Embedded security solutions to protect IoT endpoints
Renesas Electronics has introduced a series of embedded security solutions employing general-purpose MCUs and MPUs as completely new security structures for embedded devices that will function as IoT endpoints in homes and buildings. Now, as the first product of this series, Renesas has released the RX231 Communications Security Evaluation Kit.
At the same time as implementing strong security functions using a trusted secure IP that is already incorporated in the Renesas RX231 MCUs, the kit provides both an evaluation board and a wide range of software, to prevent virus infections over communication channels and disclosure of confidential information and allows embedded devices with strengthened security to be developed easily.
Recently, there has been progress in supporting the IoT, in which a wide variety of devices is connected to the Internet for improving industrial productivity through data collection or remote control for energy saving. In many cases, overall network security in the IoT tends to be weak, since the scale of these systems is small, especially in edge devices at the very end of the network, such as sensors. To assure that edge devices do not become a platform for attack on the whole network, it has become necessary to make edge devices more intelligent, to enable them to independently make decisions and defend themselves and to prevent both unauthorised software updates by viruses and other such actors and eavesdropping on the communications channels.
It is the management of encryption keys that correspond to passwords to protect information that is the core for implementing strong security functions. Since encryption keys were previously stored in flash memory or other nonvolatile memory, there was a risk that they could be discovered through malicious access. To address this issue, Renesas has developed a new technology that reliably protects these encryption keys using 'trusted secure IP' hardware. In addition, by providing both an evaluation board and software at the same time the RX231 Communications Security Evaluation Kit serves as a one-step service and simplifies implementation of security and communications functions.
While upgrades to provide new security measures go without saying, it is also necessary to update software to handle the steady progress in functionality in embedded devices. During these operations, as a secure firmware update function, when updating MCU user software using communication over wireless LAN or USB channels, if an unauthorised program modification is detected, the install operation is cancelled. Also, as a secure boot function, if an unauthorised modification to the user program is detected at MCU boot time, unauthorised program execution is prevented by stopping the boot operation. Furthermore, eavesdropping on communications can be prevented by data encryption/decryption using AES with the encryption engine.
The RX231 on-chip trusted secure IP 32-bit MCU evaluation board provided in the RX231 Communications Security Evaluation Kit includes a USB and SDHI wireless LAN communications expansion board interface, and can be connected to a wireless LAN communications expansion board. This kit also provides, in addition to security software, FreeRTOS, Renesas TCP/IP middleware, and a wireless LAN driver as a wireless LAN protocol stack for communications. Similar to the security software, Renesas also supports development of the communications sections that require specialised knowledge, thus allowing rapid implementation of secure embedded systems that operate over communications channels.
Renesas aims to continue to develop and provide solutions that realise robust security required for embedded systems that will function as edge devices in IoT.