Kinetis + mbed = the secure connection in IOT PING LIANG SENIOR TECHNICAL MARKETING MANAGER OF MICROCONTROLLERS & MICROPROCESSORS mbed Connect China, Shenzhen Dec 15, 2015 EXTERNAL USE
SECURE EMBEDDED PROCESSING SOLUTIONS for the 1 EXTERNAL USE
Internet of Tomorrow Smart, Connected and Secure Smart Healthcare Smart Thermostat Smart Home Smart Wearable Smart Vehicle Smart Hospital Smart Home Smart City Smart Health Smart Highway V2V & V2I Increasing complexity of data collection, handling & processing for delivering value added information. 2 EXTERNAL USE
Connecting Things at the Edge to the Cloud MCU Energy Sensors RF Edge Nodes PAN/LAN Connectivity Gateway WAN Connectivity Cloud Application/Action BIG Data 3 EXTERNAL USE
Connecting Things at the Edge to the Cloud MCU Energy Sensors RF Edge Nodes PAN/LAN Connectivity Gateway WAN Connectivity Cloud Application/Action BIG Data 4 EXTERNAL USE
IoT Challenges Time to Market Ease of Use Software Scalable Performance Highly Integrated Energy Efficiency System Level Costs Security and Integrity Software Updates 5 EXTERNAL USE
7 New Security Challenges The embedded community has a social responsibility to secure the smart and connected world New challenges for the smart, secure, connected world include: Connected accessibility: Connectivity opens new doors for attacks Physical accessibility: Unlimited attacks of remote nodes Data dependence: Harmful repercussions for missing data Number: Network overload threats Data miss-use: Data used beyond intended methods Mitigation of weaknesses as they arise: Need for secure firmware updates. Social responsibility: The public is no longer forgiving of security breaches 6 EXTERNAL USE
Needs of a Secure Embedded Application Secure Application Requirements User Identification Assured Service Secure Connection Manage Secure Content Secure Network Access Tamper Resistance Confirmation of the parties involved in a transaction Protection against denial of service attacks Encryption and decryption of data Ensure data integrity and protection Network layer security Protection against physical attacks PC 1 Client Browser request Server secure connection Server sends the browser copy of SSL certificate 2 Client Browser 3 Browser check the authentication of SSL certificate and acknowledges the server Server sends back digitally signed acknowledgment 4 to start an SSL encrypted session 5 Encrypted Data shared between browser and server Server 7 EXTERNAL USE
Security in Kinetis MCUs 8 EXTERNAL USE
Kinetis MCUs Aligned to the needs of a connected world Low Power Security Connected Easy to Use Ultra efficient dynamic power Ultra low static power with full retention Low power peripherals Optimized Architecture Focused on Low Power 9 EXTERNAL USE Multiple Levels of Scalable Security options for ultimate flexibility and protection Ensuring your communication, software and physical system is protected from threats. RF transceivers supporting: ZigBee, BLE 4.2 802.15.4, Thread Wi-Fi Partners Tools for Software and Hardware Development and Low Power Design. SDKs, Hardware Kits, Reference Designs, and Walk-throughs Leveraging Low Power design, plus Wireless Connectivity, and decades of Security expertise all with a focus on customers Ease of Use All on a common technology platform for maximum re-use of Software and Hardware designs
Kinetis MCU Portfolio The right series for the application Cortex-M0+/M4/M7 cores 10 EXTERNAL USE
FLASH Kinetis General Purpose Portfolio Overview Solutions for the General Embedded Market 2MB 1MB 512kB 256kB 128kB 64kB 32kB 16kB 8kB 4kB 16 20 24 32 48 64 80 100 121 144 169 256 PINS 11 EXTERNAL USE ARM Cortex-M0+ based MCUs 32-bit performance and energy efficiency with 8-bit look, feel and fast time to market Rich feature integration Ultra small packages Ultra-Low Power ARM Cortex -M4 based MCUs 32-bit power and performance efficiency, with added DSP and FPU Scalability across the portfolio Ranging from 50MHz to 180MHz Frequency Memory expansion options, including QSPI execution in place (XiP) Rich feature integration, including analog, connectivity, HMI, and the most advanced security and protection Balanced for a broad range of applications, including consumer, POS, industrial, medical, metering and smart energy markets Rich package options, including WLCSP, QFN, QFP and BGA L Series K Series Performance & Integration Note: 32 (32, 35, 36) 48 (44, 48, 49) 64 (60, 63, 64) 121 (120, 121) 144 (142, 143, 144)
Kinetis Security Overview Authorized Access Code I/P Protection Internal Memory Protection External Memory Protection Debug Port Protection Authentication Software Updates Device Verification Secure Boot Trust Anti- Tamper Crypto Data Protection Symmetric Encryption DES/DES3, AES Asymmetric Encryption RSA, ECC Hashing CRC, MD5, SHA True Random Number Generation Security Protocols SSL, HomeKit, Thread 12 EXTERNAL USE Monitoring of physical and environmental attacks Tamper Detection Tamper Detection Secure Storage Physical Environmental Enclosure Intrusion Voltage Drilling and Probing Temperature Frequency
