Microcontrollers employ security features to protect application code and data

February 27, 2015 // By Graham Prophet
NXP’s LPC18Sxx and LPC43Sxx microcontroller families add hardware-accelerated encryption for secure boot and secure messaging, in connected applications

Both LPC18Sxx and LPC43Sxx families integrate an AES-128 encryption engine; two 128-bit non-volatile OTP memories for encrypted, hardware-randomised key storage to prevent cloning; a true random number generator for unique key creation; and boot ROM drivers supporting secure boot of authenticated encrypted firmware images. The MCUs in both families use ARM Cortex-M cores (Cortex-M3/LPC18Sxx, LPC43Sxx/Cortex-M4 & M0) ensuring bandwidth for fast bulk data encryption or decryption without slowing down communications. They also include code read protection (CRP) to prevent unauthorised access to internal Flash.

Both MCU families are supported by software solutions from ecosystem partners for secure firmware updates, secure IoT connectivity, and secure networking stacks (SSL, TLS). In addition, these MCUs can be seamlessly paired with an NXP A-Series secure element for a turnkey solution to add tamper detection, secure authentication with hardware-accelerated PKI (RSA and ECC keys), secure certificate storage, and more.

The Secure element provides a store in which keys may be stored and protected against all forms of physical, and electrical attack. In order for the MCU to establish secure communication with an outside entity, it must first establish a secure link with the Secure element; establish its credential to be issued with the (securely-held) keys; and obtain them. This process alone is a complex multi-step routine, which NXP can provide as a packaged part of the offering.

The MCU families add support for secure boot and secure messaging, for any 'connected' application, particularly hubs or gateways, tasked with relaying and/or bridging large volumes of high-speed data. These functions are common in products such as smart meter communications hubs; factory, building, and home automation devices, streaming audio products, and automotive aftermarket. NXP observes that, "With increased connectivity comes risk, and developers now need to understand and defend against threats to the code and data messages. The LPC18S and LPC43S microcontroller families help embedded developers protect connected applications from these threats, whether they are used standalone, with security solutions from software partners, or paired with an NXP A-Series secure element."

“The Internet of Things (IoT) must be built from the ground up with security in mind,” said Tom Mudryk, Technical Director, ESL Smart Solutions, Ltd, a pre-announcement user of the devices. “Working with NXP and Cypherbridge we have created a secure IoT solution that offers our customers a valuable yet convenient service, whilst maintaining data security and integrity. We selected NXP’s LPC1800 series for our gateway product because of its connectivity options and integrated LCD driver, and of course the new integrated security features provide that extra layer of protection.”