ROM combines storage island encryption technology with Taisilicon MCU chip security protection solution

At present, the industry generally uses read-only memory images (ROMs) with dynamic passwords (OTPs) to develop some boot upgrade code logics with high security requirements.

This solution will be burned in once during tape-out, which can prevent users from making changes to the MCU's startup upgrade logic, thereby hiding some security checks or upgrade interaction logic implementations from the source, and protecting the MCU chip program from malicious tampering and upgrades.

However, the MCU chip prepared by this method can only be burned once in its entire life cycle. In the actual chip development process, it is almost impossible for developers to consider all the requirements of the chip at one time. Often, as the chip is mass-produced and applied, it needs to be gradually upgraded.

When the original burned code logic has been solidified, the MCU chip content cannot be modified or further upgraded, and the solidified code logic has been fixed, and there is also a risk of leakage. For this reason, Taishi Micro applied for an invention patent on June 30, 2020, entitled "A method for achieving MCU chip security using ROM combined with storage islands" (application number: 202010606503.9), and the applicant is Shanghai Taishi Microelectronics Co., Ltd.

Based on the relevant information currently disclosed by the patent, let us take a look at this technical solution.

As shown in the figure above, it is a logical flow chart of the method for realizing MCU chip security by combining traditional ROM with storage island invented in the patent. The MCU module mainly includes storage island unit and ROM boot unit. First, it is necessary to write a security program into the system and encrypt the security program with a private key. Secondly, the storage island unit stores the security program encrypted with the private key.

Afterwards, the ROM boot unit responds to the external boot signal and pairs the public key with the security program encrypted by the private key. If the pairing is successful, the ROM boot unit reads the security program and then starts up. If the pairing is unsuccessful, the ROM boot unit cannot read the security program and cannot start up.

In the above system module, by setting up a storage island unit in the MCU module, the content of the storage island unit can be recorded, upgraded and replaced by the burning module, which solves the defect that the traditional ROM cannot be expanded twice. In addition, the content transmitted to the storage island unit by the burning module is encrypted by RSA asymmetric encryption.

The system mainly uses the cloud service module to encrypt the content with a private key. After it is passed to the storage island unit, the encrypted content can only be decrypted by the user using the correct public key. After decryption, the ROM boot unit can read the content in the storage island unit, and then the MCU chip can start normally. This can prevent illegal elements from stealing or cracking the program, and eliminate the breeding of such illegal activities from the root.

Next, let's take a look at the schematic diagram of the cloud service module. As shown in the figure above, the cloud service module is used to store the private key, and the cloud service module uses the private key to encrypt the security program to form a ciphertext.

The user compiles plain text through the IDE on the PC, and then passes the plain text to the cloud server. The cloud server selects different secret keys based on the specific chip, and then uses the secret keys to encrypt the plain text to form ciphertext.

After that, the ciphertext will be passed to the burning module without passing the secret key. The cloud service module can manage the secret key. As long as the secret key is not leaked, even if the criminals get the public key, they cannot crack the ciphertext, and the cracking program cannot run normally, which further protects the rights and interests of software developers.

The above is the solution invented by Taishiwei that uses ROM combined with storage islands to achieve MCU chip security. This solution uses encryption technology and cloud storage technology. Only by decrypting the ROM startup unit can the content in the storage island unit be read, and then the MCU chip can be started normally, thereby preventing illegal elements from stealing or cracking the program.