Issue link: https://resources.mouser.com/i/1437738
Renesas has been a leader in embedded security for decades and is well-positioned to address the heightened need for security in today's connected products. Renesas offers a platform-based approach to embedded security, providing a multi-tiered development infrastructure that provides in-depth security protection for a wide variety of embedded products. For instance, the Renesas Synergy ™ platform is a comprehensive, qualified development platform that includes production-grade software and a scalable family of pin- compatible MCUs, pre-integrated and pre-tested to provide security at multiple levels. The Synergy platform ensures that IoT applications are built on a secure, robust technology foundation. The Synergy platform provides multiple key generation options through the Secure Crypto Engine (SCE) module (Figure 1). The SCE can generate a unique, cryptographic, hardware-based device identity that can be stored securely in internal flash by employing the Security Memory Protection Unit (SMPU) and the Flash Access Windows (FAW). These memory-protection features offered by Synergy devices can also be used for storing secure boot code, certificates, and keys along with any other sensitive data. In addition, the SCE can provide secure key storage to prevent exposure of sensitive information, even in non-secure memory. Key isolation can be ensured by MCU- unique key wrapping, which encrypts keys specifically for each MCU, so keys are only accessible within the SCE module on the individual MCU that performed the wrapping. The Secure Crypto Engine Developers also need to ensure that their development platform makes it safe and easy to connect to the cloud. As IoT applications grow more complex and safety-critical, they require ever-more data processing power. Secure connections to the cloud become essential as these systems increasingly depend on cloud computing to deliver a hyper-scale compute and storage infrastructures for IoT data. Synergy MCUs deliver support for cloud connectivity with built-in MQTT and TLS modules, and the Synergy cloud connectivity applications provide secure, built-in connectivity to leading cloud environments, including Amazon Web Services (AWS), Google Cloud, and Microsoft Azure. How Do I Secure My Products? Don't want your products replaced by imitations? Then make sure your competitors can't easily clone your device. To do this, you need to ensure that the products you sell contain proprietary features that only your organization can provide. Global supply chains now require increased diligence and enhanced security to ensure product integrity and authenticity are maintained during manufacturing and production. One way to do this is through secure manufacturing, which mitigates risk to intellectual property and maintains the integrity of production processes. The Synergy Secure Boot Manager provides a secure firmware flash programming solution that enables developers to dependably and securely program authorized firmware into Synergy MCU flash-memory devices in remote manufacturing facilities. This protects the firmware from being pirated, modified, or installed on cloned hardware. The Synergy Secure Boot Manager (Figure 2) also delivers a strong root-of-trust that provides unique identities, hardware- protected keys, secure boot loader, secure flash update module, and cryptographic APIs to interface with the MCU hardware. Through a secure connection, the root-of-trust is pre-loaded into a high-volume programmer system designed for the manufacturing and provisioning of processing units. The provisioned chip stores the data securely and maintains tight control on how it is used. | 4 | | 13 | Figure 1: The Secure Crypto Engine, an isolated subsystem within the MCU. (Source: Renesas Electronics Corp.)