RA microcontrollers achieve SESIP and PSA Certified (Level 2)
IoT security for the RA family of 32bit Arm Cortex-M microcontrollers has been strengthened with the award of SESIP and PSA Certified qualifications, says Renesas.
PSA Certified offers a framework for securing connected devices, from analysis through to security assessment and certification. The framework provides standardised resources to help resolve the growing fragmentation of IoT requirements.
It has also confirmed the self-assessment-based Security Evaluation Standard for IoT Platforms (SESIP1) with Physical and Logical Attacker certifications.
Renesas’ RA6M4 microcontroller devices with the Flexible Software Package (FSP) have been certified to PSA Certified Level 2; this is in addition to PSA Certified Level 1 achieved by RA4 and RA6 series microcontrollers. The RA6M3, RA6M4, and RA4M2 microcontroller groups have achieved Security Evaluation Standard for IoT Platforms SESIP1 with Physical and Logical Attacker certifications.
In addition, Renesas RA microcontrollers offer IoT security by combining secure crypto engine IP with NIST CAVP certifications. This is addition to Arm TrustZone for Armv8-M. The RA devices incorporate hardware-based security features from simple AES acceleration to fully-integrated crypto sub-systems isolated within the microcontroller. The secure crypto engine provides symmetric and asymmetric encryption and decryption, hash functions, true random number generation (TRNG), and advanced key handling, including key generation and microcontroller-unique key wrapping. An access management circuit shuts down the crypto engine if the correct access protocol is not followed, and dedicated RAM ensures that plain text keys are never exposed to any CPU or peripheral bus.
PSA Certified is a third- party laboratory evaluation of a PSA Root of Trust (PSA-RoT). PSA Certified Level 2 provides evidence of protection against scalable software attacks. Evaluation Labs use vulnerability analysis and penetration testing of the PSA-RoT to establish if the nine security requirements of the PSA-RoT Protection Profile have been met.
SESIP is an optimised version of Common Criteria methodology (ISO 15408-3) for the evaluation of IoT components and connected platforms. It defines a catalogue of security functional requirements (SFRs), which the product developer can use to build a secure device, scaling appropriately for specific threat model and use case. SESIP also incorporates and refines common criteria security assurance requirements (SARs), including the requirement ALC_FLR.2 flaw reporting procedures, which Renesas addresses with Renesas Product Security Incident Response Team (PSIRT) process and public web interface. Specifically designed for SFR reuse and mapping to other certifications, the SESIP methodology enables product developers to pursue appropriate certification of their device to other industry-standard certifications such as IEC 62443.
The RA family ecosystem accelerates the development of IoT applications with core technologies such as security, safety, connectivity and HMI. Engineers can use RA microcontrollers to develop IoT endpoint and edge devices for industrial and building automation, metering, healthcare, and home appliance applications. The RA family includes the RA2 series (up to 60MHz), RA4 series (up to 100MHz), RA6 series (up to 200MHz), and yet-to-be-released single/dual-core RA8 series.
