numicro m2351 series€¦ · armv8-m cpu (trustzone enabled), 96kb sram, spi quad mode, usb otg...
TRANSCRIPT
![Page 1: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/1.jpg)
NuMicro® M2351 SeriesSecure your innovation
![Page 2: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/2.jpg)
Current Issues with traditional MCUs in IoT
Life Cycle
Attacks
Software
Attacks
Physical
Attacks
1
Communication
Attacks
• Man in The Middle
• Weak cryptography
• Code vulnerabilities
• Buffer overflows
• Interrupts
• Malware
• Code downgrade
• Excess manufacturing
• Integrity vulnerabilities
• Fault injection: clock or power glitch, laser beam
• Side-channel analysis
• Probing, FIB
![Page 3: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/3.jpg)
A New Solution for IoT Security
2
NuMicro® M2351
Support Arm®
PSA and TBSA-M
TrustZone for
Armv8-M
XOM
Anti-Tampering
for system level
Cryptographic
HardwareAccelerators
Secure
Bootloader
Key-Protection ROM
Flash Memory Lock
TRNG
![Page 4: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/4.jpg)
What FEATUREs make M2351 competitive
• With Complete Security Features
3
• Data Protection
• Firmware/ Software
Protection
• Peripheral Operation Protection
• TRNG (True Random
Number Generator)
• SHA-384
• DES /3DES
• AES-256
• ECC (Support Prime
and Binary field)
• Secure Boot Loader
(Secure Boot ROM)
• CRC
• Flash Lock either to secure region or all flash region
• Secure Debug
• Up to Six Tamper-pins
for board level security
Armv8-M TrustZone Cryptographic H/W
Accelerators Root of Trust & Basic Security Anti-Tampering
![Page 5: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/5.jpg)
M2351 Official Launch
Flash
4
4096 KB
256 KB
1024 KB
2048 KB
General Purpose S/W SFI with W77 in SiP
Key features:
Armv8-M CPU (TrustZone
enabled), 96KB SRAM, SPI
Quad mode, USB OTG 1.1,
Crypto, XOM
Possible 512KB, 2MB, 4MB
Winbond’s W77 series Secure
Flash (Exiting M2351 Die
Stacked)
*MP in 2018 3Q **Test SiP 2018 4Q, Mass
Production by Request
512 KB *M2351
• Selling Points of M2351 Series
- TrustZone® for Armv8-M empowered
- Nuvoton Security Functions Strengthened
- Low-power technology for IoT Innovation
- Nuvoton Secure Microcontroller Platform (NuSMP)
� Accept MCU Mass Erase disabled order for embedded Flash memory
� M2351 (Can clear all Flash content) v.s. M2352 (Can’t clear all Flash content)
Key features:
Armv8-M CPU (TrustZone
enabled), 96KB SRAM, SPI
Quad mode, USB OTG 1.1,
Crypto, XOM
**M2353
![Page 6: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/6.jpg)
5
M2351 Series Product Specification
![Page 7: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/7.jpg)
M2351 Series Top 14 Key Features
6
M2351
NuSMP 1.0*
Dual-Bank Flash – Firmware
Upgrade Safe
XOM – Execute Only Memory
for Firmware Protection
Cryptographic Hardware
Accelerators
Flash Lock – Two-Level-Lock
for Secure and All Flash
Support Crystal-less USB
TrustZone for Cortex-M23 CPU
with MPU, IDAU, SAU
Keil MDK, GCC Tool – Free-to-use
Secure Debug – Secure and Non-
Secure zones
KPROM – Key Storage for Secure
System Setting
VAI – Voltage Adjustable
Interface pins
TrustZone Template Generator
Extra OTP Memory – For
Product Lifecycle Management
SEGGER emWin Lib. – Free-to-use
*NuSMP 1.0 coverage: Trusted Boot, Secure OTA F/W
Update, Power Management APIs, PC side crypto tools
![Page 8: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/8.jpg)
M2351 for TEE Metering Example
7
M2351
EBI
Wireless
Module: BT,
WiFi, LoRA….
