Renesas Electronics Partners with Data I/O and Secure Thingz to Provide Secure Firmware Flash Programming Solution for the Renesas Synergy Platform
Renesas Electronics Corp. announced a first step of a security lifecycle management solution on the Renesas Synergy Platform for customers who build devices connecting to the Internet of Things (IoT). Renesas, together with partners Data I/O Corporation and Secure Thingz, offer a secure firmware flash programming solution enabling customers to reliably and securely program authorized firmware into the flash memory of Synergy Microcontrollers (MCUs) in remote manufacturing facilities and in the field, while protecting firmware from being modified, pirated, or installed on cloned hardware.
OEMs building connected IoT devices face risks that include product disruption, system hijacking, eavesdropping, IP theft, and product cloning. Without the proper security, these devices can be exploited to shut down or damage vital industrial infrastructure or cause injury. Given the increased complexity of the global supply chain, extra diligence is needed to ensure that the integrity and authenticity of a product is maintained in the production environment and not compromised throughout the entire manufacturing cycle regardless of the location and security level and capabilities of the Contract Manufacturer’s (CM’s) or OEM’s manufacturing personnel and processes. The secure flash programming solution based on the Synergy Platform enables OEMs to maintain product integrity and authenticity without such dependencies on the CM’s capabilities.
A chain-of-trust starts with the delivery of a Synergy MCU with hardware security features to a secure programming center where a unique root-of-trust is installed on each MCU with equipment provided by Data I/O. The next step in the chain is for the OEM to use tools provided by Data I/O and Secure Thingz to author their firmware such that it is encrypted, signed, and provisioned to specific MCUs. After this, the Synergy MCUs can be shipped to the OEM or CM facility.
Once in the field, the authored firmware can be securely updated into the MCUs’ flash memory with the on-chip root-of-trust being used to validate and decrypt the firmware before flash programming – all securely taking place within the Synergy MCUs that provide hardware protected memory segments integrated with an asymmetric cryptographic engine to validate and decrypt the firmware. This eliminates concern for IP theft, piracy, and product cloning.
Renesas provides the Synergy MCU and Synergy’s security reference solution that deliver a strong root-of-trust through a unique identity, hardware protected keys, a secure boot loader, a secure flash update module, and cryptographic API’s that interface with the MCU hardware.
Secure Thingz provides the Secure Deploy suite of tools, which enable end-to-end encryption of firmware to the device, plus secure deployment into remote, high-risk manufacturing environments, alongside remote firmware updating and management.
Data I/O provides the SentriX Security Programming Platform, a highly flexible, cost-effective security provisioning and data programming solution for authentication devices, secure elements and secure MCUs that enables the secure provisioning in a secure manufacturing environment or programming center. The SentriX Platform contains the Secure Thingz’s Guardian with integrated HSM (Hardware Security Module), which allows for the SentriX Platform and the Secure Deploy suite to work together seamlessly to protect firmware and critical data.
“Renesas Synergy’s security reference solution empowers OEMs to deliver and manage a trusted IoT device. When used with the SentriX Security Programming Platform and Secure Deploy, Synergy MCUs plus the associated software, tools, and infrastructure allow OEMs to protect their software IP from modification, theft and cloning,” said Brian Davis, Vice President of Synergy IoT Platform Business Division, Renesas Electronics Corporation. “In addition, the solution enables remote systems to be safely updated over the product lifecycle with new protections for evolving security attacks and hacking technologies.”
Customers interested in evaluating the solution may obtain an evaluation kit that includes a DK-S7G2 Synergy Development Kit, tools, Synergy’s security reference solution, and an evaluation version of Secure Deploy. Once customers have evaluated the solution, it can be deployed into manufacturing in conjunction with Data I/O’s SentriX Security Programming Platform. Customers can work with Secure Thingz to deploy a remote update solution.
Renesas Technology America, Inc.450 Holger Way
San Jose, CA, 95134