Security Concept

The AVR DU devices are general purpose microcontrollers that offer fundamental security features to implement secure firmware upgrades and authenticate the application firmware. When using the security features correctly, they protect against remote attacks and some PCB-level attacks where the application code is attempted modified to change the product functionality.

The cornerstone of the security features is the Program and Debug Interface Disable (PDID), a mechanism preventing access to the device's reprogrammable Flash memory over the Unified Program and Debug Interface (UPDI). After activating the PDID as described in the section Memories, the UPDI is prevented from making any changes to the device. The UPDI can still read out the device information and CRC status.

The only way to program the device after activating the PDID is by using software stored in the Boot Code section of the Flash to update the Application Code section software. This application-specific software must be able to receive new data and program the Application Code section. It is impossible to alter code stored in the Boot Code section using this mechanism, as the Boot Code section is only accessible using the UPDI.

In addition, there is a separate storage space accessible only by code in the Boot Code section, which can hold any data intended to be accessible only from the Boot Code section. One example of this is a cryptographic key to be used to validate data that are sent to a bootloader to update the application software on the device.

This creates a two-layer security: The device is prevented from being erased or reprogrammed over the UPDI, and the code in the Boot Code section is protected. Secondly, the code in the Boot Code section can use a cryptographic key (that is only accessible by code in this section of Flash) to verify that any new application code that is received for the device software update is authentic.

Using the Program and Debug Interface Disable (PDID) in software requires cryptographic competencies to ensure conformity to cyber-security standards such as ISO/SAE DIS 21434.