Titan silicon root of trust for Google Cloud
|
|
- Jacob Ryan
- 5 years ago
- Views:
Transcription
1 Scott Johnson Dominic Rizzo Secure Enclaves Workshop 8/29/2018 Titan silicon root of trust for Google Cloud 1
2 Cloud Perspective: We need a silicon root of trust Software infrastructure Datacenter equipment Silicon root of trust 2
3 Chip Requirements Trusted Machine Identity 1 First Instruction Integrity 2 Tamper-evident logging 3 On-chip verified boot Cryptographic identity & secure mfg Boot Firmware signature check + monitor Silicon physical security Transparent development, full-stack Trusted implementation 4 3
4 Titan system integration PCH / BMC SPI SPI CPU Chipset TITAN Memory subsystem Storage and networking subsystem Reset and power control Boot FW flash 4
5 What is Titan? Secure low-power microcontroller designed with cloud security as first-class consideration Not just a chip, but the supporting system and security architecture + manufacturing flow 5
6 Why make our own? Implementation transparency Complete ownership, auditability, build local expertise Agility & velocity Technology changes, new risk vectors arrive No existing solutions Vendor-agnosticity, custom features 6
7 Titan specifications Titan Debug ports Embedded 32b processor Memory PMU Testability / MFGability jitter RC timer RC Test ports Low speed RC Peripherals 8kB ROM 64kB SRAM EC/RSA crypto USB kB Flash AES/SHA/HMAC UART 1kb OTP (Fuse) Key manager SPI mstr/slv TRNG I2C mstr/slv timers GPIO Defenses Shield Temp sense Volt sense Device state Muxable data ports Muxable data ports Alert resp 7
8 Interesting subunits Flash 2 banks for code storage, in-field upgrades, partial secret material Fuse Security settings, partial secret material, device state tracking, feature enablement Crypto units AES, SHA/HMAC, big-int accelerator for EC, RSA (microcoded) Key manager Custom control of key generation and storage TRNG Custom analog design, low power, uses ring-oscillator instability Internal clocks Spread-spectrum jittery clock for random behavior, fixed-frequency for communication 8
9 Verified Boot 9
10 ROM compare versions + verify + jump BOOT LOADER Flash B SIGN APPLICATION Flash A compare versions + verify + jump SIGN HW Flash A VER BOOT ROM SIGN BIST VER RESET BOOT LOADER VER test + jump SIGN VER Verified boot within Titan APPLICATION Flash B Each stage verifies the next Earlier stages do security settings, lock out further access Permission levels drop at each stage, protecting critical control points Splitting flash code into banks allows two copies: live-updatable Code signing taken seriously; multiple key holders, offline logs, playbooks 10
11 1 compare versions + verify + jump 3 BOOT LOADER Flash B SIGN VER compare versions + verify + jump SIGN ROM APPLICATION Flash A VER HW BOOT LOADER Flash A SIGN BOOT ROM VER BIST SIGN test + jump RESET 2 VER Verified boot within Titan APPLICATION 6 Flash B 5 Test logic (LBIST) and ROM (MBIST); if fail stay in reset; else jump to ROM Compare bootloader (BL) versions A + B; choose most recent Verify BL signature; if fail, retry with other BL; if fail, freeze Compare firmware application (FW) versions A + B; choose most recent Verify FW signature; if fail, retry with other FW; if fail, freeze Execute successfully verified FW 11
12 Trusted identity 12
13 Trusted chip identity TEST PERSONALIZE REGISTER MANUFACTURING SHIP INSTALL ATTEST PRODUCTION Establish trust at manufacturing Each tested device uniquely identified (personalized) Assigned a serial number, unique but not secret Self-generates a cryptographically strong Identity Key Identity registered in off-site secure database Parts shipped, put onto datacenter devices for production Parts available for attestation, proof that they are ours 13
14 Key manager creates chip identity key Dedicated hardware execution Processor walks FSM commands Keys inaccessible to processor Identity = crypto_hash of partial secrets Each comes from a different silicon technology processor cmd key manager Partial secrets from a variety of silicon technologies key storage Requires attackers to defeat each Export enabled if FSM complete Export disabled after manufacture HASH export 14
