AN12291 IP Binding on NXP LPC MCUs featuring on-chip Flash Application note
●Introduction
■This application note describes techniques to protect embedded applications on LPC 32-bit ARM microcontrollers (MCUs) from reverse engineering, unauthorized firmware tampering, overproduction and counterfeiting. The protection is provided by binding the firmware and configuration information to the unique physical properties of the SRAM of MCU. The software Intellectual Property (IP) is bound to a specific device by an encryption process that uses cryptographic keys derived from a Physically Unclonable Function (PUF). Since these keys are unclonable and device-unique, the encrypted information that is stored is readable only by the authorized device. This device-unique encryption makes it difficult for an attacker to reverse engineer or modify the firmware. The overall process supports:
▲A device-unique unclonable identity that can be cryptographically authenticated.
▲Code authentication to ensure firmware may only be installed and updated by the OEM.
▲Device-unique encryption keys to protect stored information from cloning, reverse engineering or modification.
▲Optional version number validation to ensure that only new firmware updates are installed to prevent roll-back attacks.
▲Additional confidential information can be protected to support application services. This information may be additional keys, trust roots or configuration information. This sensitive data has the same strong device-unique protection as the firmware and is strongly protected from extraction.
▲Additional secret keys may also be generated by the PUF APIs to support strong device authentication using symmetric keys, public keys and/or public key certificates.
■The process to design and field a secure embedded application using PUF is described. The solution is software-based but has implications on the system design and the manufacturing test process. Software modules are provided for integration with production test fixtures and applications. An IP binding Tool Suite is available to protect firmware and is used to create both factory installed images and images for over-the-air upgrades.
|
|
Application note & Design Guide |
|
|
|
Please see the document for details |
|
|
|
|
|
|
|
English Chinese Chinese and English Japanese |
|
06 November 2018 |
|
Rev. 1.0 |
|
AN12291 |
|
693 KB |
- +1 Like
- Add to Favorites
Recommend
- [经验]瑞萨32位MCU RA2E1如何利用FSP工具生成sci_uart的配置代码
- Renesas Extends Arm Cortex-Based MCU Family with RA4M3 MCU Group for Industrial and IoT Applications
- MindMotion Announced Entry-level MM32G0001 32-bit MCU Equipping with a 48MHz Arm® Cortex®-M0 core
- New RA6M4 MCU Group‘s Integrated Secure Crypto Engine in Concert with Arm® TrustZone® Technology
- Renesas Expands Low-Power Industrial and IoT Applications Reach With New RA4M2 MCU Group in Arm Cortex-Based MCU Family
- Top Chinese 8/32-bit MCU Manufacturers with ARM Cortex-M0, M0+, M3, M4 and Stable Supply
- The High-performance MCU MM32F52 Series featuring the Arm China “STAR-MC1” Processor Is Available for Order
- Leveraging Helium and ARM® Cortex®-M85 for Unprecedented DSP and AI Performance on an MCU Core
All reproduced articles on this site are for the purpose of conveying more information and clearly indicate the source. If media or individuals who do not want to be reproduced can contact us, which will be deleted.