Add end-to-end embedded security to your next application using Microchip’s embedded products.
With the proliferation of connected embedded devices, the frequency of security attacks is on the rise and retrofitting is no longer an option to counter these threats. But the implementation of security in embedded applications is often considered to be hard and complex. In order to ease the implementation of embedded security and combat such attacks, today’s designers need to adopt an integrated end-to-end approach.
Future Electronics, in partnership with Microchip, recently introduced GoodLock, a unique and trusted board that helps develop and test hardware security solutions for embedded designs. Its advanced features, robust hardware and on-board debugger/programmer make this the perfect cost-effective platform when adding security to a design.
Figure 1. The GoodLock Application Development Platform
What is the GoodLock Platform and How Can it Help With Adding Security to An Embedded Application?
GoodLock is Future Electronics’ comprehensive embedded security development platform that features Microchip’s state-of-the-art SAM L11 microcontroller (MCU), ATECC608 secure element and other system level discrete components from Microchip, enabling evaluation of all key components of a secure embedded application on a single development platform. The development platform implements embedded security using Microchip’s SAM L11 MCU and ATECC608 secure element.
Figure 2. System Block Diagram - GoodLock.
About Microchip’s SAM L11 MCU Family
Microchip’s SAM L11 MCU device family is an Arm® Cortex®-M23 based ultra-low power 32-bit microcontroller with embedded security. The MCU provides robust security against remote attacks with Arm TrustZone®, secure boot, crypto acceleration and secure key storage.
Security features within the SAM L11 MCU family:
● Secure Boot: The SAM L11 includes a boot ROM designed to facilitate an immutable secure boot to ensure the system root of trust during deployment or execution of secure firmware.
● Arm TrustZone technology allows the creation of a secure zone within the SAM L11 MCU which restricts access to specific memory, peripheral and I/O components. It partitions the MCU into trusted (secure) and non-trusted (non-secure) zones and isolates sensitive data from the non-critical data. This secure zone combined with immutable secure boot, creates a Trusted Execution Environment (TEE) to counteract malware effectively.
Figure 3. Secure Zone Partitioning on SAM L11
In addition to security, the SAM L11 MCU features general purpose embedded control capabilities with an enhanced Peripheral Touch Controller (PTC), industry best in the same class of MCU certified low-power specifications and advanced analog features like 12-bit 1 MSPS ADC, analog comparator, operational amplifiers and more.
GoodLock’s Built-in Demos
Learn more about the critical security concepts of the SAM L11 MCU by exploring the following demos that are all built into the GoodLock development platform.
● Hacker Demo: This demo illustrates the use of TrustZone technology in the SAM L11 MCU, helping partition the CPU and memory into trusted and non-trusted zones to prevent software attacks. This application allows the user to attempt malicious attacks on secure code and the SAM L11 system. This demo shows how the SAM L11 counteracts such malicious attacks by detecting them and protecting the secret information within the secure application.
● Secure Bootloader: Many modern embedded systems come with bootloader, which allows application firmware updates to fix errors or add new features. Such firmware updates are vulnerable to interception during data transfer from external sources thereby risking loss of intellectual property. One way to solve this problem is to use a secure bootloader and distribute only encrypted images of the firmware to the public. This demo illustrates the secure bootloader functionality of the SAM L11 MCU to verify the desired (genuine) application code is executed on the product, thus ensuring that the product’s critical functionality is not tampered or altered. Secure bootloader uses symmetric cryptography to enable secure firmware upgrades.
About Microchip’s ATECC608 Secure Element
A secure element is a tamper-resistant secure chip that embeds intrinsic countermeasures to provide an extra layer of security to protect your application from physical attacks.
The GoodLock platform has two keys with Microchip’s ATECC608-TFLXTLS secure element, which is the TrustFLEX secure element part of Microchip’s Trust Platform. The device comes pre-configured, implementing the most common authentication algorithms used in the embedded industry by default. These algorithms include complete asymmetric (public/private) key cryptographic signature solutions based upon elliptic curve cryptography (ECC) and the elliptic curve digital signature algorithm (ECDSA) protocol.
The TrustShield Development Platform
The TrustShield board, developed using the Trust Platform design suite, is a cost-effective and flexible solution for onboarding the secure elements in your design, accelerating your product’s time to market. The TrustShield board can be used in a standalone application or can be paired with the GoodLock platform for an Authentication demo.
Figure 4. The TrustShield Board
The Authentication demo exhibits various stages of the node authentication sequence using the public key, asymmetric techniques of Microchip’s ATECC608-TFLXTLS (TrustFLEX) device. In addition to security, the GoodLock development platform is serviced by a wide range of discrete products from Microchip. Furthermore, the GoodLock board also features a MikroElektronika expansion header (MikroBUS™ socket) and an OLED display which provides the ability to add a user interface to develop an end application. Developing security applications using the GoodLock platform is simple, modular and can be used by every developer regardless of security expertise.
The GoodLock platform comes pre-loaded with the authentication demo, working out of the box.
You can build your security application in just a few hours when you download the SAM L11 based demos.
The GoodLock platform comes with pre-loaded firmware and the TrustShield Click™ board to develop your custom provisioning solutions for ATECC608.
Learn more about the GoodLock platform by joining us for a webinar on July 1, 2020. Register here. Or visit Future Electronics GoodLock and start developing your SAM L11 based secure embedded applications today.