Wednesday, June 15, 2016

ST chip boosts IoT security in any design

By Nick Flaherty www.flaherty.co.uk

To help tackle the challenge of securing the Internet of Things (IoT), ST has launched a separate security chip that can connect to any microcontroller via an I2C link.

The STSAFE-A100 can be designed-in by developers to provide security to Common Criteria EAL5+ without specialist security expertise through a comprehensive support ecosystem.

The STSAFE-A100 provides strong authentication services (see figures below) that help make sure only authorized IoT devices can access online services and only authorized accessories or consumables are recognized and accepted by an application. Interestingly, it is also compliant with the USB Type-C device-authentication scheme and secures communications with a remote host using Transport Layer Security (TLS) handshaking.

The chip uses a custom secure microcontroller (ST hasn't said which type of controller - the company uses the ARM SecureCore in other devices such as the ST19 and ST33 families) with its own embedded operating system that is certified to EAL5+, base don the company's experience in chips for highly secure banking and mobile phone billing systems.



Additional functions in the chip that further minimize any potential for security breaches include signature verification to ease secure boot and firmware upgrade, secure counters that allow usage monitoring, secure pairing with the host application processor, wrapping and unwrapping of local or remote host envelopes, and on-chip key-pair generation.

The STSAFE-A100 supports asymmetric cryptography including Elliptic Curve Cryptography (ECC) with NIST or Brainpool 256-bit and 384-bit curves, and symmetric cryptography using AES-128/AES-256. The STSAFE-A100 comes with a unique serial number on each die and its operating system comprises a kernel for authentication and data management and provides strong protection against logical, fault, side-channel and physical attacks.

“STSAFE-A100 delivers an economical and certified solution for state-of-the-art security in IoT and brand protection, presenting an alternative with clear advantages over existing approaches like software-based security running on a general-purpose microcontroller or an uncertified crypto-companion IC,” said Laurent Degauque, Marketing Director, Secure Microcontroller Division, MDG Group, STMicroelectronics. “Seamless integration puts security at the heart of the product and frees developers to focus on maximizing added value at the application level.”

ST has made design-in of its new secure element easy for customers by providing a complete ecosystem that includes an expansion board with Arduino headers, a microcontroller library, and reference implementations. These simplify attaching the STSAFE-A100 to a microcontroller such as any from the STM32 family.

The STSAFE-A100 secure element is scheduled to enter volume production in July 2016, as a 4mm x 5mm SO8N or 2mm x 3mm UFDFPN8.

No comments:

PLATINUM SPONSOR

South West Innovation News - news from across the region for oneof the world's hottest tech clusters