Security in Industry 4.0 applications - When microcontroller-based security is no longer enough

05/22/2024 Know-How

One consequence of the miniaturization of system-on-chips is that flash memory increasingly has to be implemented externally.

This brings with it new security requirements that must be urgently met, especially in mission-critical networked systems.

The rapid growth of networked systems around the world is leading to an ever-increasing need for system security. This is because every networked smart device is a potential target for cyber attacks. At the same time, advances in system-on-chips (SoC) are driving manufacturing technologies to the smallest process nodes practical to achieve the power and performance required for computationally intensive applications. However, non-volatile memory (NVM) integration is becoming increasingly difficult as process nodes shrink to 22 nm and below. In particular, embedded NOR flash has become exorbitantly expensive to implement in these small nodes. As a result, systems using high-performance SoCs need an alternative to embedded flash and are returning to external on-board memory (Fig. 1). 

State-of-the-art SoCs require external flash memory 

For decades and across industries, the typical strategy for electronic system development has been to integrate more functions – including greater memory capacity – into fewer chips. This trend led to SoC architectures that enable complex embedded systems on a single chip. To increase their performance and to reduce costs, SoC providers have relied on innovative manufacturing process nodes. However, advances in semiconductor technology have made it increasingly difficult to embed flash memory into an SoC, forcing system developers to store critical code and system data in external flash. 

However, external flash designs also bring advantages: For example, the SoC can be chosen based on its performance alone, and the appropriate flash density for the specific design can be determined independently. 

Code is getting bigger and current applications are storing and processing more data than ever before. Even if an SoC includes embedded NVM, in many cases additional external memory capacity is needed. If the most suitable capacity of external flash memory can be freely selected, system costs are reduced and the efficiency of the overall system is optimized.

External memory has different security requirements

On-chip memory is closely connected to the rest of the SoC in which it resides and is considered fundamentally more trustworthy than conventional external memory. This is because, as a standalone device it is more vulnerable to physical attacks. Even encrypted data residing in external flash memory can be an easy target for certain attacks. Some of the key threats to consider when securing external flash memory include: 

  • Impersonation of transactions to or from flash without authorization 
  • Tampering with stored code, stored data, parameters and logs 
  • Repeating transactions to revert the contents of flash memory to old, insecure versions 
  • Obtaining keys during deployment in an insecure environment 
  • Snooping attacks (man-in-the-middle) on transactions to/from flash devices 
  • Conducting side-channel attacks on a flash memory to observe or obtain its contents 

To address all of these threats and other security vulnerabilities of external flash memory, the device must provide the following features: 

  • A hardware-based trust anchor (root-of-trust) to prevent modification or tampering, copying, or other effects of an attack on the code and/or data stored in the flash memory
  • Secure updates from the microcontroller or the cloud through a combination of end-to-end protection with authenticated and encrypted transactions via the bus, secure regions with read/write access methods, secure key memory space, and non-volatile monotonic counters 
  • Low cost by eliminating the need for additional security devices (e.g. a trusted-platform module) and printed circuit board modifications, including support for popular flash serial interfaces

Secure flash memory for mission-critical applications 

With Semper-Secure NOR Flash, Infineon offers what the supplier claims is the industry’s most advanced, secure, and reliable flash memory. It is designed for functional safety, performs diagnostics and data correction, and complies with ISO 26262 requirements. On top of this, Semper Secure adds a hardware root-of-trust and options for asymmetric or symmetric cryptography. This combination of security and protection makes Semper Secure NOR Flash an ideal memory for mission-critical applications where failure is not an option. 

External flash memories are connected to the host SoC via a serial memory interface and a bus. This makes them vulnerable to replay and man-in-the-middle attacks. Since critical data is exchanged between multiple semiconductor devices, it is not enough to protect only the host SoC. The external flash memory and the bidirectional communication between the two must also be secured. 

Semper-Secure-NOR-Flash solves this problem by authenticating and/or encrypting transactions between the host SoC and the memory. This ensures authenticity, confidentiality, and data integrity as well as protects against replay attacks. Semper Secure extends the secure processing environment beyond the host SoC to the external NOR flash by supporting different types of secured transactions, including authenticated read, program, and erase as well as encrypted read, program, and erase. 

 


 

For more information and a direct ordering option, please visit our e-commerce platform at www.rutronik24.com.

Subscribe to our newsletter and stay updated.

Figure 1: De-integration of embedded flash (eFlash) from the SoC.

Figure 2: Architecture of Infineon’s Semper Secure NOR flash family.

Figure 3: With its security features, the Semper-Secure NOR Flash offers security-relevant systems a high level of protection against various threats.