15 Trusted identity (registration) perso FW Remote registry Device Identity message Air gap Tester Offline certificate authority Secure channel Personalization firmware loaded Identities signed by offline certificate authority Chip creates identity message Certificate available for installation Identity exported to registry via secure channel Identity available for later query 15
16 Life cycle tracking using OTP Fuses After manufacturing, must continue to guarantee authenticity Define six stages, and what is enabled in each stage Raw: no features enabled, deters wafer theft Test: enable test features only, no production features Development: enable production-level features for lab bringup Production: final production features, no testability, unique keys RMA (return for test): re-enable testability, no more production RIP: after RMA or mfg failure, permanently disable device Burnable fuses track life cycle from manufacturing to production Each stage transition a one-way street 16
17 Life cycle tracking using OTP Fuses Burn fuse RAW MFG Test PROD DEV RMA RIP 17
18 First instruction integrity 18
19 First instruction integrity Titan interposes on SPI, between host and system firmware Flash At system reset, does signature check of FW Signature OK enables system Signature fail alerts of failure SPI SPI Device (PCH/BMC) Titan Flash Live monitoring Snoops SPI for illegal activity Unauthorized actions converted to harmless commands Reset control 19
20 SPI interposition The challenges of SPI interposition Vendor agnostic requires flexibility SPI does not have flow control Passthrough latency must be minimized Chip & board timing a challenge Can affect boot latency Snoop / control logic Safe command Incoming SPI bus from host Outgoing SPI bus to flash 20
21 Physical and tamper-resistant security 21
22 Physical security & countermeasures Anti-glitch / anti-tamper mechanisms Attack detection (glitch, laser, thermal, voltage, probe) Fuse, key storage, clock, and memory integrity checks Memory and bus scrambling and protection Register and memory-range address protection and locking TRNG entropy monitoring Boot-time and live-status checks Only internal clocks, internal code 22
23 Physical security & countermeasures Physical defenses Glitch Voltage Online checks Alert send Alert send Keymgr integrity Alert send Alert send TRNG integrity Alert send Clk integrity Alert send Bus parity Alert responder Light Temperature Alert send Alert send Interrupt NMI Freeze Reset 23
24 That s a wrap 24 24
Scott Johnson Dominic Rizzo Parthasarathy Ranganathan Jon McCune Richard Ho. Titan: enabling a transparent silicon root of trust for Cloud
Scott Johnson Dominic Rizzo Parthasarathy Ranganathan Jon McCune Richard Ho Titan: enabling a transparent silicon root of trust for Cloud 1 Talk outline 01 02 03 04 05 Motivation and problem statement
More informationConnecting Securely to the Cloud
Connecting Securely to the Cloud Security Primer Presented by Enrico Gregoratto Andrew Marsh Agenda 2 Presentation Speaker Trusting The Connection Transport Layer Security Connecting to the Cloud Enrico
More informationAT90SDC10X Summary Datasheet
AT90SDC10X Summary Datasheet Features General twincore Secure Dual Core Architecture - 135 Powerful s (Most Executed in a Single Clock Cycle) Total isolation between Master & Secure Cores Secure Inter-Core
More informationProvisioning secure Identity for Microcontroller based IoT Devices
Provisioning secure Identity for Microcontroller based IoT Devices Mark Schaeffer, Sr. Product Marketing Manager, Security Solutions Synergy IoT Platform Business Division, Renesas Electronics, Inc. May
More informationSecuring IoT devices with STM32 & STSAFE Products family. Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region
Securing IoT devices with STM32 & STSAFE Products family Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region 2 The leading provider of products and solutions for Smart Driving and
More informationCSPN Security Target. HP Sure Start HW Root of Trust NPCE586HA0. December 2016 Reference: HPSSHW v1.3 Version : 1.3
CSPN Security Target HP Sure Start HW Root of Trust NPCE586HA0 December 2016 Reference: HPSSHW v1.3 Version : 1.3 1 Table of contents 1 Introduction... 4 1.1 Document Context... 4 1.2 Product identification...
