The IoT world is especially exposed to cyberattacks. As of now, industry leaders are demonstrating the interest of Secure Elements and Secure Enclaves for reaching a new level of security for IoT, application processors and consumer mobile communications. With the enthusiasm around the Internet of Things, fueled by ambitious market forecasts coming from industry analysts, many integrators have developed IoT devices. Unfortunately, some of these companies preferred a short time to market rather than choosing to implement proven security features aimed at ensuring their product will be resistant to cyberattacks and will not be used as a proxy for hackers to conduct cyberattacks on other devices. Fortunately, the industry is maturing and security functions are now readily available.
Embedded systems security is a field in permanent evolution. Various options are available to developers of Systems-on-Chip, when it comes to protecting their development against attacks. Developers have to set up security protections, choosing among numerous options and solution vendors. Typically these solutions include the addition of a Secure Element in the design of a system or the inclusion of a Secure Enclave aboard a microprocessor or a System on Chip. The role of a Secure Element or a Secure Enclave is not only to store keys in a secure manner but also to perform cryptographic functions. This way the SoC is able to perform authentication, encryption, decryption and signature functions. Required security functions allowing the encryption of sensitive data include memory protection, hardware based secret key cryptography (DES/3DES), fast public key cryptography (RSA), elliptic curves cryptography (ECC), hardware based hash algorithms, etc.
The addition of a Secure Element or a Secure Enclave is to be complemented with countermeasures against potential cyberattacks. Hardware countermeasures typically include glitch detectors, temperature sensors, active shields, … In addition, other countermeasures are implemented in order to resist side channel attacks such as Simple Power Analysis (SPA) or Differential Power analysis (DPA).
The RISC-V environment is rich in hardware designs as well as firmware sources. It also includes designs and firmware for a large variety of use cases. As it provides a large palette of development tools, the RISC-V environment has been adopted by a vibrant community of developers.
As the RISC-V environment is open source, many developers are working on implementations for numerous purposes. Tiempo Secure is now releasing its TESIC RISC-V Secure Element IP which represents a breakthrough in terms of security as it implements all the needed security functions allowing developers to significantly raise the bar when it comes to the security of their developments. To ensure these developments will resist cyber-attacks and meet market demands, TESIC RISC-V Secure Element IP is certification-ready for Common Criteria CC EAL5+ certification. In addition, Tiempo Secure introduces the Tiempo Secure TESIC RISC-V Development Kit, that allows developers to explore the product features and develop their firmware, including access to the Secure Element.
About Tiempo Secure:
Tiempo Secure is an independent SME headquartered near Grenoble, France, founded in 2007, with customers in Europe, North America and Asia. They specialize in the development of intellectual property (IP) in microelectronics and in embedded software for securing connected objects.
The company offers a wide range of Secure Elements (TESIC family) ready to be integrated into “System-on-Chip” (SoC) components, and allowing maximum security (Common Criteria EAL5+ certified) of connected components: authentication on networks with integrated SIM (iSIM/iUICC), payment (EMVCo), government or private identification, web authentication (FIDO 2), smart car access, communication with autonomous vehicles (V2X HSM).
For more information: www.tiempo-secure.com.
Email: firstname.lastname@example.org, Tel: +33 4 76 61 10 00