Multi-Master RAM Content Protection

March 25, 2020 //By Sandeep Jain, Kirk Taylor, Pradip Singh (NXP Semiconductors)
Multi-Master RAM Content Protection
This article describes a mechanism to secure RAM content by storing the data encrypted and allowing selective decryption of the data, based on master privileges. The feature is especially useful for scenarios where we allow a master to access the RAM data for copy etc but do not allow to interpret the contents. The encryption-decryption steps are handled at the RAM controller level, transparent to the Software.

Automotive designs cater to wide range of applications like infotainment, engine and braking controls, driver-assistance as well as autonomous driving; containing vendor as well as customer secret keys in the memories. With growing security incidents and attack surfaces within these applications, it’s critical that assets stored within on-chip or off-chip memories are well-protected.

In many scenarios, we come across a situation where the core may need access to certain keys/security assets for various house-keeping activities. However, the core may not be the consumer for the data but only transfer/install it to be used by some security module. Allowing core to assess plaintext data can create vulnerabilities, if the software running on the core gets tampered or compromised.

We recommend that sensitive data should be available to core as ‘black’ data –

  • Core can only interpret instructions but not sensitive data/keys, even though accessible to core (for copy etc)
    • Removes vulnerabilities introduced due to SW
  • Memory will contain encrypted content, to prevent secrets from any attack using debug or test mechanisms, that can enable complete physical reading of RAM

As shown in Fig-1, we assign different functional privileges to different masters, while the content is physically accessible to all masters.

Design category: 

Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.