search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
Security & Monitoring


A new architecture for the provision of secure storage offers higher capacity at lower cost


By Nir Tasher, director of technology, Winbond Security Products T


he steady progression of semiconductor fabrication processes as predicted by Moore’s Law has been beneficial for embedded systems developers in almost all respects. Moore’s Law states that the speed and capability of computers can be expected to double every two years, as a result of increases in the number of transistors a microchip can contain. But it has given rise to one difficulty for users of applications processors who require a high level of security protection for their device and for the data that it transmits and receives. That’s because of the growing mismatch between the CMOS fabrication process in which an applications processor is made and the technology for fabricating the non-volatile on-chip NOR Flash in which boot code, application code and sensitive user data are stored.


While leading-edge applications processors today are being fabricated in a sub-10 nm process, the NOR Flash process has lagged for several generations because of basic physical limitations of the technology. Today, floating-gate Flash circuitry is only embedded in devices fabricated at 40nm or earlier nodes. This means that Flash is not embedded in the most advanced, highest- performance processors. For secure code and data storage, designers therefore must specify an external device which contains secure memory capacity.


Growth of secure data payloads to protect embedded processor-based systems


The requirement for secure storage has grown in recent years as more embedded systems have migrated to the Internet of Things (IoT), opening previously closed systems to the threat of network-borne hacking attacks and malware. The world’s leading microcontroller manufacturers spied a lucrative opportunity in this new requirement to protect embedded processor-based systems: sustained marketing campaigns have positioned the


38 March 2022


microcontroller-based Secure Element in the minds of many embedded developers as the most secure and convenient way to provide the security functionality that their system designs require.


In fact, there is another way which offers higher code storage capacity at lower cost, and provides the same security functionality and equally strong protection against external threats.


Cryptography and NOR flash memory


An external Secure Element performs various security functions including cryptography, key storage, anti-tamper protection, a unique ID, protection against replay attack, and generic functions such as a random number generator.


In an applications processor, these functions may be implemented in a tiny area of silicon - the effective cost of this circuitry might be as little as 1 cent. So why is the cost of a typical Secure Element much higher than this?


What embedded developers are really buying when they specify a Secure Element is secure storage capacity: the value is in the memory, since security processing functionality is so cheap if implemented on the processor. And security data payloads are continually on the rise as device manufacturers implement an increasing range of data-heavy functions such as biometric authentication and more complex forms of encryption which are harder for hackers to crack.


So, if secure memory capacity is the embedded developer’s real requirement, where is the sense in trying to bolt a necessarily limited and expensive storage provision on to a secure microcontroller architecture – the approach taken by manufacturers of Secure Elements? Why not instead start with a native NOR Flash memory architecture – which offers inherently unconstrained storage capacity at a much lower cost – and bolt security functionality on to it?


Components in Electronics


This is how Winbond has created its unique TrustME family of Secure Flash memory products. Winbond is the world’s largest manufacturer of Serial NOR flash memory by units and value, and its Secure Flash products are based on the same Serial NOR Flash architecture and are fabricated in the same Winbond factory as its standard Serial NOR Flash products.


But the Secure Flash devices also feature certified and proven Winbond security circuitry such as cryptography, authentication, key storage, anti-tamper functions and protection against replay attacks. Winbond’s W75F Secure Memory Element product offers the Common Criteria EAL5+ with VAN.5 security grade, as required for systems used in payments applications.


Yet because the W75F is based on a standard Serial NOR Flash memory architecture, it provides ample and scalable storage capacity at low cost-per-bit: W75F parts are available in capacities up to 4MB, while the largest memory capacity available in any Secure Element on the market today is 2MB. And the 4MB storage provision of the W75F series is more cost-effective than the equivalent capacity in a stand-alone Secure Element. The W75F’s Flash memory performance also matches the storage-


system performance of the equivalent, more expensive Secure Element. In addition, the cryptography function implemented in the W75F creates a payload the same size as the unencrypted original. The W75F can provide secure XIP (eXecute In Place) functionality for boot code when using a certified high- speed interface supplied by Winbond. The W75F also supports the Serial Peripheral Interface (SPI) for host communication.


High security, large storage capacity, low cost


A Secure Element provides comprehensive security functionality, but only limited storage capacity and performance. By adopting an architecture in which security functions are migrated to the applications processor while storing code and data securely on an external Flash device, embedded developers create a way to achieve much higher performance, with much larger secure memory capacity, at a much lower cost. Developers of security- conscious applications now have a new way to implement encryption and other essential functions while benefiting from memory provision sufficient for today’s systems and for future application developments.


www.winbond.com www.cieonline.co.uk


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54