As the electronics industry increases its involvement in state-of-the art technologies such as high-end computing, artificial intelligence, and autonomous vehicles, electronics suppliers are getting more directly involved in security solutions to protect their hardware and software. Companies are in many cases designing in security down to the code level, in an effort to secure the entire hardware design against possible attacks.
Embedded control solutions provider Microchip Technology, which offers several root of trust solutions, has developed another one with its CEC1736 Trust Shield security family of products. The end-to-end solution goes beyond NIST (National Institute of Standards Technology) 800-193 Platform Firmware Resiliency guidelines with runtime firmware protection that anchors the secure boot process while setting up a chain of trust for the system platform.
According to Jeannette Wilson, Senior Marketing Manager at Microchip, the root of trust solution adds advanced security algorithms to exceed NIST requirements and provide additional protection for documents. “It is suited for telecom applications by preventing unwanted access to platforms,” she said during an interview with Design News. “It is also designed to protect printers, as they can often be a gateway for hackers to access vital information.” Other applications include network routers and gateways and industrial control systems and robots.
The fully configurable, root of trust solution enables runtime firmware protection in the SPI Flash and I2C filtering against runtime attacks. The CEC1736 Trust Shield family’s advanced hardware crypto cipher suite is equipped with AES-256, SHA-512, RSA-4096, ECC with key size up to 571 bits. The Elliptic Curve Digital Signature Algorithm (ECDSA) has a 384-bit key length. The 384-bit hardware Physically Unclonable Function (PUF) enables a unique root key and symmetric secret and private key generation and protection.
Microchip’s software includes the NIST-compliant Soteria-G3 firmware. Also included is the Trust Platform Design Suite graphical user interface, and the MPLAB® Harmony v3 software development network.
To ease development, Microchip is offering an optional development board, designated the EV19K07A, that implements out-of-box demos with a pre-provisioned CEC1736. The board has 128 Mbytes in four on-board 4X flash devices, BMC and CPU host headers, and a programming/debugging interface.
Microchip joins a growing number of electronics companies investing in root of trust solutions.
Last week, microprocessor supplier Intel introduced an independent trust authority in the form of service-based security implementation, code-named Project Amber. The project will enable Intel to provide organizations with remote verification of the trustworthiness of a compute asset in cloud, edge, and on-premises environments. This service operates independently of the infrastructure provider hosting the confidential compute workloads.
Several months ago, semiconductor hardware and IP supplier Rambus introduced an embedded hardware security module, designated the RT-640 Embedded HSM, that is a Hardware Root of Trust solution certified to the Automotive Safety Integrity Level B (ASIL-B) certification per the ISO 26262:2018 international standard. The part will enable vehicle makers to meet functional safety requirements without having to recertify their hardware to the ISO standard. It will enable vehicle makers to speed time-to-market when designing critical Advanced Driver Assistance (ADAS) systems.