Securing High-Value Targets with a Secure IP Subsystem

By: Rich Collins, Product Marketing Manager

Understanding security threats and building solutions to protect against them is a relatively new concept for embedded developers. As an example, many early IoT devices were focused purely on cost. Designers spent very little time architecting robust security solutions. This may not be critical for a smart light bulb, but increasingly IoT devices are covering more of users’ daily routines, processing sensitive data such as personal medical information or financial transactions. These types of “high-value” applications become lucrative targets for hackers and thieves. There are similar targets in mobile, automotive and industrial markets.

This article shows how leveraging an integrated, pre-verified subsystem that is optimized to protect against a variety of attacks on high-value targets can accelerate the development of cost-optimized, embedded trusted execution environments (TEEs) that reduce complexity and speed time-to-market. 

Attacks at Many Levels

Malicious attacks are not isolated to classic internet hacking. Often it is the individual device (end product) sitting on the network, or a chip within the device that is the target of the attack (Figure 1). These attacks are varied in nature and usually target one or more of three areas: hardware, software or the communication links — either between the device and the cloud, or between devices.

Figure 1: High-level classes of malicious attacks

Figure 1: High-level classes of malicious attacks

Some software exploits include tampering with device privilege levels, forcing buffer or stack overflows, or injecting malware (viruses). Attackers will attempt to exploit communication links to sniff sensitive data such as passwords, directly attack a device using a backdoor or indirectly exploit a remote node. Hardware attacks can be invasive, de-capping an IC and probing signals, or non-invasive, using debug ports or more sophisticated side-channel analysis. Different attacks have varying levels of sophistication and cost that largely correlate to the value of the target being exploited.

Security needs to be addressed at all three levels: chip, device, and network. Protection must start within the ICs powering these end products. 

A High-Value Target Example: Embedded SIM (eSIM) / Integrated SIM (iSIM)

Most mobile devices still support a small subscriber identity module (SIM) card in a dedicated tray. This card, which is unique to each operator, can be physically swapped out to change providers, but must be done manually. GSMA is supporting a new standard for integrating the SIM functionality within the application’s IC (or modem chip) itself. This will facilitate smaller mobile devices by removing the SIM card and the tray from the bill of materials, while allowing users to seamlessly switch operators without physically changing a card. The embedded or integrated SIM functionality will be accessible by multiple operators and can be updated, or provisioned, over the air (OTA). Many popular mobile devices such as the latest tablets and smart watches are now deploying this type of integrated SIM solution.

The SIM card for a specific user contains personal information such as PIN numbers, unique device identifiers, and text messages. Protecting this data and preventing unauthorized access to services are a high priority for carriers. To adequately protect this information, several security features are required (Figure 2) – including strong cryptography on data, processor instructions, and communication protocols; countermeasures to repel side channel attacks such as differential power analysis (DPA); and mechanisms to partition system resources (memory, peripherals, etc) as known secure vs. untrusted or non-secure.

Figure 2: Secure embedded SIM architecture example shows how the Secure IP Subsystem as an eSIM solution can be integrated into an LTE-M modem

Figure 2: Secure embedded SIM architecture example shows how the Secure IP Subsystem as an eSIM solution can be integrated into an LTE-M modem

Optimized Secure Subsystem Solution

Synopsys has developed an ARC® Secure IP Subsystem for applications requiring a programmable hardware-based TEE. This subsystem (Figure 3) was architected to specifically address the types of attacks likely to be waged against high-value targets such as mobile devices supporting embedded SIM functionality. 

Figure 3: Synopsys’ DesignWare Secure IP Subsystem provides critical cryptography options, side channel countermeasures and software to prevent malicious attacks

Figure 3: Synopsys’ DesignWare Secure IP Subsystem provides critical cryptography options, side channel countermeasures and software to prevent malicious attacks

The fully configurable Secure IP Subsystem is built around Synopsys’ family of low-power ARC SEM security processors, which incorporates advanced side channel and tamper-resistant features to protect against ever-evolving threats. These features include error detection and parity on memories and registers, uniform instruction timing, power and timing randomization and an integrated watchdog timer to detect system failures and tamper events. The processor also leverages ARC SecureShield® technology, providing isolated execution contexts with a secure MPU and support for AHB5.

Outside the core, additional system-level features are provided to ensure the confidentiality and authenticity of non-trusted memory. The secure external memory controller provides cryptographically strong algorithms that can decrypt both instructions and data on the fly, which is critical for external memory shared with the application processor. The partitioned “secure” code and data is always stored encrypted, and only decrypted within the secure subsystem when accessed. Latencies are hidden by caching within the subsystem’s secure perimeter.

Cryptography options within the subsystem accelerate encryption for a range of algorithms including AES, 3DES, SHA-256, RSA and ECC. To provide designers with flexibility, the subsystem supports many cryptography implementation options. A National Institute of Standards and Technology (NIST) validated DesignWare Cryptography Software Library and cryptographic acceleration through ARC Processor EXtension (APEX) technology are included with the subsystem. Optional support for dedicated symmetric and asymmetric hardware crypto engines is also supported.

Implementation choices are based on customers’ need to balance performance and area requirements. Figure 4 uses a SHA-256 example to highlight these tradeoffs for each type of cryptography implementation.

Figure 4: Implementation Comparison for a Common Hash Algorithm

Figure 4: Implementation comparison for a common hash algorithm

Integrated peripherals such as a non-volatile memory (NVM) interface for dedicated key storage, a true random number generator (TRNG) interface and peripherals such as GPIO and UARTs simplify system-level design.

To ease application development, the subsystem includes a rich software offering, including secure boot software, NIST validated crypto library and peripheral drivers. A code signing firmware tool allows users to encrypt their code to leverage the subsystem’s external memory controller.

To provide complete system level solutions (Figure 5), third-party software has been ported to the subsystem. The combination of Synopsys-provided software and third-party titles provide a strong proof of concept. As an example, secure javaCard OS and eSIM / UICC stacks have been integrated, validated and benchmarked to provide an eSIM application reference.

Figure 5: ARC Secure IP Subsystem architecture provides the tools, hardware and software needed to protect SoCs

Figure 5: ARC Secure IP Subsystem architecture provides the tools, hardware and software needed to protect SoCs

Summary

Security breaches are becoming much more common and more expensive to repair. For many embedded developers, other factors such as cost and integration were much more important than providing protection against security threats. As more functionality is built into embedded devices, they are becoming high-value targets in the eyes of a would-be attacker. Addressing the wide and constantly evolving array of threats requires that IC design teams invest in understanding these attacks and delivering solutions.

The integrated hardware and software features of Synopsys’ ARC Secure IP Subsystem provide a trusted solution that protects against attacks targeting these high-value embedded applications in IoT, mobile, automotive and industrial markets.