More informationAtmel Trusted Platform Module June, 2014
Atmel Trusted Platform Module June, 2014 1 2014 Atmel Corporation What is a TPM? The TPM is a hardware-based secret key generation and storage device providing a secure vault for any embedded system Four
More informationSecure RISC-V. A FIPS140-2 Compliant Trust Module for Quad 64-bit RISC-V Core Complex
Secure RISC-V A FIPS140-2 Compliant Trust Module for Quad 64-bit RISC-V Core Complex Shumpei Kawasaki, Murthy Vedula, Software Hardware Consulting Group Kesami Hagiwara, Cong-Kha Pham, University of Electro-Communications
More informationThe Next Steps in the Evolution of Embedded Processors
The Next Steps in the Evolution of Embedded Processors Terry Kim Staff FAE, ARM Korea ARM Tech Forum Singapore July 12 th 2017 Cortex-M Processors Serving Connected Applications Energy grid Automotive
More informationSecurity in NVMe Enterprise SSDs
Security in NVMe Enterprise SSDs Radjendirane Codandaramane, Sr. Manager, Applications, Microsemi August 2017 1 Agenda SSD Lifecycle Security threats in SSD Security measures for SSD August 2017 2 SSD
More informationAT90SO36 Summary Datasheet
AT90SO Summary Datasheet Features General High-performance, Low-power -/-bit Enhanced RISC Architecture Microcontroller - Powerful Instructions (Most Executed in a Single Clock Cycle) Low Power Idle and
More informationA Developer's Guide to Security on Cortex-M based MCUs
A Developer's Guide to Security on Cortex-M based MCUs 2018 Arm Limited Nazir S Arm Tech Symposia India Agenda Why do we need security? Types of attacks and security assessments Introduction to TrustZone
More informationAT90SO72 Summary Datasheet
AT90SO Summary Datasheet Features General High-performance, Low-power -/-bit Enhanced RISC Architecture Microcontroller - Powerful Instructions (Most Executed in a Single Clock Cycle) Low Power Idle and
More informationTrusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July IETF 99 th, Prague
Trusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July 2017 -- IETF 99 th, Prague 2 What do we mean by security? Communication Security Aims
More informationProject Cerberus Hardware Security
Project Cerberus Hardware Security Bryan Kelly / Principal Firmware Eng Manager Microsoft Azure Cloud Hardware Infrastructure Yigal Edery / Principal Program Manager Microsoft Azure Security Talk Outline
More informationMarket Trends and Challenges in Vehicle Security
Market Trends and Challenges in Vehicle Security FTF-AUT-F0080 Richard Soja Automotive MCU Systems Engineer A P R. 2 0 1 4 TM External Use Microcontrollers and Digital Networking Processors A Global Leader
More informationThe purpose of this course is to provide an introduction to the RL78's flash features and archectecture including security features, code and data
1 The purpose of this course is to provide an introduction to the RL78's flash features and archectecture including security features, code and data flash organization as well as self and external programming
More informationBuilding secure devices on the intelligent edge with Azure Sphere. Paul Foster, Microsoft Dr Hassan Harb, E.On
Building secure devices on the intelligent edge with Azure Sphere Paul Foster, Microsoft Dr Hassan Harb, E.On Microcontrollers (MCUs) low-cost, single chip computers 9 BILLION new MCU devices built and
More informationM2351 Trusted Boot. Application Note for 32-bit NuMicro Family
M2351 Trusted Boot Application Note for 32-bit NuMicro Family Document Information Abstract Apply to Introduce the M2351 Secure Bootloader, Secure Boot verification mechanism, and how it works to perform
More informationBCM58100B0 Series: BCM58101B0, BCM58102B0, BCM58103B0 Cryptographic Module VC0 Non-Proprietary Security Policy Document Version 0.
BCM58100B0 Series: BCM58101B0, BCM58102B0, BCM58103B0 Cryptographic Module VC0 Non-Proprietary Security Policy Document Version 0.8 Broadcom Ltd. Revision Date: 2016-05-25 Copyright Broadcom 2016. May
More informationM2351 Security Architecture. TrustZone Technology for Armv8-M Architecture
Architecture TrustZone Technology for Armv8-M Architecture Outline NuMicro Architecture TrustZone for Armv8-M Processor Core, Interrupt Handling, Memory Partitioning, State Transitions. TrustZone Implementation
More informationAVR XMEGA Product Line Introduction AVR XMEGA TM. Product Introduction.