Keypad, LED
GPIO
SPI
Sensor
SPI / I2C
LCD panel
Non-secure World: User interface,
visual logo, customer applications
Secure World: Key store,
certificate storage, trusted
applications, TEE OS
![Page 9: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/9.jpg)
M2351 for City Waste Bin Control Example
8
M2351
UART
Trash level
sensor
1-axis BaroI2C
3-axis Gyro
I2C
I2C
3-axis ACC
I2C
LTE/LTM, NB-IoT,
LoRA
SPI
GPS Module
Non-secure World: User
interaction interface, visual logo,
RTOS
Secure World: Certificate storage,
key storage, wireless
communication stack, sensors,
TEE OS
![Page 10: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/10.jpg)
To ensure every type of communication stack is well tested and managed for upper layer applications
Elastic for vary standards of wireless connectivity
• So many radio communication standards in IoT era
9
Physical Layer
DataLink Layer
Network Layer
IEE
E
80
2.1
5.4
IEE
E
80
2.1
5.4
Blu
eto
oth
LoR
A
3G
PP
/ N
B-I
oT
Wi-SUN
6LoWPAN
Customer
Application
Comms Buffer
TrustZone / XOM
XOM
Comms Stack
Drivers
RF Interrupts
Non-secure World
Secure World
Hardware
XOM XOM can reside in both Worlds
![Page 11: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/11.jpg)
M2351 for Fingerprint Module Example
10
M2351
EBI
Motor Control
Keypad, LED
GPIO
GPIO
Fingerprint sensor
or module
SPI/ UART
Color LCD panel
Non-secure World: User
interaction interface, visual logo,
customer applications
Secure World: Sensitive data
storage, fingerprint algorithm,
cryptographic algorithms
![Page 12: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/12.jpg)
M2351 Smart Lock demo set
M2351SPI1
UART2
I2C
GPIO
SWD
GPIO
SPI2
UART5
GPIO
LCD
Display
LED
Bluetooth
DRV8830
Motor DriverKEY
Finger
Buzzer
Debug PortICE Debug
Interface
![Page 13: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/13.jpg)
M2351 for Mini POS Example
12
Non-secure World: User interface,
visual logo, customer applications
Secure World: TEE OS, key store,
certificate storage, cryptographic
for data communication
BatteryUSB
Host
Bluetooth
Module
4x GPIOSPISPI
USBUSBADCADC
4x GPIO
SPISPI
16x GPIO
EBIEBI
PWMPWM GPIOGPIO
Printer Keypad
ISO-7816ISO-7816M2351
PSAM
![Page 14: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/14.jpg)
SPI/UART /SDIO
/USB Host
WiFi, LoRA
ZigBee , BLE, NB-IoT
MEMS
SensorsAnalog Sensors
UART/I2C/SPI
I2C /SPIADC
Supersonic, IR Sensor
Timer Capture
Other Sensors
8080/SPI
LCM
EBI /SPI
Secure World:
Algorithms for sensors
Non-secure World:
mbed OS
Mbed IoT Device Example
M2351
13
![Page 15: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/15.jpg)
?
14
Portable security devices for Personal Security
![Page 16: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/16.jpg)
15
Leading Market Position
![Page 17: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/17.jpg)
Security Levels for Different MCUs
C-M0
C-M0+, CM4
MPU
Armv8-M Cortex-M23
MPU + TrustZone
SC000 / SC300
MalwareReadout
Eavesdrop
Cloning / reverse
engineering
Physical attack,
Side channel attack
Authenticity and IntegrityCode/Data Privacy Intellectual Property Physical SecurityProtect
Target
Attack
Type
Required
FunctionsSecure boot, TRNG,
Crypto. IP
Flash Lock Bits
Secure SRAM
TrustZone
XOM
Tamper pins + analog
sensors,Noise generation IP
Flash Re-programingStorage Replacement
Temp./Power/Freq. analysisCircuit probing
Over/Under voltage
Attack
Method
MPU provides critical memory protection
ARMv8-M TrustZone provides secure execution environment
software-based debug
and test
Backdoor attack
inter-chip signal probing
Secure Boot
16
NuMicro® Family
![Page 18: NuMicro M2351 Series€¦ · Armv8-M CPU (TrustZone enabled), 96KB SRAM, SPI Quad mode, USB OTG 1.1, Crypto, XOM ... Secure Debug –Secure and Non-Secure zones KPROM –Key Storage](https://reader036.vdocuments.net/reader036/viewer/2022063022/5fe740e31ce2db568d63ece4/html5/thumbnails/18.jpg)
Thanks for Your [email protected]