Security - Concept

Categories of Attack: Security

A Hardware/Software combination to protect from both logical attacks/board-level attacks and some chip level attacks

X-CUBE-SBSFU is a secure bootloader providing a security architecture and a root of trust to boot the application as it authenticates the application before running it. It is based on PKI features provided by STSAFE-A110 (X.509 certificates) and provides secure services at runtime for the application.

The secure key management services provide cryptographic services to the user application through the PKCS #11 APIs relying on STSAFE-A110 as a secure HW crypto token for ECC and as a secure key storage.

STSAFE-A110 is a secure element that is wsed by SBSFU as a root of trust for the firmware image authentication. It is also used by X-CUBE-AWS-2.0 Application to connect to AWS server with multi account registrationtechnology. The secure element also provides device identity and supports TLS connectivitiy.

security-concept

Devices are more and more exposed to threats

A Hardware/Software combination to protect from both logical attacks/board-level attacks and some chip level attacks

categories-attacks

SBSFU is a secure bootloader providing a security architecture and a root of trust to boot the application

Authenticates the application before running it

Based on PKI features provided by STSAFE-A110 (X.509 certificates)

Provides secure services at runtime for the application 
KMS via PKCS#11 interface relying on STSAFE-A110 as a secure HW crypto token for ECC and as a secure key storage

STSAFE-A110 is a secure element Used by SBSFU as a root of trust for the firmware image authentication Used by X-CUBE-AWS-2.0 Application to connect to AWS server with multi account registration technology Device identity TLS connection

categories-attacks

Security - Secure boot principle & Secure Firmware Upgrade

A predictable process performed at each reset using a key stored within the device

Immutable
First code executed
Verify the platform Integrity
Clock settings
Registers configurations
Memory Protection
Launch Root of Trust services
Authentication of code
Uses cryptography

secure-element

A process performed when a new image is available using a key stored within the device

  • Performed in a secure way
  • Prevent Unauthorized updates
  • Access to secret code and key
  • Access to confidential on-device data
  • Each new image is authenticated before being installed

secure-element

Secure Engine

A protected environment within the STM32L4 to manage all critical data and operations such as cryptography operations

  • Single entry point enclave
  • Dedicated for sensitive code
  • PKCS#11 APIs
  • Secured channel on I2C to communicate with STSAFE
    • Symmetric key
    • Store in isolated environment

secure-engine

Secure Element

A tamper-resistant chip which has been tested and certified by external and recognized entities like Common Criteria

  • CC EAL5+ certified
  • Secure storage
    • Root CA Certificate
    • Device certificate
    • Private keys
  • TLS mutual authentication with AWS
  • Performs firmware image authentication
    • Secure boot
    • Secure firmware update

secure-element