AVR XMEGA TM Product Introduction 32-bit AVR UC3 AVR Flash Microcontrollers The highest performance AVR in the world 8/16-bit AVR XMEGA Peripheral Performance 8-bit megaavr The world s most successful
More information6.857 L17. Secure Processors. Srini Devadas
6.857 L17 Secure Processors Srini Devadas 1 Distributed Computation Example: Distributed Computation on the Internet (SETI@home, etc.) Job Dispatcher Internet DistComp() { x = Receive(); result = Func(x);
More informationNew STM32WB Series MCU with Built-in BLE 5 and IEEE
New STM32WB Series MCU with Built-in BLE 5 and IEEE 802.15.4 Make the Choice of STM32WB Series The 7 keys points to make the difference 2 Open 2.4 GHz radio Multi-protocol Dual-core / Full control Ultra-low-power
More informationDelivering High-mix, High-volume Secure Manufacturing in the Distribution Channel
Delivering High-mix, High-volume Secure Manufacturing in the Distribution Channel Steve Pancoast Vice President, Engineering Secure Thingz Inc Rajeev Gulati Vice President and CTO Data IO Corporation 1
More informationTrusted Platform Modules Automotive applications and differentiation from HSM
Trusted Platform Modules Automotive applications and differentiation from HSM Cyber Security Symposium 2017, Stuttgart Martin Brunner, Infineon Technologies Axiom: Whatever is connected can (and will)
More informationAzure Sphere Transformation. Patrick Ward, Principal Solutions Specialist
Azure Sphere Transformation Patrick Ward, Principal Solutions Specialist IoT @_pdubya pward@microsoft.com Microcontrollers (MCUs) LOW-COST, SINGLE CHIP COMPUTERS TMS1100: 300 KHz core, 2KB ROM, 64B RAM,
More informationBeyond TrustZone Security Enclaves Reed Hinkel Senior Manager Embedded Security Market Develop
Beyond TrustZone Security Enclaves Reed Hinkel Senior Manager Embedded Security Market Develop Part2 Security Enclaves Tech Seminars 2017 Agenda New security technology for IoT Security Enclaves CryptoIsland
More informationChip Lifecycle Security Managing Trust and Complexity
Chip Lifecycle Security Managing Trust and Complexity Dr. Martin Scott July 2016 Connected Endpoints Are The New Mobile 2 50 billion connected devices by 2020 Unprecedented Data Proliferation Cloud Endpoint
More informationNew System Solutions for Laser Printer Applications by Oreste Emanuele Zagano STMicroelectronics
New System Solutions for Laser Printer Applications by Oreste Emanuele Zagano STMicroelectronics Introduction Recently, the laser printer market has started to move away from custom OEM-designed 1 formatter
More informationIntroduction to ARM LPC2148 Microcontroller
Introduction to ARM LPC2148 Microcontroller Dr.R.Sundaramurthy Department of EIE Pondicherry Engineering College Features of LPC2148 in a Nut Shell CPU = ARM 7 Core Word Length = 32 Bit ROM = 512 KB RAM
More informationTrojan-tolerant Hardware & Supply Chain Security in Practice
Trojan-tolerant Hardware & Supply Chain Security in Practice Who we are Vasilios Mavroudis Doctoral Researcher, UCL Dan Cvrcek CEO, Enigma Bridge George Danezis Professor, UCL Petr Svenda CTO, Enigma Bridge
More informationHello, and welcome to this presentation of the STM32L4 System Configuration Controller.
Hello, and welcome to this presentation of the STM32L4 System Configuration Controller. 1 Please note that this presentation has been written for STM32L47x/48x devices. The key differences with other devices
More informationSicherheitsaspekte für Flashing Over The Air in Fahrzeugen. Axel Freiwald 1/2017
Sicherheitsaspekte für Flashing Over The Air in Fahrzeugen Axel Freiwald 1/2017 All OEMs Will Implement Software OTA As Soon As Possible IHS Study Motivation: Save on recalls caused by software bugs Evolution
More informationNew STM32WB Series MCU with built-in Bluetooth 5 and IEEE
New STM32WB Series MCU with built-in Bluetooth 5 and IEEE 802.15.4 Make the Choice of STM32WB Series The 7 keys points to make the difference 2 Open 2.4 GHz radio Multi-protocol Dual-core / Full control
More informationPast, Present, and Future Justin Johnson Senior Principal Firmware Engineer
Dell Firmware Security Past, Present, and Future Justin Johnson Senior Principal Firmware Engineer justin.johnson1@dell.com Dell Security 2 What does BIOS do? Configure and Test System Memory Configure
More informationIntel Software Guard Extensions
Intel Software Guard Extensions Dr. Matthias Hahn, Intel Deutschland GmbH July 12 th 2017 cryptovision Mindshare, Gelsenkirchen Intel SGX Making Headlines Premium Content requiring Intel SGX on PC Intel
More informationFIPS Security Policy
Version 1.8 Last Update: 09/4/2014 1 WideBand Corporation 401 West Grand Street, Gallatin, MO 64640, USA 1 The actual module is a single chip within the depicted package WideBand Corporation, 2014 and
More informationUltra Low Power Microcontroller - Design Criteria - June 2017
Ultra Low Power Microcontroller - Design Criteria - June 2017 Agenda 1. Low power technology features 2. Intelligent Clock Generator 3. Short wake-up times 4. Intelligent memory access 5. Use case scenario
More informationMS6003 Summary Datasheet
MS6003 Summary Datasheet Features General Based on the ARM SC300 SecureCore 32-bit RISC Processor featuring: - Harvard architecture - Thumb2 High-code-density Instruction Set - 3-stage pipeline architecture
More informationBig and Bright - Security
Big and Bright - Security Big and Bright Security Embedded Tech Trends 2018 Does this mean: Everything is Big and Bright our security is 100% effective? or There are Big security concerns but Bright solutions?
