Rutronik News

The defenses of the standard microcontroller

Created by graduate engineer Martin Motz |   Knowledge

In the midst of the rise of IoT, Industry 4.0 and robotics, microcontrollers are increasingly becoming a protective shield from tampering and cyber-attacks. Various microcontroller families are already equipped with an arsenal of security features.

Once the European General Data Protection Regulation (GDPR) enters into legal force in May 2018, businesses must have implemented the data security standards specified therein. It regulates the pseudonymization and encryption of personal data much more stringently, with new resilience and accountability provisions compared to the previous legal basis in Germany. The GDPR affects not only manufacturers but also operating enterprises such as OEMs and network operators.

As a central control and regulatory component, microcontrollers have a key role to play in networked systems. Manufacturers are already working with development processes that are certified in accordance with corresponding security standards. With a secured production chain, semiconductor manufacturers also offer their customers secure end-to-end solutions. STMicroelectronics was recently the first microelectronics component manufacturer to receive the "France Cybersecurity Label" for microcontroller solutions that combine maximum security and flexibility for a variety of target markets.

Security Takes on Different Meanings for Each Application

In security terms, the target applications can be broken down into different microcontroller categories:

  • Authentication solutions and TPMs (Trusted Platform Modules), e.g. for trademark protection and IoT networks
  • Banking and ID solutions for traditional smartcard enterprises in the fields of payment, personal identification, transportation and paid TV content
  • Mobile security solutions for SIM-based solutions in mobile products and machine-to-machine (M2M) applications
  • Automotive solutions for near-field communication (NFC, eSE) and safe driving

Integrated Data Security Features

Within the IoT and in Industry 4.0 and robotics, standard microcontrollers for industrial and consumer applications are usually used (general purpose microcontrollers). Models with integrated security features are already available in this field. For instance, the STM32 family possesses a variety of features that offer protection as regards

  • Identity theft (anti-tampering mechanisms, integrity checks, traceability)
  • Throttling of data services
  • Data and code interception and tampering (memory protection, rights management, debug levels, anti-tampering mechanisms, integrity checks, secure firmware updates)
  • Physical or mechanical attacks (anti-tampering mechanism on module)

These features are mainly integrated into the chip and ensure robust authentication, integrity of the platform and consistent data security, thereby ensuring the privacy of the end user and providing comprehensive protection of data, IP and trademarks - thereby also satisfying the highest standards when it comes to data security in standard products. Typical target applications include printers, computers, gateways, IoT end nodes and sensors.

Hardware-Based Functions

Integrity and Safety

The cyclic redundancy check determines a check value that enables errors in data transmission or storage to be detected. This means that it is not only possible to check the integrity of the data but also verify the signature of the software while it is running.

The especially secured power supply monitoring system (POR [Power on RESET]/PDR [Power down RESET]/BOR [Brown out RESET]/PVD [Programmable Voltage Detector] flag status) enables the reason for a reset to be identified and ensures that it has been conducted on the basis of legitimate access. It is supplemented by the "read while writing" function for efficient tampering detection and logging.

The Clock Security System (CSS) is based on the clock and the system upon restoration, as well as internal and external clocks functioning independently of one another. The Watchdog and Window Watchdog also monitor the time windows independently of one another.

The integrity and trustworthiness of the memory contents are ensured using Error Correction Code (ECC) and parity checking. It also offers expanded protection from attacks aimed at sneaking in errors.

A temperature sensor continuously monitors the ambient temperature of the IC to prevent it from deliberately being heated above its specified range, permanently damaging it.

Encryption Methods

Encryption methods protect a source text from unauthorized access by encrypting the original plaintext using a code. Breaking the code enables the hacker to decode the encrypted text. More sophisticated cryptographic methods use symmetric or asymmetric encryption. With symmetric encryption, there is only one key with encryption and decryption, meaning that the sender and receiver use the same key.

With asymmetric methods, each of the communication partners uses their own key, which is used to generate a key pair. This consists of a public key, which is used to encrypt the data, and a private key, which decrypt it.

