In a classical architecture, developers of SoCs (System-on-Chips) usually use a CPU as the core application processor and call on Secure Element functions when they are needed, however, the partnership between Tiempo Secure and GreenWaves Technologies has demonstrated what they claims is a better architecture where the Secure Element is in control of the boot process.
The prototype combines a Tiempo Secure Element with a GreenWaves ultra-low power RISC-V based Application Processor targeting IoT and hearables markets.
A Secure Element is a small component, based on a secure architecture already used in billions of SIM cards and banking cards daily. It has limited and controlled I/O, a limited and protected memory and implements physical security features; as such it constitutes a secure environment, which can be certified to the highest levels of Common Criteria.
Used as the Master of the SoC the Secure Element is the first to boot when the device is started thereby guaranteeing that only valid software is used to start the SoC - making it substantially more resistant to hacking attempts.
Because the boot of the whole device is controlled by the Secure Element it makes it resistant to side channel attacks and fault injection attacks. The TESIC IP Secure Element boot is based on AES-256, which means that it is future proof to quantum computers attacks.
Access to mass memory, generally Flash, is controlled by the Secure Element, preventing any unauthorised access to data. For instance, the coefficients of a neural network for noise reduction stored in the external Flash memory of a GreenWaves processor would be protected by the secret keys securely stored in the Secure Element.
In addition, this architecture allows to store the boot code in a rewritable memory, not in a ROM, allowing to update it in a secure manner during the lifecycle of the object. More generally, data needed by the SoC are stored in a non-volatile memory shared between the Secure Element and the application processor, bringing more flexibility to memory allocation and reducing area and therefore cost.
Sebastien Riou, Applications Manager for Tiempo Secure, said, “This collaboration with GreenWaves has been extremely profitable for both parties: it has allowed us to iron out all potential issues in giving the role of Master to the Secure Element, and to demonstrate the benefits of this architecture in a very concrete case.”
Eric Flamand, Co-founder and CTO of GreenWaves Technologies, added, “Tiempo Secure integrated secure element to boot a SoC allows to simplify drastically security architecture, replacing many critical parts such as ROM code, PUF and TRNG with a single IP.”