More informationSmart cards are made of plastic, usually polyvinyl chloride. The card may embed a hologram to prevent counterfeiting. Smart cards provide strong
Smart Cards By: Definition Smart cards, chip card, or integrated circuit card (ICC) are card with embedded integrated circuits that contain a computer chip capable of carrying out a cryptographic protocol.
More information#RSAC #RSAC Thing Thing Thing Thing Thing Thing Edge Edge Gateway Gateway Cut costs Create value Find information in data then act Maintain Things Enrol Authorized Users & Things Authentication
More informationZatara Series ARM ASSP High-Performance 32-bit Solution for Secure Transactions
1 ARM-BASED ASSP FOR SECURE TRANSACTIONS ZATARA SERIES 32-BIT ARM ASSP PB022106-1008 ZATARA SERIES ADVANTAGE SINGLE-CHIP SOLUTION BEST FEATURE SET IN POS PCIPED PRE-CERTIFIED EMV L1 CERTIFIED TOTAL SOLUTION
More informationTerra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006)
Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006) Trusted Computing Hardware What can you do if you have
More informationLecture Secure, Trusted and Trustworthy Computing Trusted Platform Module
1 Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Winter Term 2016/17 Roadmap: TPM
More informationDemonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions. Andrei Costin
Demonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions Topic Prerequisites Security concepts Security-related concepts (e.g., entropy) Virtualization
More informationHello, and welcome to this presentation of the STM32F7 System Configuration Controller.
Hello, and welcome to this presentation of the STM32F7 System Configuration Controller. 1 STM32F7 microcontrollers feature a set of configuration registers. The System Configuration Controller gives access
More informationARM TrustZone for ARMv8-M for software engineers
ARM TrustZone for ARMv8-M for software engineers Ashok Bhat Product Manager, HPC and Server tools ARM Tech Symposia India December 7th 2016 The need for security Communication protection Cryptography,
More informationThe Future of Security is in Open Silicon Linux Security Summit 2018
The Future of Security is in Open Silicon Linux Security Summit 2018 Joel Wittenauer - Embedded Software Architect Rambus Cryptography Research August 28, 2018 Agenda About Rambus Cryptography Research
More informationThe Future of Smart Cards: Bigger, Faster and More Secure
The Future of Smart Cards: Bigger, Faster and More Secure Joerg Borchert, Vice President, Secure Mobile Solutions July 16, 2003 Page 1 N e v e r s t o p t h i n k i n g. Infineon Technologies: Overview
More informationARM Security Solutions and Numonyx Authenticated Flash
ARM Security Solutions and Numonyx Authenticated Flash How to integrate Numonyx Authenticated Flash with ARM TrustZone* for maximum system protection Introduction Through a combination of integrated hardware
More informationHow multi-fault injection. of smart cards. Marc Witteman Riscure. Session ID: RR-201 Session Classification: Advanced
How multi-fault injection breaks Title the of Presentation security of smart cards Marc Witteman Riscure Session ID: RR-201 Session Classification: Advanced Imagine you could turn your BART EZ Rider fare
More informationMassively Parallel Hardware Security Platform
Massively Parallel Hardware Security Platform Dan Cvrček, Enigma Bridge, UK dan@enigmabridge.com Petr Švenda, CRoCS, Masaryk University, CZ svenda@fi.muni.cz Overview 1. Cryptography as a Service 2. Usage
More informationLecture Secure, Trusted and Trustworthy Computing Trusted Platform Module
1 Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Winter Term 2017/18 Roadmap: TPM
More information4. SECURITY ASPECTS IN EMBEDDED SYSTEMS
4. SECURITY ASPECTS IN EMBEDDED SYSTEMS 4.0 Introduction Now a day embedded systems and other wireless devices are increasingly being connected to each other and are very much involved in network communications.
