6.4 Security Features
| Peripheral | Function | Description | Comments |
|---|---|---|---|
| TrustZone | Security Enclave | Partition secure/non-secure world | Arm technology |
| Cortex MMU | Memory Management Unit | Cortex-A5 Memory Management Unit | – |
| PIO | I/O Control/ Peripheral Access | When a peripheral is not selected (PIO-controlled), I/O lines have no access to the peripheral. | – |
| Freeze | Capability to freeze either the functional part or the physical part of the configuration. | Once the freeze command is issued, no modifications to the current configuration are possible. Only a hardware reset allows a change to the configuration. | |
| Classical Advanced Software Crypto LIbrary (CASCL) | Cryptography | Software ECC (Asymmetric key algorithm, elliptic curves) | Software library(1) |
| Software RSA (Asymmetric key algorithm) | |||
| TDES, TRNG | Hardware-accelerated Triple DES | FIPS-compliant(2) | |
| True Random Number Generator | |||
| AES, SHA | Hardware-accelerated AES up to 256 bits | ||
| SHA up to 512 and HMAC-SHA | |||
| Secure Boot | Code encrypted/decrypted, Trusted Code Authentication | Hardware SHA (HMAC) + Software RSA or AES Hardware (CMAC) | |
| AESB | AES on-the-fly | On-the-fly encryption/decryption for DDR and QSPI memories | AES128 |
| Memories | Scrambling | On-the-fly scrambling/unscrambling for memories | All internal and external memories such as QSPI, DDR, and all memories on SMC |
| ICM | Memory Integrity Check Monitoring | Uses a hardware Secure Hash Algorithm (up to SHA256) | More robust than CRC. All internal and external memories such as QSPI, DDR, and all memories on SMC can be monitored |
| SECUMOD | JTAG | JTAG entry monitor | These tamper pins (JTAG, test, PIOBUs, etc.) can be configured to immediately erase Backup memories (BUSRAM4KB and BUREG256b), or generate an interrupt or a wakeup signal. |
| Test | Test entry monitor | ||
| IO Tamper Pin | 8 tamper detection pins. Active and Dynamic modes supported. | ||
| Secure Backup SRAM | 5 Kbytes scrambled and non-imprinting avoiding data persistance | 4 Kbytes erasable on tamper detection | |
| Secure Backup Registers | 256-bit register bank, scrambled | Erasable on tamper detection | |
| RTC | RTC | Timestamping of tamper events. Protection against bad configuration (invalid entry for date and time are impossible) | All events are logged in the RTC. Timestamping gives the source of the reset/erase memory/interruption |
| RTC robustness against glitch attack on 32 kHz crystal oscillator | – | ||
| Secure Fuse | JTAG Access Control | Disable JTAG access by fuse bit | – |
| Secure Debug Disable | JTAG debug allowed in Normal mode only, not in Secure mode | TrustZone |
Note:
- A PCI-certified Advanced Software Crypto Library (ASCL) is available under NDA.
- Refer to the sections on each peripheral for details on FIPS compliancy.