Page 28 - EE Times Europe Magazine | April2019
P. 28

28 EE|Times EUROPE

        ST’s Scarlatella on IoT Security
                                            OPINION
          STMicroelectronics’ STM32MP1 multicore
        processors integrate a dual-core application
        core for power-efficient hard real-time tasks.  Smart-Device Success
        processor, a GPU for graphics, and an MCU
        This multicore approach, with high functional
        integration, will facilitate the development   Hinges on Unclonable
        of high-performance solutions for indus-
        trial, consumer, smart-home, and health
        OpenSTLinux as a mainlined and open-source  Security
        and wellness applications. ST’s release of
        Linux distribution for the STM32MP series
        will facilitate the developer’s job in meeting   By Maurizio Di Paolo Emilio
        essential customer needs for applications in
        the IoT market (Figure 1).                              The internet of things brings together billions of devices every day,
          The STM32MP1 has a TrustZone that can                 and the IoT’s exponential growth has transformed the way we go
        be used to build secure products, with valu-            about our daily activities at home, on the job, and on the move. In
        able system integrity checks. The processor             many ways, our lives have improved as a result. But like any good
        has a secure boot ROM code that can be used             thing, there is a downside to IoT: It is becoming an increasingly
        as the root of trust of the platform. It can be         attractive target for cybercriminals, with far too many IoT devices
        securely provisioned by the customer using              left vulnerable to cyberattacks.
        the STM32Trust ecosystem solution. When                  IoT technologies now let manufacturers obtain information of
        activated, the STM32MP1 can initialize its              value that can be exploited in person, transferred to the consumer
        TrustZone and its Trusted Platform Module   as added value after the purchase of the product, or monetized through the provision of new
        (TPM) environments using authentication   services. New developments will allow vehicles to be connected with smart-city infrastructure to
        software. External secure elements such as   create an entirely different ecosystem for the driver. And connected health devices can represent
        TPM offer additional secure services, includ-  a new, more economical business model for the health-care industry, with a strongly positive
        ing application secure-key storage, chain   impact on medical outcomes and overall health.
        of trust boot authentication, and secure   The implementation of IoT technologies provides an infrastructure that can be articulated
        cryptographic functions.            over several networks and systems. Each part hides critical issues that must be assessed to avoid
          “The industry’s reception to the STM32MP1   risks to security and network efficiency and to prevent uncontrolled growth of the data collected
        microprocessor has been terrific,” said ST’s   and the resulting processing and storage costs. And as IoT applications proliferate, more devices
        Scarlatella. “Since launching the product                        are being deployed in uncontrolled and hostile areas
        at embedded world last year, we’ve now got   The success of any   that render them vulnerable to physical attacks. These
        24 Authorized ST Partners in our partner   application depends   attacks are more sophisticated than software threats,
        program offering a range of services and                         which are characterized by poor cryptographic imple-
        products; we’ve won several designs and are   on providing robust   mentations or the exploiting of predefined passwords.
        being evaluated in many, many others.                            Designers need advanced system defenses for their
          “In fact, we’ve just launched several   solutions with security   critical applications, in which exposure to secret keys
        new STM32MP1 MPUs with better perfor-  features that offer       could destroy networks, ruin reputations, disrupt busi-
        mance and security, including trusted boot                       nesses, and even put lives at risk.
        authentication, available OTP [one-time   reliable protection.     Attacks to IoT systems are becoming more advanced.
        programmable] fuses for customers, and                           Devices are strongly at risk for hacker attacks such
        a secure operating system. The enhanced   as compromises to information and customizations. With the growing trend of “everything
        STM32MP1 toolset also allows secure pro-  connected,” techniques such as secure boot, secure key saving, encryption, and authentication
        visioning of customer code into the chip. So   are essential. While designers understand the importance of preventing device-level security
        we’re constantly moving forward in making   breaches, they often struggle with compromises between adding advanced security features and
        the SoCs more protected.”           minimizing board space, all while balancing sophisticated design and time-to-market demands.
          Hardware protection that starts at the   The success of any application depends on gaining and keeping users’ trust by providing
        individual component level allows for the   robust and easy-to-use solutions with security features that offer reliable protection. The large
        long-term protection of sensitive data   number of devices and their wide distribution create a huge attachment area that is difficult to
        and applications, even when threatened   monitor. Some sensors and communication protocols are designed to be used on closed private
        by attacks that are increasingly difficult   networks and either address cybersecurity unsatisfactorily or ignore it altogether. A
        to detect and contain. Intelligent sensors   hardware-based approach is more robust than software-based protection and encryption strate-
        are essentially connected microcontrollers   gies because it is more difficult to alter a physical protection system.
        that integrate several analog interfaces for   At embedded world, Maxim Integrated introduced the MAX32520 ChipDNA Secure Arm
        detection. Manufacturers of microelectronic   Cortex-M4 microcontroller, a device that integrates physically unclonable functionality (PUF)
        solutions are engaged in the difficult task   technology for multiple levels of protection in IoT, health care, industrial, and IT systems.
        of creating versatile, scalable solutions   The main encryption key created by the authenticator’s PUF circuit is generated at the precise
        designed to address a variety of IoT devices   moment that it’s needed, exploiting the intrinsic uniqueness of the analog characteristics of
        and systems. ■                      each MOSFET circuit. The PUF-based device does not store any keys in non-volatile memory.
                                              That’s a boon for connected-device security. You can’t steal a key that isn’t there. ■
        Maurizio Di Paolo Emilio is a staff
        correspondent at AspenCore, editor of Power   Maurizio Di Paolo Emilio is a staff correspondent at AspenCore, editor of Power Electronics
        Electronics News, and editor-in-chief of EEWeb.  News, and editor-in-chief of EEWeb.

        APRIL 2020 | www.eetimes.eu
   23   24   25   26   27   28   29   30   31   32   33