More informationThe Software of Things T Y S O N T U T T L E C E O S I L I C O N L A B S A S P E N C O R E C E O S U M M I T S H E N Z H E N 8 N O V E M B E R 2018
The Software of Things T Y S O N T U T T L E C E O S I L I C O N L A B S A S P E N C O R E C E O S U M M I T S H E N Z H E N 8 N O V E M B E R 2018 Most technology we ve built so far was for the Internet
More informationBlackVault Hardware Security Platform SECURE TRUSTED INTUITIVE. Cryptographic Appliances with Integrated Level 3+ Hardware Security Module
BlackVault Hardware Security Platform SECURE TRUSTED INTUITIVE Cryptographic Appliances with Integrated Level 3+ Hardware Security Module The BlackVault hardware security platform keeps cryptographic material
More informationOVAL + The Trusted Platform Module
OVAL + The Trusted Platform Module Charles Schmidt June 14, 2010 Overview OVAL Can assess a vast diversity of system state Usually software based software attacks can compromise Trusted Platform Module
More informationResilient IoT Security: The end of flat security models
Resilient IoT Security: The end of flat security models Xiao Sun Senior Application Engineer ARM Tech Symposia China 2015 November 2015 Evolution from M2M to IoT M2M Silos of Things Standards Security
More informationDawn Song
1 Virtual Machines & Security Dawn Song dawnsong@cs.berkeley.edu Virtual Machines VM: Execution environment that gives the illusion of a real machine VMM/Hypervisor: host software which provides this capability
More informationNuMicro Family M2351 Series Product Brief
NuMicro Family M2351 Series Product Brief The information described in this document is the exclusive intellectual property of Nuvoton Technology Corporation and shall not be reproduced without permission
More informationEasy Incorporation of OPTIGA TPMs to Support Mission-Critical Applications
Infineon Network Use Case Easy Incorporation of OPTIGA TPMs to Support Mission-Critical Applications Providing Infineon customers with an easy path to integrating TPM support into their products and systems
More informationTPM v.s. Embedded Board. James Y
TPM v.s. Embedded Board James Y What Is A Trusted Platform Module? (TPM 1.2) TPM 1.2 on the Enano-8523 that: How Safe is your INFORMATION? Protects secrets from attackers Performs cryptographic functions
More informationAVR XMEGA TM. A New Reference for 8/16-bit Microcontrollers. Ingar Fredriksen AVR Product Marketing Director
AVR XMEGA TM A New Reference for 8/16-bit Microcontrollers Ingar Fredriksen AVR Product Marketing Director Kristian Saether AVR Product Marketing Manager Atmel AVR Success Through Innovation First Flash
More informationAgile Hardware Design: Building Chips with Small Teams
2017 SiFive. All Rights Reserved. Agile Hardware Design: Building Chips with Small Teams Yunsup Lee ASPIRE Graduate 2016 Co-Founder and CTO 2 2017 SiFive. All Rights Reserved. World s First Single-Chip
More informationPlatform Level Security For IoT Devices. Bob Waskiewicz Applications Engineer
Platform Level Security For IoT Devices Bob Waskiewicz Applications Engineer Example of a Simple IoT Device 2 Sensor Communications Device MCU Sensor STM32L4 MCU Communication Device Security Qualities
More informationTRUSTED SUPPLY CHAIN & REMOTE PROVISIONING WITH THE TRUSTED PLATFORM MODULE
SESSION ID: TECH-F03 TRUSTED SUPPLY CHAIN & REMOTE PROVISIONING WITH THE TRUSTED PLATFORM MODULE Tom Dodson Supply Chain Security Architect Intel Corporation/Business Client Products Monty Wiseman Security
More informationIC Testing and Development in Semiconductor Area
IC Testing and Development in Semiconductor Area Prepare by Lee Zhang, 2004 Outline 1. Electronic Industry Development 2. Semiconductor Industry Development 4Electronic Industry Development Electronic
More informationSecuring IoT devices with Hardware Secure Element. Fabrice Gendreau EMEA Secure MCUs Marketing & Application Manager
