Today’s embedded processors are increasingly including built-in security features to enable robust cybersecurity in IoT devices. Features such as secure storage, hardware cryptographic accelerators, hardware root of trust, secure boot, trusted execution environments, and port locking are key processor elements needed for a truly secure connected device.
Let’s talk in a little more detail about these processor security building blocks.
Memory types or regions protected from unauthorized (unauthenticated) access are broadly known as secure storage. This storage ranges from one-time programmable read-only memory to protected volatile (RAM) and non-volatile (typically flash) memory. These memory blocks are be used for key storage or, in some cases, the storage of other protected data such as boot code. In addition, cryptography can be used to protect stored code and data.
Secure devices typically rely on a collection of symmetric (private key) and asymmetric (public/private key pairs) encryption algorithms for authentication and data protection. While these algorithms can be implemented in software, they are more quickly, efficiently, and securely implemented in hardware by on-chip cryptography accelerators. For example, AES, RSA, SHA, and ECC are just a sample of the encryption standards supported by NXP Semiconductor’s i.MX 8M processor in its security module.
A hardware root of trust is a device-specific immutable key used to provide the fundamental security foundation for an embedded software stack. Some modern processors even generate this root key from physical characteristics unique to each chip. PUF, or physically unclonable function, is an example of this approach that is currently offered in some secure processors. Combined with a hardware secure boot process, the embedded engineer can ensure that the code run at boot time is authentic and secure. This root of trust can then be extended through code signing up to the IoT device application code.
A Trusted execution environment is a secure zone within a processor where only authorized and protected code is run and data is stored. This region is not directly accessible by other processor blocks including off-chip interfaces. Security critical code can be executed without concern that operations or data will be exposed to less secure processor blocks. Arm TrustZone is an example of this approach to protecting high-value code and data.
Port locking is a feature used to disable ports, such as JTAG, prior to shipping finished products. Only I/O interfaces used by the end application should be enabled in the field if possible. Unprotected ports are one of the first attack vectors hackers look for when attempting unauthorized access to a device. Open JTAG debug ports, for example, have provided an easy backdoor for access and exploitation of many IoT devices.
This list of security features isn’t meant to be exhaustive. Processor suppliers continue to add new security capabilities for protection against increasingly sophisticated attacks from a range of bad actors. A complete embedded security stack leverages these features along with software tools and best practices to create the security-in-depth approach needed to fully secure modern IoT devices and networks today and into the future. However, all too often these fundamental hardware security features are improperly used or ignored altogether because of the learning curve faced by embedded engineers without cybersecurity expertise or the time pressure to bring products to market as quickly as possible. It is our mission here at BG Networks to simplify this process so that all IoT devices are fully secure starting with the embedded processor.
BG Networks’ BGN-SAT security automation tools simplify the process of configuring and activating your processor’s security features to provide a cybersecurity foundation for your embedded IoT products.
Not sure what security features your next design needs? BG Networks’ embedded security experts can help you with your processing platform selection and security architecture design.
