RSA 1024-bit and
2048-bit keys encryption/decryption support
NIST SP800-90 A/B/C
Random Number Generator (RNG)
16 MHz SPI interface to
communicate security commands between the core and the Secure
Subsystem
Secure Subsystem’s
authorization sessions can be used to prevent various kinds of attacks
or denial of service
Secure Subsystem’s
Advanced Crypto Engine algorithms have achieved JIL HIGH rating and are
certified by FIPS as per Cryptographic Algorithm Validation Program
(CAVP)
Secure Subsystem with
FIPS 140-2 Level 2 with Physical Security Level 3 certification as per
Cryptographic Module Validation Program (CMVP) [in progress]
Advanced Flash Security with
CodeGuard™ Flash Security and Flash OTP:
Secure Boot Segment (BS)
with immutability:
CodeGuard Flash
Security and Flash OTP by Write Inhibit facilitates realizing
secure boot with immutability and external tools
(Debugger/ICSP™) will not have access to read/write/erase the
Boot Segment:
Optionally, as per user configuration, it is possible
to allow an external tool to read the Flash content
User code in
General Segment (GS) will not be capable of
reading/writing/erasing code in Boot Segment (with high-security
setting) via Run-Time Flash Programming/Reading:
Ensures
integrity of the boot code
Code in Boot
Segment cannot modify itself with high security and write
protection enabled
Secure firmware upgrade with
CodeGuard™
CodeGuard provides
protection for on-chip code Flash memory
Provides an environment
to support secure methods for transmitting and receiving data in the
customer end product
Additional Security Features
Include:
Does not allow execution
from RAM
Restricts ICSP
programming/erasing operations for all of Flash memory when Flash OTP by
Write Inhibit is activated, and cannot be deactivated