Kinetis KL8x to K8x World s most secure ARM Cortex -M based MCUs Kinetis KL8x MCU 72MHz ARM Cortex-M0+ Advanced Security Secure RAM & Boot, Memory Protection Unit, Low Power Trusted Crypto. Engine (DES/3DES/AES/RSA), Tamper Detection, ISO7816-3 EMVSIM, Random Number Generator 128/96KB Flash/SRAM, USB, FlexIO, QuadSPI (XIP), 121 MBGA / 80 LQFP + Performance + Memory + Crypto throughput + Ext. memory expansion & protection Kinetis K8x MCU 150MHz ARM Cortex-M4 Advanced Security + Crypto. Acceleration Unit, On-the-Fly Decryption for external memories 256/256/16KB Flash/SRAM/Cache, USB, FlexIO, QuadSPI (XIP), SDRAM, SD/eMMC, FlexBus, 121 XFBGA / 100 LQFP Hardware and software compatibility with PCI-certified enablement 13 EXTERNAL USE
Kinetis K8x/KL8x MCUs: Enablement TWR-POS-K81 PIN Pad Reference Design Tower & Freedom Modules Security Software TWR-POSCARDS TWR-POS-K81 POS PIN Pad Reference Design for customers seeking Payment Card Industry certifications Kinetis K81/KL81 MCU: tamper pins, chip security, EMVSIM, Kinetis SDK w/ Cryptographic Driver s/w Chip-and-PIN keypad based on Cirque SecureSense technology (PCI PTS compliant without requiring physical protection for touch sensor) Compatible with - Contact/contactless card reader module (NXP NFC PN5180) TWR-LCD (colour graphics) Available under NDA Dec. 2015 (incl. PCI certification s/w & documentation) 14 EXTERNAL USE TWR (full evaluation) or FRDM (entrylevel) development modules KL8x MCU TWR-KL82Z72M FRDM-KL82Z K8x MCU: TWR-K80F150M FRDM-K82F 8MB SDRAM, 8MB Serial NOR Flash Multiple TWR and Arduino form-factor compatible peripheral modules Available Nov/Dec 2015 (K8x/KL8x) Freescale Kinetis SDK software drivers for public key cryptography Support for multiple toolchains including GNU GCC, IAR, Keil, and Kinetis Design Studio Secure EMV Kernel for Contact and Contactless Payment Formally proven, highly secure OS & Hypervisor for IoT
15 EXTERNAL USE mbed Supports
mbed Hardware mbed LPC1768 The first mbed hardware: NXP LPC1768 Cortex-M3 40-pin DIP package 5V USB or 4.5-9V supply Built-in drag n drop flash programmer 16 EXTERNAL USE
Kinetis K6x and FRDM-K64F Overview Kinetis K6x MCUs ARM Cortex -M4 core, up to 180MHz 256KB to 2MB Flash, 128 to 256KB SRAM Sophisticated power mode controller Ethernet MAC (w/ IEEE1588 real-time support) 6-bit ADCs and 12-bit DACs Hardware Encryption (3DES, AES, etc.) 32-bit Random Number Generator USB, CAN, SPI, I2C, UART, etc. Secure Digital (SD) Host Controller 17 EXTERNAL USE www.freescale.com/frdm-k64f/startnow FRDM-K64F Cortex-M4, 120MHz, 1MB Flash, 256KB SRAM 3-axis accelerometer/3-axis magnetometer RGB LED Add-on Bluetooth Module Built-in Ethernet w/ add-on Wireless Module Micro SD card slot Arduino shield compatible ARM mbed Examples mbedos: example-mbedos-blinky Security: uvisor-helloworld Connectivity: mbed-client-examples mbed-example-network (TCP) mbed-example-network (UDP) Thread: mbed-client-example-6lowpan Available on Github
ARM mbed IoT Starter Kit on FRDM-K64 Ethernet Edition for IBM Internet of Things Foundation and Microsoft Azure Cloud Service solution 18 EXTERNAL USE 1
mbed enabled MCU boards from new NXP 19 EXTERNAL USE 1
ARM mbed-enabled Platforms - Coming Soon Kinetis K8x MCUs Scalable and Secure ARM Cortex-M4, 150MHz, up to 256KB Flash and SRAM Execute-in-Place QuadSPI interface with on-the-fly AES decryption 512-bit True Random Number Generator (TRNG) HW acceleration for asymmetric cryptography including RSA and Elliptical Curve Crypto Physical anti-tamper capability Kinetis KW4x MCUs Integrated Wireless Connectivity ARM Cortex-M0+ with integrated 2.4 GHz transceiver BLE 4.1 with HCI and GATT interfaces Multiple BLE profiles IEEE 802.15.4 PHY-MAC 20 EXTERNAL USE
mbed Thread Platforms End Node FRDM-MCR20A The Freescale Freedom development board platform supports the MCR20A 2.4GHZ wireless transceiver. The FRDM-CR20A evaluation board is a small, low-power, cost-effective reference design for the MCR20A transceiver in a shield form factor, compatible with existing Freedom development platforms, FRDM-K64F and FRDM- KL46Z. End Node + Application Boarder Router 21 EXTERNAL USE
Target Development Systems: Gateways/Border Routers K64F RTOS Border Router (PN512) KW2x i.mx6ul Linux Gateway/Border Router (PN7120) K64F Freedom Board 120 MHz Cortex-M4F Up to 1 MB Flash, up to 258 KB RAM Integrated Ethernet Thread and ZigBee Launching Oct. 6th i.mx6ul EVK 528 MHz Cortex-A7 CPU 4 GB DDR3L DRAM memory 256 MB Quad SPI Flash Arduino/Freedom connector Launching Oct 6th 22 EXTERNAL USE