feature article
Subscribe Now

Microchip TrustAnchor Holds the Keys

Tiny Add-on Chip Provides Security

“One of the keys to happiness is a bad memory.” – Rita Mae Brown

You’ve got a problem. You designed a nice microcontroller-based system a few years ago and it’s selling well, with thousands of units out in the field. That’s not the problem. The problem is, now your boss wants you to add security features to it. You know – just slap them on. No big deal, right? 

But to add secure boot, and crypto acceleration, and secure key storage to your design, you’d have to start all over with a new MCU that has these features. You really don’t want to do that. Manufacturing says they’ve already got thousands of units of the old MCU in stock because, well, because that’s what you designed in. You want we should throw ’em all away? 

But what choice do you have? The current MCU doesn’t have the boss’s favorite security features, and switching to a new MCU would mean evaluating, qualifying, and buying a whole new device. Plus, you’d probably have to tweak your code because something will have changed between the old chip and the new one. It always does. Looks like you’ve got a long several months ahead of you redesigning the thing you thought you’d finished last year. 

Or… you could just glue on the missing security features, like your boss said. 

Time to pull out your secret weapon, the TrustAnchor TA100 from Microchip. It’s a tiny $1.50 part that is a security vault, wrapped in a mystery, inside an enigma. You simply slap this baby alongside your existing MCU, find a spare I2C or SPI line to hook it to, and you’re on your way to providing the security features you missed the first time around. 

As the name suggests, the TrustAnchor is an anchor – no, wait, it’s a root of trust. That is, it stores secure keys (quite a lot of them, in fact), authenticates messages, validates certificates, makes firmware updates more trustable, cranks on crypto algorithms, protects content, and generally provides the basis, or root, of every other security-based feature you’d want. It does not, all by itself, magically transform your designs into hacker-proof vaults, but it does provide the necessary basis for everything that comes after. 

The chip itself is insanely hack-resistant. The top mask layer of silicon includes an unbroken mesh that prevents probing and shuts down the device if the protective cover is compromised. Internal memories are encrypted. Arithmetic functions are randomized (not the results, just the process) to avoid side-channel attacks. Voltage and temperature sensors detect environmental corner-case manipulation or clock glitching. All clocks are generated internally, instead of with an outside crystal or oscillator. And there’s no JTAG; not even internal test pads or probe points. Consequently, the chip is hard to test in production, but that’s Microchip’s problem, not yours. 

With all this internal security, the weak link would appear to be the external serial link to the host MCU. All the data is right there, out in the open and easy to probe. Doesn’t that compromise the entire foundation of the root of trust? 

Nope, says Microchip product engineer Todd Slack. It’s totally okay if bad guys monitor the traffic between the TrustAnchor and the MCU. There’s nothing valuable to be learned from it, and nothing they can do to inject bogus messages because it’s all authenticated. It’s like a bank vault. You can observe someone opening it all you want, but the vault opens only for the bank vice president with the keys. 

The TA100 was initially developed for automotive OEMs who want/need to protect their firmware and the increasingly advanced ADAS systems that go with them. The automotive industry is rapidly developing a set of standards and criteria that automakers and their suppliers will have to meet, and the TA100 was created with those standards in mind. That said, there’s no reason you can’t use the chip in other applications, too. If it’s good enough for BMW, Toyota, and Chrysler, it’s probably good enough for the rest of us. Problem solved.

Leave a Reply

featured blogs
Aug 1, 2021
https://youtu.be/I0AYf5V_irg Made in Long Ridge Open Space Preserve (camera Carey Guo) Monday: HOT CHIPS 2021 Preview Tuesday: Designed with Cadence Video Series Wednesday: July Update Thursday:... [[ Click on the title to access the full blog on the Cadence Community site. ...
Jul 30, 2021
You can't attack what you can't see, and cloaking technology for devices on Ethernet LANs is merely one of many protection layers implemented in Q-Net Security's Q-Box to protect networked devices and transaction between these devices from cyberattacks. Other security technol...
Jul 29, 2021
Learn why SoC emulation is the next frontier for power system optimization, helping chip designers shift power verification left in the SoC design flow. The post Why Wait Days for Results? The Next Frontier for Power Verification appeared first on From Silicon To Software....
Jul 28, 2021
Here's a sticky problem. What if the entire Earth was instantaneously replaced with an equal volume of closely packed, but uncompressed blueberries?...

featured video

Accelerate Intelligent SLAM with DesignWare ARC EV Processor IP

Sponsored by Synopsys

Simultaneous localization and mapping (SLAM) algorithms build a map and determine location in the map at the same time. But how can you speed up the results? This demo shows how ARC EV processor IP with CNN engine accelerates KudanSLAM algorithms.

Click here for more information about DesignWare ARC EV Processors for Embedded Vision

featured paper

Configure the backup voltage in a reversible buck/boost regulator

Sponsored by Maxim Integrated

This application note looks at a reference circuit design using Maxim’s MAX38888, which provides a supercapacitor-based power backup in the absence of the system rail by discharging its stored charge. The backup voltage provided by the regulator from the super cap is 12.5% less than the system rail when the system rail is removed. This note explains how to maintain the backup voltage within 5% of the minimum SYS charge voltage.

Click to read more

featured chalk talk

Power over Ethernet - Yesterday, Today, and Tomorrow

Sponsored by Mouser Electronics and Microchip

Power over Ethernet has come a long way since its initial creation way back in 1997. In this episode of Chalk Talk, Amelia Dalton chats with Alan Jay Zwiren from Microchip about the past, present, and future of power over ethernet including details of how a PoE system works, why midspans are crucial for power over ethernet connectivity and why Microchip can be your one stop shop for your next PoE design needs.

Click here for more information about Microchip Technology multi-Power over Ethernet (mPoE)