Secure Flash - The answer to security issues in connected cars and industrial applications

The National Institute of Standards and Technology Computer Security Resource Center explains the advantages of implementing a root of trust in hardware: "A root of trust is a highly reliable hardware, firmware, and software component that performs specific critical security functions. Because roots of trust are inherently trusted, they must be secure by design. To this end, many roots of trust are implemented in hardware so that malicious software cannot tamper with the functionality they provide."

As technology advances continue to drive down IC costs, the cost of systems integrating new generations of ICs is also decreasing. This is also the case with external flash memory, where the advent of secure “smart flash” reduces the work required to implement a root of trust in hardware and incorporate other necessary features.

IV. Secure Flash: A New Generation of Smart Storage

Semiconductor manufacturers are looking for ways to make embedded Flash memory small, but no viable solutions have yet emerged. Small-scale RRAM and MRAM technologies have been widely studied as eFlash alternatives, but data integrity and cost challenges make them unfeasible, especially for mission-critical applications that require high reliability at high temperatures. As of this writing, it is uncertain when (or if) these or other related technologies will be able to deliver embedded storage for mass production.

The inevitable changes caused by the shrinking size have created the need for a new type of secure channel. In this channel, information exchange occurs between the HSM inside the MCU and the encrypted security zone of the external storage device. A promising solution is to abandon the current practice of integrating various types of storage into the processor and integrate the processor into the storage IC, which is smart storage. Figure 3 shows how secure flash memory can establish a secure processing environment that is authenticated and encrypted with the host MCU.

This development trend of a new generation of intelligent storage has the potential to revolutionize the electronics industry. As far as embedded systems are concerned, the technological development will focus on NOR flash memory. NOR flash memory is an ideal non-volatile storage that stores code with persistence and fast random read performance.

Secure NOR Flash, or more simply Secure Flash, provides hardware-protected secure storage for security keys, certificates, hashed passwords, application-specific data, configuration data, code version information, and biometric sensor data for authentication purposes. Secure Flash also enables authenticated and encrypted transactions to prevent unauthorized access and other security threats.

In contrast, current state machine-based storage architectures do not offer the same versatility and performance as embedded processors. For example, strong security requires strong cryptography, which in turn requires strong processing power. Embedded processors also support other security requirements, including HMAC key generation and storage and anti-rollback counters, and can protect firmware, boot images, and system parameters from attacks.

Embedding processing capabilities in storage facilitates the integration of logic to add specific functionality and/or offload workloads from the system’s main SOC/MCU. For example, embedded processing can enable the creation of a hardware root of trust, thereby preventing modification, manipulation, and other security attacks on stored code and data. Alternatively, the processor can run various algorithms, including machine learning algorithms, on raw data and then store the results needed for other system functions.

In addition, new systems can more easily be certified to safety regulations that can be fully or partially certified by running code on embedded processors in smart memory. This can greatly speed up the time to market for new products by simplifying the design and development work required.

Figure 4 shows how Flash memory with built-in intelligent security can meet the performance, reliability, security, and functional safety required by embedded systems. By using standard bus protocols including x4 SPI (QSPI) and x8 HyperBus, intelligent secure Flash memory can work with the host chip to achieve the security level required for demanding interconnect applications while still being fully compatible with existing host chip storage controllers.

For mission-critical applications where failure is not an option, secure flash memory can ensure safe system boot, log critical information, and extend working storage for important functions. Examples of such “fail-safe” applications include: Advanced Driver Assistance Systems (ADAS), portable medical devices, factory automation, defense-grade sensors, and advanced wireless communication systems.

An important aspect of fail-safe is to encrypt the stored code and data to prevent it from being altered or destroyed. By integrating the cryptographic engine with the embedded processor, data can be stored in a secure manner. Considering that the number of logic gates added by storage is much smaller than that required by CPUs and dedicated computing engines, it is more feasible to implement encryption and other advanced functions in smart secure flash memory at a relatively low incremental cost.

The hardware root of trust created by secure flash can provide a secure environment or integrate with the TEE provided by a secure MCU. The root of trust has a critical role in ensuring that the system boots properly, and ideally should be based on the Device Identifier Combination Engine (DICE) standard of the Trusted Computing Working Group. The secure boot process mutually authenticates the flash and the main SOC/MCU to ensure the confidentiality of all transactions crossing the bus, thereby achieving end-to-end protection. And because the flash is intelligent, the verified boot process can be achieved in less than 100 milliseconds, which is required in some application areas.

Being able to securely update the code to the latest version is another important aspect of the secure boot process. This requires ensuring that FOTA or other forms of updates are completed without any tampering or corruption, whether intentional or accidental. If any tampering is detected through version authentication or other means, the backup function can be used to restore the code to a previous known valid version (albeit downgraded). The same function can also be used to protect any device configuration that may exist in non-secure production facilities or service centers.

Embedded intelligence enables secure flash to handle other tasks in addition to protecting stored code and data. For example, support for XIP functionality enables secure flash as a trusted environment to directly execute code, thereby reducing the load on the host MCU. This can also reduce the amount of on-chip RAM required by the MCU, helping to reduce cost and power consumption.

Driven by the most stringent security and functional safety requirements, the automotive and industrial automation markets are the first to adopt secure storage. Because potential vulnerabilities in embedded systems can lead to remote attacks and ultimately threaten the safety of passengers or staff, the functional safety of the system cannot be achieved without ensuring strong security. Therefore, all semiconductor components (including external flash memory devices) for safety-critical applications must comply with the ISO26262 advanced driver assistance system (ADAS) standard and the IEC 61508 industrial system standard. 

It is also very important to continuously monitor the condition of field equipment and perform remote diagnostics and preventive maintenance. Flash memory devices are prone to several failure modes, including flash cell failure due to charge loss or cosmic radiation, delay, power loss failure, etc. These failures must be addressed immediately to ensure high reliability over a service life of more than 20 years.

V. Conclusion

Smart secure flash has gradually been accepted as an alternative to eFlash. As its process size shrinks to below 28nm, the use of eFlash will become increasingly scarce until it disappears completely. The chip can integrate eFlash, but the secure flash solution with integrated HSM function is more advantageous. In both designs, secure flash can transfer code and data between the protected area and the HSM of the host MCU in a cryptographically secure manner through an industry standard bus.

It is expected that designs with secure flash will become more common and even necessary to meet evolving security needs. Attacks are becoming more widespread and sophisticated, regulations are expected to become more stringent, and increased automation will further increase the importance of security and functional safety. To meet these evolving needs while maximizing time to market for new features, design engineers will increasingly rely on the convenience that only smart secure flash can provide.

About the Author

Sandeep Krishnegowda is the Product Director of the Flash Business Unit at Cypress Semiconductor Corporation. He has worked at Cypress’s Memory Products Division for more than a decade in various engineering, management, and marketing roles. He holds a Master’s degree in Electronics and Communications from Rensselaer Polytechnic Institute and a Bachelor’s degree in Electronics and Communications from Wesleyan University.