DESIGN SOLUTIONS » IoT endpoint & edge applications
4. The RA devices incorporate hardwarebased security features from simple AES acceleration to fully-integrated crypto subsystems isolated within the MCU. The Secure Crypto Engine provides symmetric and asymmetric encryption and decryption, hash functions, the latest encryption algorithms, RSA/ DSA/ ECC/AES/SHA, true random number generation (TRNG), and advanced key handling, including key generation and MCU-unique key wrapping. An access management circuit shuts down the crypto engine if the correct access protocol is not followed, and dedicated RAM ensures that plaintext keys are never exposed to any CPU or peripheral bus. ESPECIALLY THE LAST ITEM OF YOUR RA FAMILY IS OF SPECIFIC INTEREST, COULD YOU PLEASE DESCRIBE YOUR SECURITY STRATEGY A BIT MORE? The RA MCU family provides a cost-effective, scalable, and power-efficient security solution to support the needs of tomorrow’s embedded systems. Our customers can choose among many, incrementally sophisticated but easy-to-use solutions, starting with MCU devices that provide hardware acceleration for cryptographical operations, and a true random number generator. The next feature level includes systemlevel programmable MPUs to enhance security, reliability and availability of the system, and a crypto engine that shields and protects the crypto resources from malicious or unintentional usage. At the top level, TrustZone-enabled cores provide built-in isolation and security embedded at processor level. With this broad portfolio, Renesas supports customers’ security roadmaps with optimized options that meet their unique business needs. To support customers requiring specific certifications, we offered NIST and PSA Level 1 certifications already at launch time, and we will certify additional industryrecognized standards as required. WHAT SORT OF TAMPER RESISTANCE IS INCLUDED? The measures included in the RA Family MCUs are quite wide, we can basically talk about 5 different approaches to help our customers best making their design tamper resistance. 1. The RA MCUs can detect tampering attempts by monitoring dedicated pins connectable to environmental sensors or switches attached to the housing of www.international.electronica-azi.ro
2.
3.
4.
5.
the equipment. A tamper attempt triggers a timestamping of the real time clock (for logging and auditing purposes) and flag the incident to the processor in order to perform the required countermeasures. The secure crypto engine embedded in the MCU is protected by a hardware firewall enforcing execution of a Renesas pre-defined and validated sequence of commands and data inputs. Monitoring of the procedure is essential to ensure no tampering of the expected procedure takes place by means of malicious software or intrusive probing via debuggers. Only validated procedures can proceed and produce the expected outputs. Users can also lock the included Flash memory to prevent accidental or malicious modification by means of self-programming software or external agents. The debugger and factory programming interfaces can be secured against nonauthorized access or disabled before deployment in the field. Additionally, we are in the process of evaluating resistance to SPA/DPA side channel attacks, to prevent extraction of security relevant information by means of non-intrusive power and emissions analysis during chip operation.
WHAT IS THE CUSTOMER DEMAND FOR TRUSTZONE? Customers seldom ask for a specific technology; they are more interested in a solution. We see a steady, increased awareness of the critical role that security plays in embedded design and the need to consider security, strategically, from the early stages of design. TrustZone is a hardwareassisted technology included within the latest Arm MCU cores that allows customers to achieve such goals in a flexible and programmable way. Later Renesas RA CortexM33-based devices will include TrustZone. WHAT IS RENESAS’ STRATEGY FOR THE RA ECOSYSTEM? HOW WILL YOU ENGAGE WITH THIRD PARTIES? Renesas built the RA Family product line around flexibility and openness. The FSP (Flexible Software Package) is built such that developers can either leverage the out-of-box options or easily use their own resources and combine software building blocks from several providers to get to market quicker, depending on their needs and existing investments.
Renesas is heavily engaging the Arm partner ecosystem as well as key Renesas partners to develop software and hardware building blocks that will work with the RA MCUs out of the box. The RA Family ecosystem will help accelerate the development of IoT applications, including core technologies such as security, safety, connectivity, HMI, and AI among others. More than 30 partners are already and further ones will be closely integrated in early 2020 into the Renesas partner ecosystem and the building block solutions they create will have a close plug & play association to the Renesas RA family. Renesas will also tightly integrate partners and partner solutions holistically into its promotion and marketing plans with direct exposure to Renesas customers. ARE ALL RA FAMILY PRODUCTS COMPATIBLE? Yes, they are highly compatible, as they are based on the same library of our leading peripherals and IPs. Of course, we are incorporating some evolutionary upgrades on later devices. Customer designs are made easier with RA devices offering compatibility among their peripheral feature set, the pin layout between the different packages, and all this across the different MCU groups. WILL THE RA FAMILY HAVE A PRODUCT LONGEVITY PROGRAM LIKE OTHER RENESAS MCUs? With our long history enabling industries that require long and reliable device life cycles, such as industrial, healthcare, and automation, we recognize the importance role that PLP (product longevity program) plays in product design. Renesas will support the longevity program for RA MCU devices, targeting a 15-year PLP statement. WHERE DOES THE RA FIT INTO RENESAS’ MCU STRATEGY WITH SYNERGY? Renesas Synergy is a fantastic value proposition for those customers who appreciate an “off the shelf” software solution, including customers managing limited resources or specialized in-house expertise. For customers who want to utilize their existing inhouse infrastructure, the RA Family offers a flexible open software approach. Between the two solutions, Renesas enables customers across the design spectrum, offering different development options depending on the customers’ preferred approach. Thank you! 15