Microcontroller platform protects OTA firmware update security for IoT devices
A collaboration between Winbond, Nuvoton and Qinglianyun has resulted in a cloud-to-device platform to implement secure over the air (OTA) firmware updates in IoT devices.
Memory provider, Winbond Electronics, microcontroller manufacturer, Nuvoton, and security software developer, Qinglianyun have introduced a fully integrated reference design secured from the cloud to the device’s code storage memory.
The reference design provides a proven way to implement secure firmware updates on a secure and certified hardware and software, said the partners, to reduce the time it takes to develop new IoT devices. It can also help OEMs get to market faster with products for smart city, smart home, metering, industrial control, and other security-conscious applications.
The reference design is based on the Nuvoton M2351SF IoT security microcontroller, a multi-chip module consisting of the M2351 IoT security microcontroller and Winbond’s W77Q TrustME secure flash memory IC. The M2351 microcontroller is based on the Arm Cortex-M23 secure processor core with TrustZone technology. The module’s W77Q secure flash device is connected to the M2351 via an encrypted serial peripheral interface which resists sniffer attacks on data transferred between the two chips.
To provide a trusted execution environment (TEE) for secure OTA firmware updating operations and communications with the cloud, the M2351 runs Qinglianyun’s TinyTEE secure software stack in TrustZone-protected hardware. Using the 32Mbit secure storage provided by the W77Q, the reference design provides storage of secure and non-secure firmware and data, authenticated access control to ensure the integrity of firmware and data and rollback protection.
The TinyTEE software on the M2351 connects to Qinglianyun’s secure cloud service, which provides a full suite of IoT device management capabilities, such as device authentication, secure storage, encryption engine, and true random number generator, to comply with a Global Platform TEE standard interface.
This provides a secure chain of trust for the provision of OTA firmware updates from the cloud to the W77Q memory, with no vulnerability to remote attack or exposure of private data, added Winbond.
The W77Q helps ensure robust, end-to-end security in IoT devices by enabling secure storage, secure boot and root of trust, authenticated and encrypted data transfer between the flash device and the host, secure execute in place (XiP) of boot and application code and system resilience, by supporting the key security functions of protection, detection and recovery.
The M2351 microcontroller also offers secure bootloader, hardware cryptographic accelerators, execute-only memory and tamper detection pins