Securing IoT devices with Hardware Secure Element Fabrice Gendreau EMEA Secure MCUs Marketing & Application Manager 2 A global semiconductor leader 2016 revenues of $6.97B Listed: NYSE, Euronext Paris
More informationClover Flex Security Policy
Clover Flex Security Policy Clover Flex Security Policy 1 Table of Contents Introduction General description Installation Guidance Visual Shielding Device Security Decommissioning Key Management System
More informationSecure automotive on-board networks
Secure automotive on-board networks Basis for secure vehicle-to-x communication Dr.-Ing. Olaf Henniger Fraunhofer SIT / Darmstadt 2 December 2010 Presentation overview EVITA project overview Security challenges
More informationAzure Sphere: Fitting Linux Security in 4 MiB of RAM. Ryan Fairfax Principal Software Engineering Lead Microsoft
Azure Sphere: Fitting Linux Security in 4 MiB of RAM Ryan Fairfax Principal Software Engineering Lead Microsoft Agenda o o o o Intro to Azure Sphere Kernel Customizations User mode services / App Model
More informationCypress PSoC 6 Microcontrollers
Cypress PSoC 6 Microcontrollers Purpose-Built for the Internet of Things WWW.CYPRESS.COM/PSOC6 Unmatched Solutions for the Internet of Things EMBEDDED IN TOMORROW The IoT is exploding, with more than 30
More informationMICROPROCESSOR BASED SYSTEM DESIGN
MICROPROCESSOR BASED SYSTEM DESIGN Lecture 5 Xmega 128 B1: Architecture MUHAMMAD AMIR YOUSAF VON NEUMAN ARCHITECTURE CPU Memory Execution unit ALU Registers Both data and instructions at the same system
More informationDesignWare IP for IoT SoC Designs
DesignWare IP for IoT SoC Designs The Internet of Things (IoT) is connecting billions of intelligent things at our fingertips. The ability to sense countless amounts of information that communicates to
More informationDesigning Security & Trust into Connected Devices
Designing Security & Trust into Connected Devices Rob Coombs Security Marketing Director TechCon 11/10/15 Agenda Introduction Security Foundations on Cortex-M Security Foundations on Cortex-A Use cases
More informationCEC1702 clicker. a great idea is just a click away
a great idea is just a click away CEC1702 clicker A compact development board with a mikrobus socket for click board connectivity and Microchip s CEC1702, a 32-bit ARM Cortex -M4 Processor Core, with strong
More informationDesigning Security & Trust into Connected Devices
Designing Security & Trust into Connected Devices Eric Wang Sr. Technical Marketing Manager Tech Symposia China 2015 November 2015 Agenda Introduction Security Foundations on ARM Cortex -M Security Foundations
More informationTamper Resistance - a Cautionary Note Ross Anderson Markus Kuhn
Tamper Resistance - a Cautionary Note Ross Anderson University of Cambridge Computer Laboratory Markus Kuhn University of Erlangen/ Purdue University Applications of Tamper Resistant Modules Security of
More informationSTM32G0 MCU Series Efficiency at its Best
STM32G0 MCU Series Efficiency at its Best Key Messages of STM32G0 Series 2 2 3 Efficient Arm Cortex -M0+ at 64 MHz Compact cost: maximum I/Os count Best RAM/Flash Ratio Smallest possible package down to
More informationLM961 Bluetooth Dual Mode Module Standalone (With Embedded Bluetooth v4.1 Stack)
Bluetooth Dual Mode Module Revised 13/DEC/2017 18.9mm 2.55mm 12.71mm Features Bluetooth v4.1 specification (Dual Mode) Fully integrated module with no additional components required Class 1 Tx Out Power
More informationAMD Security and Server innovation
presented by AMD Security and Server innovation UEFI PlugFest March 18-22, 2013 Roger Lai AMD TATS BIOS Development Group Updated 2011-06-01 UEFI Spring PlugFest March 2013 www.uefi.org 1 Agenda Exciting
More informationSecuring IoT with the ARM mbed ecosystem
Securing IoT with the ARM mbed ecosystem Xiao Sun / Senior Applications Engineer / ARM ARM mbed Connect / Shenzhen, China December 5, 2016 Lots of interest in IoT security Researchers are looking into
More informationHow Secure is your Server?
