22100 GSM chip The Ericsson VLSI bluetooth baseband

More information

Overview. SSL Cryptography Overview CHAPTER 1

Overview. SSL Cryptography Overview CHAPTER 1 CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure

More information