Certain STM32 series have a genuine random number generator, used to generate 32bit keys for encryption integrated entirely into the chip. The encryption is based on the symmetric Advanced Encryption Standard (AES), whereas STM32F2, F4, F7, L4 series employing a key length of 128bit (AES-128) and 256bit (AES -256) with a variety of methods (ECB, CBC, CTR,GCM, GMAC, CMAC), while STM32L0 / L1 employing a key length of 128bit (AES-128)

The advantage of the symmetric method is that, because there is only one key, key management is simpler than with asymmetric methods. Encryption and decryption is also significantly faster.

Some STM32 models also have fully integrated hash functions, where data is hashed and scattered , and the function maps a larger amount of input to a smaller amount of target data.

There is also the keyed-hash message authentication code (HMAC). The structure of this message authentication code (MAC) is based on a cryptographic hash function. HMACs are specified in RFC (Request for Comments) 2104 and in the NIST (National Institute of Standards and Technology) standard FIPS 198.

Anti-Tamper Mechanism

The anti-tamper mechanism is used to defend against deliberately or unintentionally launched physical attacks against the hardware system outside of the microcontroller. The backup domain, which references various wake-up sources, ensure that protection is maintained even in low-power mode. The real-time clock (RTC) timestamps each tamper event.

Some STM32 series also have RTC register protection, which blocks unauthorized write operations and operates independently of the system reset, but does not include protection when writing a sequence of keypresses.

If tampering is detected, the backup register ensures that the written content is automatically deleted. The communication channels can also be selectively blocked with a GPIO communication block. This prevents selected general purpose inputs/outputs (GPIO), and the block can be removed upon next reset.

Debug Block

The debug block prevents unauthorized access to the microcontroller via a debug interface. The security level can be selected for each application or requirements, although it cannot be downgraded again after that point.

Access Rights Management

Access rights confer upon users or user groups the authority to perform certain actions. To this end, the integrated memory protection unit (MPU) divides the memory into regions with different access rights and rules.

During data transfer, the firewall isolates the code or data component of the flash memory or SRAM from the remainder of the code executed outside of the protected area. The firewall is more restrictive than the memory protection unit (MPU) and is only integrated into the STM32L0 and L4.

Memory Protection

Read protection is used to manage how memory is accessed. Memory dumps and backups of user IPs for instance are not permitted. Write protection enables each sector to be protected from unwanted write operations. Proprietary code protection allows each memory region to be configured as "execute only", meaning that only code may be executed here - it is not possible to write to this region.

IPs and confidential data can be securely deleted using the mass erase or secure erase functions. This function resets the memory entirely to its factory state.

Traceability of Data

Many STM32 series have a specific, unique 96bit ID to ensure that an end product is traceable. This can also be used for the diversification of security keys.

Many series also have functions enabling a secure firmware update.

Software-Based Encryption Methods

The security functions implemented in hardware can also be supplemented with software-based solutions. Cryptographic library packages are available for the STM32 family with a range of cryptographic algorithms that run on all STM32 microcontrollers. They are provided as standard in binary object format, and can also be provided in source code form under the terms of an NDA-based license. A hardware expansion is also available to provide certain groups of integrated circuits with functional support.

In addition to the random number generator integrated into the chip, a software package provides protection from replay attacks, which use prior requests for a renewed attack.

A hash algorithm verifies digital signatures and authentication codes of messages in order to ensure that the data is trustworthy and to protect its integrity. There are also software packages available with symmetric and asymmetric encryption methods.

For sophisticated IoT solutions, there is also the option of utilizing another on-board module - the STSAFE-A100 series is supplied as a ready-to-run solution with a secure operating system. This latest generation of secure microcontrollers enhances authentication and data management service security for local and remote host PCs, smart home, smart city and industrial applications, electronic entertainment devices and all kinds of other end devices, utilities and accessories.

Find the STM32 security series at