MCUs Eye Software Add-Ons to Boost IoT Security

May 14, 2018 by Majeed Ahmad

Security is becoming a key beneficiary in the evolution of software development kits (SDKs) in the IoT era.

Security is becoming a key beneficiary in the evolution of software development kits (SDKs) in the IoT era.

The Internet of Things (IoT) ecosystem is further bridging the gap between hardware and software worlds, and microcontroller suppliers are at the forefront of this software revolution. The design kits now have it all, from RTOS to middleware packages and communication stacks to application frameworks.

A comprehensive suite of qualified production-ready software components allows embedded designers to focus on their specific applications and save months of time and effort otherwise spent on the software development for microcontrollers.

In other words, the IoT bandwagon is accelerating the evolution of software development kits (SDKs), a set of software development tools, which enables designers to create applications for a certain hardware platform: a microcontroller or a module. These kits include evaluation boards and other ready-made design solutions.

A view of the Synergy software platform built around the company's microcontrollers. Image courtesy of Renesas.


Here are a couple of design case studies that demonstrate the growing software muscle in the MCU-centric designs. First, take STMicro's expansion software package for simplifying security of connected devices such as IoT endpoints. The X-CUBE-SBSFU v.2.0 is a firmware solution that enables functional upgrades and security updates of the features built into STMicro's STM32 microcontrollers.

The software helps embedded designers using the STM32 microcontrollers check and activate the built-in security mechanisms and efficiently implement secure boot and secure firmware update services. It can receive, authenticate and decrypt the encrypted firmware image, and check the integrity of the code.

The expansion software supports multiple digital signature techniques like Advanced Encryption Standard (AES) and Elliptic Curve Digital Signature Algorithm (ECDSA) as well as encryption algorithms such as AES-GCM. It's being delivered as a free-of-charge reference library, and it comes with technical literature to aid design implementation.

The X-CUBE-SBSFU software is an enabler of security features already built into the MCU. Image courtesy of STMicro.


The second case study also relates to how a software solution can effectively utilize the built-in security features in a microcontroller in order to boost protection against cyber security threats. It's about Cypress Semiconductor incorporating the Arm's Platform Security Architecture (PSA) software in its PSoC 6 family of microcontrollers.

Cypress has also incorporated the Trusted Firmware-M, an open-source reference PSA implementation for the ARMv8-M processors. That allows the PSoC 6 microcontrollers to leverage three main components of the PSA framework: Threat models and security analyses, hardware and firmware specifications, and a reference open-source device firmware. And that enables embedded designers to quickly implement security in IoT designs.

More specifically, it allows the PSoC 6 microcontroller-based designs to provide secure-element functionality, which in turn, enables the root of trust operations. Furthermore, the PSA framework creates an isolated execution environment for running secure applications.

The above examples show how the MCU ecosystem is getting some extra help from software add-ons. And how it can help designers to accelerate time to market and focus on innovating at the application level.