Memory Cards for Data Protection
March 10, 2020 | Hubertus Grobbel, Swissbit AGEstimated reading time: 4 minutes
Where data storage solutions are required for industrial applications, the key selection criteria must include robustness, durability, fail-safety and long-term availability of the flash storage media. Noteworthy too: demanding security requirements can be addressed with special versions that feature WORM (write-once-read-multiple) or cryptography functionality.
Our increasingly networked world in the age of The Internet of Things (IoT) is, at the same time, increasing the threat of misuse, sabotage, data theft, counterfeiting etc. Cyber-security has become a key concern for a wide range of applications, from the automotive industry to the Smart Factory. Here, the attack vector is through vulnerable software. For all-round full protection, hardware solutions can also complement pure software solutions. Here, a Trusted-Platform-Module (TPM) is used for encryption, for example, or a secure element as a tamper-proof memory and security anchor. To ensure secure operation of a system, booting should already be monitored seamlessly as a trusted boot.
This concept ensures that software can only be launched on specific hardware or hardware classes. The boot loader uses an authentication secret that is only available within the boot environment (BIOS/UEFI). Swissbit’s approach: essentially every system requires memory, for example as boot media or data-collection, and this is where the solution comes into play. The secure element isn’t fixed to the hardware but provided as a removable component like a dongle for example. This makes security solutions retrofittable.
This opens up a variety of new approaches for security solutions for secure-boot, data-protection, license-protection and secure identification of connected devices within a M2M communications network. At the same time, since only standard interfaces for SD memory cards or USBs are needed, systems designers can be flexible in their selection of hardware. TPM-functionality can be implemented by the SmartCard in the Secure Storage Card as a Java card applet.
Copy Prevention and Authentication
In 2015, AUDI AG, BMW Group and Daimler AG paid €2.8 billion to take over Nokia’s geodata company “Here,” indisputable evidence of the significance of navigation systems at the dawn of autonomous driving. Commonly SD Memory Cards are used to load map data into a navigation system. Swissbit-cards with hardware-encryption enable data protection. The use of flash memory devices with secure element offers direct benefits such as navigation system data-control and ensuring license terms compliance.
Memory cards with integrated SmartCards make it possible to assign vehicles with tamper-proof identities as the basis for authentication applications. In future, infotainment systems within vehicles will become increasingly important as an interface to ITC devices and the internet. The secure element makes it a secure platform that can be used to provide paid services, obtain media content, or pay tolls for example. New functions can be retrofitted and protected to highest cryptographic standards.
Data-protection and Functional Safety
In recent years, increasing connectivity within and outside the car, i.e., Car2Car Communication, has made protection and defense against cyber-attacks a much-debated key concern, mainly with regard to possible consequences for functional safety. Communication of ECUs via bus systems can be encrypted if for example at certain nodes an eMMC (embedded multimedia card) with Secure Element serves as a TPM. Thanks to this authentication feature, the risk of tampering with in-vehicle communications can be averted.
Tamper-proof Recording
Demand for security solutions will increase significantly. Not only for embedded systems for the Industrial Internet of Things (IIoT), but also for ordinary everyday applications, where safeguarding of recordings or events is required. These include, for example, smart meter readings or log files in industrial systems, and of course current fiscalization of cash registers. E-mobility charging stations will no doubt need similar solutions in the near future to safeguard billing processes. As soon as a drop in fuel tax calls for consumption-led taxation of e-mobility, fiscal processes will also need to be implemented. The solution: an audit-proof record can be achieved using WORM (write-once-read-multiple) memory functions that ensure that data is only written once and can no longer be deleted. For export, data within the WORM memory is linked to a digital signature to ensure its authenticity and integrity.
Design
Swissbit’s secure memory cards consist of a flash memory chip, which beginning at wafer-level are produced and tested to industrial standards and powered by a special version of the durabit-firmware with integrated AES-256-bit-encryptor. With the DP (data protection) version, all data is encrypted and protected in various ways (CD-ROM mode, PIN protection, hidden memory, WORM mode). The standard edition for authentication and PKI applications, the voice edition with elliptic curve cryptography for mobile applications, and the premium edition with symmetric and asymmetric encryption all feature an Infinion/NXP Smart Card Chip CC EAL 5+/6+. For applications subject to FIPS (Federal Information Processing Standard) requirements, an option with NXP Smart Card Chip FIPS 140-2 Level 3 as a secure element is also available. Swissbit memory cards as described above are also available as various flash types: MLC (Multi-Level Cell), pSLC (pseudo Single Level Cell) and SLC (Single Level Cell) - and in various sizes. An SDK and a PKCS#11-library for using the API are available for the development of applications.
Conclusion
These examples are just a snapshot of the diverse applications, where data-storage and provision as well as access- and communication-protection can be simply achieved with a single solution. Swissbit’s extremely robust and durable flash memory devices with security features make them particularly suitable for challenging applications with long life- and maintenance-cycles. The use of standard interfaces has the advantage that retrofittable and upgradable applications can be developed. Considering cyber security is still a constant battle between attacker and defender, a replaceable security device can even be an insurance for the future for new products.
Hubertus Grobbel is head of the Security Products Division of Swissbit AG.
Suggested Items
Book Excerpt: The Printed Circuit Assembler’s Guide to... Factory Analytics
04/24/2024 | I-Connect007 Editorial TeamIn our fast-changing, deeply competitive, and margin-tight industry, factory analytics can be the key to unlocking untapped improvements to guarantee a thriving business. On top of that, electronics manufacturers are facing a tremendous burden to do more with less. If you don't already have a copy of this book, what follows is an excerpt from the introduction chapter of 'The Printed Circuit Assembler’s Guide to... Factory Analytics: Unlocking Efficiency Through Data Insights' to whet your appetite.
Real Time with... IPC APEX EXPO 2024: Industrial Quality Solutions from Zeiss
04/23/2024 | Real Time with...IPC APEX EXPOEditor Nolan Johnson and Herminso Gomez of Zeiss Group discuss the company's industrial quality solutions, with a focus on X-ray technology. Zeiss provides a range of microscopy options and Herminso highlights the advantages of X-ray technology for aerospace, medical, and consumer electronics sectors.
Altair Acquires Cambridge Semantics, Powering Next-Generation Enterprise Data Fabrics and Generative AI
04/22/2024 | AltairAltair a global leader in computational intelligence, acquired Cambridge Semantics, a modern data fabric provider and creator of one of the industry’s leading analytical graph databases.
I-Connect007 Editor’s Choice: Five Must-Reads for the Week
04/19/2024 | Marcy LaRont, PCB007 MagazineFor my must-read picks of the week, I’m highlighting Parker Capers, a young professional seeking employment, solid counsel from Dan Beaulieu on what your post-show plan should look like, more information and insight on “chiplets” and the need for secure data transfer standards from columnist Preeya Kuray, as well as Matt Stevenson’s design for reality wisdom. It’s a reminder to download one of our newest books (there are several) you don't want to miss if you are an assembler.
D Coupon Testing and Data Insights With GreenSource Fabrication
04/17/2024 | Marcy LaRont, PCB007 MagazineMarcy LaRont spoke with Steve Karas of GreenSource Fabrication at the SMTA UHDI conference in March. He presented a case study that GreenSource undertook with a customer on critical via reliability with advanced materials and used the experience to highlight the importance and effectiveness of D coupon testing. He also discussed GreenSource’s approach to data aggregation and a new system they developed to use collected data effectively.