Cover story
identical code images we’ll label as “image 0” and “image 1” can be used for authentication. In the event that the primary image, image 0, is corrupted, we can fall back to image 1.
At boot time, the host processor is held in reset, unable to run. The CEC1712 is the first device in the system that boots. It loads the CEC image 0 into the internal SRAM of the CEC1712 and checks for a digital signature using private-public key pairs stored inside the OTP block. If the signature is verified, it releases the host processor from reset, being allowed to run. The boot code will be loaded in chunks from the SPI flash into the host processor. If authentication fails, the fully redundant CEC image 1, or ‘golden image,’ will load into the SRAM of the CEC1712. If authentication is successful, it will release the host processor from reset and read the code from the SPI flash directly into the host processor, allowing it to run.
Secure updates The diagram below describes how the boot ROM of the CEC1712 performs secure updates.
This uses the same mechanism that secure boot does, but it operates a bit differently. In the SPI flash, there is a CEC golden image and a CEC update image, rather than two identical images. At power up, the update image is loaded into the SRAM of the CEC1712 – if it authenticates, it will run on the host processor. A system restart will then trigger and overwrite the previous golden image. This returns the system to our state of having two fully- redundant images for the next boot or restart. If the update fails, it will simply fall back on that golden image and will still be allowed to boot.
Other features In the CEC1712 some security features have been added since the previous generation’s CEC1702. The first is key revocation, which effectively allows you to change the locks that secure the secrets within the device. As mentioned before, powerful cryptographic algorithms are enabled on the CEC1712 by private-public key pairs. The use of the private key to authenticate a code image ensures that a digital signature cannot be faked. If at any point during a platform’s lifecycle a private key becomes compromised,
previously provisioned backup private- public key pairs allow you to retire or revoke a key pair and replace it with a new one.
The second new feature is code
rollback protection. In contrast with key revocation which you would hope to not have to use, rolling back code is recommended any time the platform’s firmware is updated. If previous versions of the firmware have a security vulnerability, you can simply flip a bit and that version of the code will no longer be considered authentic. This way, security holes that may have existed in older images can’t be used. The final new feature is multiple image authentication. This allows the authentication of up to 16 images in parallel, cutting additional boot time.
Encryption algorithms Microchip’s root-of-trust controllers offer several encryption algorithms validated by the Cryptographic Algorithm Validation Program. The different algorithms allow the customisation of how private-public key pairs establish digital signatures and even support legacy symmetric encryption techniques.
www.microchip.com
www.electronicsworld.co.uk June 2023 07
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44