How Secure is your Server? Key Things To Consider For Building A Safe, Robust IT Infrastructure Mukund Khatri Sr. Distinguished Engineer / VP Server & Infrastructure Solutions Rick Hall Sr. Product Planning
More informationUG0725 User Guide PolarFire FPGA Device Power-Up and Resets
UG0725 User Guide PolarFire FPGA Device Power-Up and Resets Microsemi Corporate Headquarters One Enterprise, Aliso Viejo, CA 92656 USA Within the USA: +1 (800) 713-4113 Outside the USA: +1 (949) 380-6100
More informationHow microprobing can attack encrypted memory
How microprobing can attack encrypted memory Sergei Skorobogatov http://www.cl.cam.ac.uk/~sps32 email: sps32@cam.ac.uk Introduction Hardware Security research since 1995 testing microcontrollers and smartcards
More informationCREDENTSYS CARD FAMILY
CREDENTSYS CARD FAMILY Credentsys is a secure smart card family that is designed for national ID systems, passports, and multi-use enterprise security environments. The family is certified to FIPS 140-2
More informationRad-Hard Microcontroller For Space Applications
The most important thing we build is trust ADVANCED ELECTRONIC SOLUTIONS AVIATION SERVICES COMMUNICATIONS AND CONNECTIVITY MISSION SYSTEMS Rad-Hard Microcontroller For Space Applications Fredrik Johansson
More informationSECURITY CRYPTOGRAPHY Cryptography Overview Brochure. Cryptography Overview
SECURITY CRYPTOGRAPHY Cryptography Overview Brochure Cryptography Overview DPA-resistant and Standard Cryptographic Hardware Cores DPA (Differential Power Analysis) Resistant Hardware Cores prevent against
More informationThis Security Policy describes how this module complies with the eleven sections of the Standard:
Vormetric, Inc Vormetric Data Security Server Module Firmware Version 4.4.1 Hardware Version 1.0 FIPS 140-2 Non-Proprietary Security Policy Level 2 Validation May 24 th, 2012 2011 Vormetric Inc. All rights
More informationBluno Mega 2560 (SKU:DFR0323)
Bluno Mega 2560 (SKU:DFR0323) From Robot Wiki Contents 1 Introduction 2 Specification 3 Pin Out 4 Supported Android Devices 5 Supported Apple Devices 6 Tutorial o 6.1 More advantages o 6.2 The serial port
More informationMicrocontroller Not just a case of you say tomarto and I say tomayto
Microprocessor or Microcontroller Not just a case of you say tomarto and I say tomayto M. Smith, ECE University of Calgary, Canada Information taken from Analog Devices On-line Manuals with permission
More informationSurveying the Physical Landscape
Surveying the Physical Landscape UL and the UL logo are trademarks of UL LLC 2017 What do we mean by physical security? Some might think about this Or this Or For this presentation, we mean protection
More informationARDUINO MEGA INTRODUCTION
ARDUINO MEGA INTRODUCTION The Arduino MEGA 2560 is designed for projects that require more I/O llines, more sketch memory and more RAM. With 54 digital I/O pins, 16 analog inputs so it is suitable for
More informationLecture Embedded System Security Trusted Platform Module
1 Lecture Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Germany Summer Term 2015 Roadmap: TPM Introduction to TPM TPM architecture
More informationCommon Crypto Circuit Card Assembly Rockwell Collins. Commercial Crypto Contract (CCC)
Common Crypto Circuit Card Assembly Rockwell Collins Commercial Crypto Contract (CCC) FIPS 140-2 Non-Proprietary Security Policy Level 1 Validation Revision D Date: Page i This page intentionally left
More informationDolphin DCI 1.2. FIPS Level 3 Validation. Non-Proprietary Security Policy. Version 1.0. DOL.TD DRM Page 1 Version 1.0 Doremi Cinema LLC
Dolphin DCI 1.2 FIPS 140-2 Level 3 Validation Non-Proprietary Security Policy Version 1.0 DOL.TD.000921.DRM Page 1 Version 1.0 Table of Contents 1 Introduction... 3 1.1 PURPOSE... 3 1.2 REFERENCES... 3
More informationProduct Technical Brief S3C2412 Rev 2.2, Apr. 2006
Product Technical Brief S3C2412 Rev 2.2, Apr. 2006 Overview SAMSUNG's S3C2412 is a Derivative product of S3C2410A. S3C2412 is designed to provide hand-held devices and general applications with cost-effective,
More informationBreaking Hardware Wallets
Breaking Hardware Wallets Breaking Bitcoin September 2017 Nicolas Bacca @btchip Why Hardware Wallets? - high level overview YES NO Public data Do you want to send 1.337 BTC to 1UnREADABLE Operations on
More information