Upload
team-wibu
View
346
Download
4
Embed Size (px)
Citation preview
μCodeMeterSecurity Embedded in XMC4000Marco Blume WIBU-SYSTEMS AGDirk Heinen Infineon AG
Embedded Security Cooperation
XMC Microcontroller
High Volume Production
ARM Cortex™ - M4 (with FPU)• CPU Frequency up to 120MHz• Timers CCU4, CCU8, POSIF• USB / Up to 3x CAN / Up to 6x Serial Channels• High Resolution PWM• Interconnect Matrix• 2x 12Bit ADC / 2x DAC• TA = -40C to 125C
ARM Cortex™ - M0• Core 32MHz / Peripherals up to 64MHz• Capture Compare Units (CCU4)• 2x Serial Channels• 12Bit ADC• Interconnect Matrix• Secure Bootloader• 1,8V – 5,5V Supply Voltage Range• TA = -40C to 105C
Copyright © Infineon Technologi
es AG 2015. All
rights reserved.
OCTOBER 2014 PAGE 2
XMC1100Up to 64kB Flash
TSOP16/38, VQFN24/40+ 9ch LED Control (BCCU)+ 3x Analog Comparators
XMC1200Up to 200kB Flash
TSOP16/28/38, VQFN24/40
+ Math Co-Processor+ CCU8 PWM Timer+ Hall & Encoder I/F
XMC1300Up to 200kB Flash
TSOP16/28/38, VQFN24/40
XMC4100/4200Up to 256kB Flash / 40kB RAM
QFN48, TQFP64
XMC4400Up to 512kB Flash / 80kB RAM
TQFP64 / TQFP100
+ 120MHz Core + Ethernet+ ΔΣ Demodulator
XMC4500Up to 1MB Flash / 160kB RAMTQFP100 / TQFP144 / BGA144
+ EBU+ SD Card
February 2015
Page 2
XMC Target Markets
High through-put and up-time
Remote monitoring
Reliability and quality
Lifetime Security and
safety Interoperability
Energy efficiency
Comfort and ease of use
Remote monitoring
Appealing design and form factors
Interoperability
Robustnessfor harsh environment
Functional safety
Reliabilityand quality
Lifetime
Energy efficiency
Robustnessfor harsh environment
Up-time
Form factor, size and weight
Platform concept
Copy protection Fast ramp-up
Factory Automation
Building Automation
Trans-portation
Power& Energy
Home &Professional
Page 3
February 2015
Copyright © Infineon Technologi
es AG 2015. All
rights reserved.
XMC Family / DAVE™
Security challengesacross XMC Target Markets
Factory Automation
Building Automation
Trans-portation
Power& Energy
Home &Professional
Page 4
February 2015
Copyright © Infineon Technologi
es AG 2015. All
rights reserved.
Security challenges vary among market segments
We need to update FW of installed devices.
How to protect our IP?How to protect from cloning and reverse engineering at our
contract manufacturer?Can we make an after market
business with FW function upgrades?
How to make sure that only authorized devices are built in?
Security challengesacross XMC Target Markets
Factory Automation
Building Automation
Trans-portation
Power& Energy
Home &Professional
Page 5
February 2015
Copyright © Infineon Technologi
es AG 2015. All
rights reserved.
Security challenges vary among market segments
We need to update FW of installed devices.
How to protect our IP?
Can we make an after market
business with FW function upgrades?
Copyright © Infineon Technologies AG 2015. All rights reserved.
µCodeMeter:A cooperation on embedded security
Page 6
February 2015
CodeMeter Embedded
Driver
Personal Computer
Industrial PC
Embedded Device
Programmable Logic Controller
Microcontroller
High Power
Small Size
CodeMeter Runtime
µCodeMeter
Copyright © Infineon Technologies AG 2015. All rights reserved.
µCodeMeter technologyintegrated in DAVE™
Page 7
February 2015
DAVE™ plug in One dialog for security
configuration Master key for encryption and
licensing safely stored in CodeMeter dongle
Individual settings fit customers needs
Integrated in build process
Copyright © Infineon Technologies AG 2015. All rights reserved.
