1.10.4 Security Features

Table 1-3. Security Features
Peripheral	Function	Description	Comments
TrustZone	Security Enclave	Partition Secure/Non-secure world.	Arm technology.
Cortex MMU	Memory Management Unit	Cortex-A7 Memory Management Unit.	–
PIO	I/O Control/ Peripheral Access	When a peripheral is not selected (PIO-controlled), IO lines have no access to the peripheral.	–
PIO	Freeze	Capability to freeze either the functional part or the physical part of the configuration.	Once the freeze command is issued, no modifications to the current configuration are possible. Only a hardware reset allows a change to the configuration.
Public Key Coprocessor (CPKCC) and associated Classical Public Key Cryptography Library (CPKCL)	Cryptography	ECC (Asymmetric key algorithm, elliptic curves).	–
		RSA (Asymmetric key algorithm).	–
TDES, TRNG, AES, SHA		Hardware-accelerated Triple DES.	FIPS-compliant⁽¹⁾
		True Random Number Generator.
		Hardware-accelerated AES up to 256 bits.
		SHA up to 512 and HMAC-SHA.
AES, SHA, CPKCC, CPKLC	Secure Boot	Code encrypted/decrypted, Trusted Code Authentication.	Hardware AES: Encrypt, Decrypt, CMAC. Hardware SHA. CPKCC, CPKCL: RSA or elliptic curves.
AES, TDES, SHA, PIT64B, TC	Security and safety analysis and report.	Monitoring on states or sequences, clocks and waveforms. Error detection can occur only in abnormal operating conditions.	–
AES, TDES, SHA, PIT64B, TC	Register access protection.	Checks for incorrect accesses.	–
AES, TDES	Key clearing on event.	Immediate clearing of the key in case of external tamper event detection	–
TZAESB	On-the-fly AES.	On-the-fly encryption/decryption for NFC_RAM, DDR, QSPI and SMC memories, with respect to TrustZone using TZAESBASC.	AES128
TZAESBASC	On-the-fly AES.	Directs data transfer to either the TZAESB secure core or the unsecured TZAESB core.	–
Private Key Bus	Transfers hidden keys to crypto-engines.	Capability to transfer keys to or from AES, TZAESB, TDES, TRNG, OTPC in a manner totally invisible by the software.	–
Memories	Scrambling	On-the-fly scrambling/unscrambling for memories.	SMC, SECURAM, GPBR and QSPI.
ICM	Memory Integrity Check Monitoring	Uses a hardware Secure Hash Algorithm  (up to SHA256).	SMC, DDR, internal SRAM and QSPI .
SECUMOD	JTAG	JTAG entry monitor	These tampers (JTAG, test, PIOBUs, monitors, etc.) can be configured to immediately erase Backup memories (BUSRAM4KB and BUREG256b) or generate an interrupt or a wakeup signal.
	Test	Test entry monitor
	Voltage Monitoring	VBAT monitoring
		VDDCPU monitoring
		VDDCORE monitoring
	Temperature Monitoring	Temperature monitoring
	Frequency Monitoring	32.768 kHz crystal oscillator monitoring.
	Frequency Monitoring	CPU clock monitoring
	IO Tamper Pin	4 tamper detection pins. Active and Dynamic modes supported.
	Secure Backup SRAM (SECURAM)	5 Kbytes scrambled and non-imprinting avoiding data persistance.	4 Kbytes erasable on tamper detection
	Secure Backup Registers	256-bit register bank, scrambled.	Erasable on tamper detection
RTC	RTC	Timestamping of tamper events. Protection against bad configuration (invalid entry for date and time is impossible).	All events are logged in the RTC. Timestamping provides the source of the reset/erase memory/interruption.
RTC	RTC	RTC robustness against glitch attack on 32 kHz crystal oscillator.	–
Secure OTP	JTAG Access Control	Disable JTAG access by OTP bit.	–
Secure OTP	Secure Debug Disable	JTAG debug allowed in Normal mode only, not in Secure mode.	TrustZone
TZWDT	Watchdog	Protects against TrustZone starvation.	TrustZone
GPBR	Peripheral Access and Protection.	GPBR can be write protected, read protected and immediately cleared on external tamper event detection.	–
Physical Unclonable Function	Key Generation	Key creation, derivation, wrapping and management.	Includes NIST SP 800-90B compliant DRNG.

Note:

Refer to each peripheral section for details on FIPS compliance.