With security becoming an increasingly important aspect to product design, Infineon have announced that they will be including Semper Security into their NOR Flash memory. What is Semper Security, and how is the inclusion of Semper into NOR Flash memory demonstrating the importance of hardware security?
The development of embedded systems and their widespread integration has shown the importance of device security with many reports of vulnerabilities, and attacks exploiting weaknesses. For instance, Ripple20 has shown how a lightweight implementation of TCP/IP has potentially left hundreds of millions of devices worldwide vulnerable to remote code execution. As technology has improved, embedded applications have increased in complexity immensely resulting in microcontrollers and SoCs being pressured to use external memory. While external memory provides the possibility to run large applications, it’s not without its own faults with security being one of them. Memory internal to a controller has the advantage that it is hidden from the outside world, and the use of protection bits can prevent the code from ever being externally accessible. External memory, however, can be removed from a design, or have its data lines probed and information stolen. This is a common problem faced with FPGAs which rely on external EEPROM for configuration storage and thus utilise encrypted memory. However, attackers are increasingly becoming more clever with their attacks, which demonstrates that basic encryption alone is not enough to protect the contents of external memory.
Hardware security is an area of hardware design that is gaining traction with many SoC devices now incorporating at the very least cryptographic accelerators, root-of-trust, and secure key storage. Unlike software security, hardware security is very hard to avoid as it lies in the metal thus being very difficult, if not impossible, to attack from software. Hardware security also helps with protection against hardware attacks such as bus probing and device removal with the use of tamper pins that detect when a device has been tampered with. But hardware security is now being integrated into external memories to help the next generation of devices protect their IP as well as defend against attempted hijacking.
Recognising the importance of secure memory technologies, Infineon have announced that their latest range of NOR flash memory will incorporate Semper Secure. The NOR flash will combine both security and functional safety into a singe NOR device for use in automotive, industrial, and communication systems. The new range of memory devices incorporates many different subsystems to provide a secure memory platform including an ARM Cortex M0, secure boot, unique device select, a true random number generator, crypto engines, key management, error correction, and on-board diagnostics.
“Having a secured connected system is a top priority for customers focused on protecting information and maintaining system integrity. As systems increasingly rely on external NOR Flash to protect code and data in connected systems, the need for added advanced cryptographic security in memory is growing.”
- Sam Geha, Head of Infineon Technologies LLC Memory Solutions.
By Source, Fair use, https://en.wikipedia.org/w/index.php?curid=16145905
The range of devices includes AEC-Q100 qualified to enable the use of Semper Secure NOR to flash in automotive applications, and have an extended temperature range of -40°C to +125°C. Devices support voltages as low as 1.8V, and available in 128Mb to 512Mb in size. Interfacing with NOR memories is done either using Quad SPI, Octal SPI, and HyperBus with a maximum possible speed of 400MB/s. The new platform also comes with the Semper Solution Development kit which helps designers reduce the time-to-market when deploying Semper Secure NOR memory into their designs.
The inclusion of security hardware will become the norm in product design, but what is amazing to see is how silicon technology has advanced so much that even a basic memory chip now has a processor and armament of protection systems running alongside the main function of the device.