XMC4000Flash Memory
Secure Firmware Updateswith µCodeMeter USE CASE 1
Page 8
February 2015
FieldTrustedEnvironment
Copyright © Infineon Technologies AG 2015. All rights reserved.
XMC4000Flash Memory
Secure Firmware Updateswith µCodeMeter USE CASE 1
Page 9
February 2015
Firmware v1.0
µCmActLicense
SBSL(Bootloader +
µCmE, µExEngine)
FieldTrustedEnvironment
Initial programming of Firmware, Bootloader and µCmActLicense by device manufacturer
Copyright © Infineon Technologies AG 2015. All rights reserved.
XMC4000Flash Memory
Secure Firmware Updateswith µCodeMeter USE CASE 1
Page 10
February 2015
Firmware v1.0
µCmActLicense
SBSL(Bootloader +
µCmE, µExEngine)
FieldTrustedEnvironment
Firmware v1.0
µCmActLicense
SBSL(Bootloader +
µCmE, µExEngine)
delivery
Copyright © Infineon Technologies AG 2015. All rights reserved.
TrustedEnvironment
Secure Firmware Updateswith µCodeMeter USE CASE 1
Page 11
February 2015
Field
Firmware v1.0Firmware v2.0Encrypted
Generation of encrypted firmware file in DAVETM
µCmActLicense
SBSL(Bootloader +
µCmE, µExEngine)
DAVETM
µExProtector
Copyright © Infineon Technologies AG 2015. All rights reserved.
Secure Firmware Updateswith µCodeMeter USE CASE 1
Page 12
February 2015
Field
Firmware v2.0
µCmActLicense
SBSL(Bootloader +
µCmE, µExEngine)
Firmware update in the field. Files are loaded and decrypted by the SBSL
TrustedEnvironment
Firmware v2.0Encrypted
DAVETM
µExProtector
delivery
Copyright © Infineon Technologies AG 2015. All rights reserved.
XMC4000Flash Memory
Secure Function Upgradewith µCodeMeter USE CASE 2
Page 13
February 2015
µCmActLicense
SBSL(Bootloader +
µCmE, µExEngine)
FieldTrustedEnvironment
µCmActLicense
SBSL(Bootloader +
µCmE, µExEngine)
Blocked function Blocked function
Copyright © Infineon Technologies AG 2015. All rights reserved.
XMC4000Flash Memory
Secure Function Upgradewith µCodeMeter USE CASE 2
Page 14
February 2015
µCmActLicense
SBSL(Bootloader +
µCmE, µExEngine)
FieldTrustedEnvironment
CodeMeter LicenseCentral
µCmActLicense
SBSL(Bootloader +
µCmE, µExEngine)
Blocked function Blocked functionµCmActLicenseUpdate
Generation of encrypted µCmActLicense file.License is bound to individual hardware ID
Copyright © Infineon Technologies AG 2015. All rights reserved.
XMC4000Flash Memory
Secure Function Upgradewith µCodeMeter USE CASE 2
Page 15
February 2015
µCmActLicense
SBSL(Bootloader +
µCmE, µExEngine)
FieldTrustedEnvironment
CodeMeter LicenseCentral
µCmActLicense
SBSL(Bootloader +
µCmE, µExEngine)
Blocked function Enabled functionµCmActLicenseUpdate deliveryµCmActLicenseUpdate
Function upgrade in the field.
Copyright © Infineon Technologies AG 2015. All rights reserved.
Summary
µCodeMeter …
… enhances the standard tool chain to providesecure firmware updates or functional upgrades in embedded systems built around XMC4000 microcontrollers.
… is based on the market proven CodeMeter solutionfor processor level control.
… is an easy-to-use solution with state-of-the art cryptography.
… is available early in Q4/2015 from Wibu-Systems.
Thank you for your attention!
More info: www.wibu.com/micro-codemeterPage
16February 2015
Copyright © Infineon Technologies AG 2015. All rights reserved.
Page 17
February 2015