Winbond Electronics is displaying at electronica a solution to the embedded memory constraints facing designers of security-critical applications in IoT nodes, cars, mobile devices and other connected products.
The Winbond TrustME W75 and W77 series of Secure Flash solutions provide code and data storage which is as secure as the embedded Flash used in Systems-on-Chip and applications processors. Winbond is also displaying the W76 series Secure Element for eUICC, mobile payment, biometric authentication and other security-critical applications.
The W75F Secure Flash Solution is the first external Flash memory device to gain a Common Criteria EAL5+ certificate. It also complies with the Trusted Computing Group’s DICE specification for secure device identification and with the Arm Platform Secure Architecture. It can be used for secure Execute-in-Place (XiP) functions, and to protect the confidentiality and integrity of code and data in IoT devices, and in integrated UICC, integrated Secure Element or integrated Hardware Security Modules (HSM) for automotive and Artificial Intelligence (AI) platforms.
The W77F/W77M Secure Flash Solution has Common Criteria EAL2 certification pending, and provides 4MB of tamper-resistant storage. Supporting encryption of storage and of the bus connection to an SoC, it protects the integrity and confidentiality of code and data and establishes mutual authentication between itself and the host SoC or MCU. The device enables trusted connectivity to IoT cloud services by protecting security code or keys. Delivered as a ready-to-use solution, it includes various software packages – Flash manager, OpenSSL driver and mbedTLS – for easy adoption into IoT connectivity stacks.
The W76S Secure Element combines 4MB of secure Flash storage with an Arm SecurCore SC000 core-based microcontroller. Featuring a Common Criteria EAL5+ certificate and EMVCo and CNFR approvals, the W76S is suitable for use in mobile payments applications, to provide Secure Boot functionality, and for premium content protection and biometric authentication applications.
The W76S also provides the eUICC basis for the Winbond eSIM Solution, which runs Java Card platform-based applets and software provided by tier-1 eUICC OS vendor. The eSIM Solution is on display at the Winbond stand B5.520 at electronica.
The Winbond W75 provides the industry’s most secure external storage for data and code. It offers a dependable solution for manufacturers of connected devices which want to defend their products against threats such as replay, roll-back, man-in-the-middle, sniffing, side channel and fault injection attacks.
Both the W75 and W77 products provide comprehensive secure storage for designers who are migrating system designs to the latest generations of SoCs and processors. While mainstream SoCs and processors today are fabricated at 1xnm and later process nodes, unfortunately no process for embedded Flash has advanced beyond 40nm. This makes it impossible to integrate embedded Flash into the latest generations of SoC and processors, which rely on OTP memory or ROM for non-volatile storage.
The 4MB of secure storage provided by the W75 or W77 products gives designers the capacity to accommodate growing code bases and data storage requirements, while maintaining the same level of protection against security threats that would have been provided by embedded Flash.