Texas Instruments Inc. is looking to provide added protection against unauthorized reading of intellectual property and sensitive data in its OMAP-L138 DSP + ARM processors and TMS320C6748 digital signal processors (DSPs).
Two areas of protection are being provided and include a secure boot capability prevents external entities from modifying customer-developed algorithms to stop unauthorized users from misusing the customer’s system and its operation by preventing insertion of malware, reverse engineering and system cloning.
Also being provided is multi-layer encryption which provides the ability to upgrade boot and application software code remotely on flash memory while allowing the boot sequence to remain secure. Multi-layer encryption is enabled when a device-specific cipher key, known only to the device, is used to protect customer encryption keys. When an update is needed, the customer creates a new encrypted image using its encryption keys. Then the device can acquire the image through available connectivity options and overwrite the existing code.
Examples of applications that would benefit from the secure boot and secure field upgrade feature include medical patient monitors that utilize proprietary, certified algorithms and software-defined radios (SDR) to ensure communication isn’t compromised if the radios fall into the wrong hands.
For applications requiring manufacturing facilities that support secure-boot technology, Logic PD, a member of TI’s Elite Design House Network, provides design services, turnkey design through manufacturing and manufacturing facilities that support the secure-boot technology implementation at its U.S.-based, ITAR- and ISO 13485-compliant manufacturing sites.
Secure boot with standalone flashing utilities enables storage of IP and image in encrypted form to external non-volatile memory (e.g. NAND and NOR flash). It also allows OMAP-L138 DSP + ARM to run code on the DSP, isolated from general purpose applications running on the ARM, using hardware firewalls to create isolated regions within the device during the boot process
Multi-layer encryption support enables boot and application code protection and designation of other encryption keys to be used to decrypt boot modules.
The secure boot, multi-level encrypted OMAP-L138 DSP + ARM processors and C6748 DSPs are sampling today at 375MHz and 456MHz with industrial temperature ranges available. Production pricing starts at $21.40 per 1,000 units (1ku) for the OMAP-L138 DSP + ARM processor and $18 per 1ku for the C6748 DSP.
TI also offers secure-boot-enabled devices in the C5000 ultra-low-power DSP platform and plans to introduce future software-compatible devices with varying levels of security in additional DSP, DSP + ARM and ARM-only platforms.