EYE on NPI: STSAFE chip collection from ST #CyberSecurity #Security #EyeOnNPI @digikey

This week’s EYE ON NPI (video) takes a closer look at security! The STSAFE chip collection from ST is a super easy and inexpensive way to add hardened security to your project – giving you a lot of flexibility when deciding on core chipsets.

Why is a separate chip important? Microcontrollers often store their code in flash memory, so even if you hard-code authentication keys in flash or EEPROM, it can be read out by dumping the firmware. Yes, even if you have a chip that has firmware-readback turned off, it’s possible to trick chips into revealing their secrets! As hackers ourselves, we’ve seen novel and effective techniques for unlocking microcontroller firmware that would normally be in State-actor’s toolkits available at hobbyist costs. Techniques like epoxy-removal and pinpoint UV erasing, power glitching, bootloader buffer overflows, key brute-force guessing, decompilation, power-usage instruction tracking can be used to disable or circumvent firmware protection fuses.

In addition, many products are now embedded Linux computers running a plain filesystem with executables that cannot be secured.  So, given that your microcontroller memory should not be considered a secure storage,  you may want to consider using a secure element chip. These chips are designed to withstand many attacks and can be programmed with the private key at your factory. Then, the secrets never leave the secure chip. Instead of having a private key sit in microcontroller memory where it could be read out, data that needs to be authenticated or encrypted is sent back and forth through I2C. It’s a little extra BoM cost but is a nice way to keep the secrets in a lock-box.

We’ve seen these chips used for a variety of purposes – TLS handshake speed-up, firmware verification, device authentication, message signing and authentication, and of course secure-channel establishment. We teamed up with Digi-Key to make a video series to cover IoT security – best practices and techniques – which also covers secure chips so if you want a deep dive into IoT security check out this guide and video!

When sourcing a security chip, you want a trustworthy supplier who takes security seriously – the chips are not expensive, but you want to make sure the supply chain is accounted for. ST is a well known semiconductor company that we’d recommend and trust for any of our uses!

The STSAFE-A100 is a highly secure solution that acts as a secure element providing authentication and data management services to a local or remote host. It consists of a full turnkey solution with a secure operating system running on the latest generation of secure microcontrollers.
The STSAFE-A100 can be integrated in IoT (Internet of things) devices, smart-home, smart-city and industrial applications, consumer electronics devices, consumables and accessories.

If you want to get started with the STSAFE, you can pick up this handy board, it is Arduino-header compatible. You can plug it into an ST Nucleo dev board. In particular, the STM32L476RG is used for the X-CUBE example firmware so we recommend picking up a NUCLEO-L476RG as well.

The ST dev boards are really affordable and come with a built-in debug/programming chipset for quick setup. Development is done in ST’s IDE setup, if you’ve never used it before, please check out Shawn Hymel’s excellent video series that takes you step by step through setting up to use STM32Cube IDE.

 


Have an amazing project to share? The Electronics Show and Tell is every Wednesday at 7:30pm ET! To join, head over to YouTube and check out the show’s live chat and our Discord!

Join us every Wednesday night at 8pm ET for Ask an Engineer!

Join over 38,000+ makers on Adafruit’s Discord channels and be part of the community! http://adafru.it/discord

CircuitPython – The easiest way to program microcontrollers – CircuitPython.org


New Products – Adafruit Industries – Makers, hackers, artists, designers and engineers! — New Products 11/15/2024 Featuring Adafruit bq25185 USB / DC / Solar Charger with 3.3V Buck Board! (Video)

Python for Microcontrollers – Adafruit Daily — Python on Microcontrollers Newsletter: A New Arduino MicroPython Package Manager, How-Tos and Much More! #CircuitPython #Python #micropython @ThePSF @Raspberry_Pi

EYE on NPI – Adafruit Daily — EYE on NPI Maxim’s Himalaya uSLIC Step-Down Power Module #EyeOnNPI @maximintegrated @digikey

Adafruit IoT Monthly — The 2024 Recap Issue!

Maker Business – Adafruit Daily — Apple to build another chip at TSMC Arizona

Electronics – Adafruit Daily — SMT Tip – Stop moving around!

Get the only spam-free daily newsletter about wearables, running a "maker business", electronic tips and more! Subscribe at AdafruitDaily.com !


No Comments

No comments yet.

Sorry, the comment form is closed at this time.