Raspberry Pi spins its RP2350, adds 5V support
Cette publication existe aussi en Français
Raspberry Pi has spun a third version of its multicore RP2350 microcontroller to address a number of performance and security issues with the chip and add 5V support for indistrial applications.
The new version, the RP2350 A4, which has both ARM and RISC-V cores, was announced by CEO Eben Upton during the eeNews Europe Elektor live round table on supply chain issues.
The launch version of the RP2350, the A2, had an error in the GPIO pad design which prevented pads from properly going into a high-impedance state and a number of security issues identified by participants in the RP2350 Hacking Challenge. These have been addressed with the latest changes to the metal layer in the A4 version.
“A small tweak was applied to the pad macro to eliminate the undesirable leakage in the high side of the pad; this leakage gives rise to the large negative-going excursion in the current-against-voltage trace for A2 below. As a result, external resistors are no longer required to pull inputs low, though they may safely be retained in existing designs,” said Upton.
Boot ROM security vulnerabilities discovered in the course of the RP2350 Hacking Challenge have been fixed in the A4 boot ROM, which, in addition, implements a variety of new defensive strategies to reduce the likelihood of future exploits.
“We have also taken this opportunity to fix a number of minor functional errata in the boot ROM,” he said. This includes a security vulnerability, again discovered in the course of the RP2350 Hacking Challenge, which relates to the behaviour of the OTP when power is removed during a read operation. This has been fixed through changes to the wrapper circuitry surrounding the OTP macro.
A new hacking challenge will look at finding a practical side-channel attack on the hardened implementation of the AES cipher, which is used to decrypt firmware images into internal SRAM at boot time.
RP2350 5V support
The A4 spin also allows support for 5V supplies for industrial designs. “Just make sure to keep VDDIO powered when 5V is applied to any GPIO pad, otherwise the pad will be damaged. And be sure to read the relevant sections in the updated datasheet,” said Upton.
However not all the issues could be addressed with a metal layer change.
One of the winners of the Hacking Challenge exposed a vulnerability in the OTP bit array itself. Using a technique called Passive Voltage Contrast, they were able to painstakingly, and at significant expense, read out the bitwise OR of pairs of adjacent bits stored in the OTP; in principle it may be possible to extend this attack to retrieve the complete contents of the OTP.
“This vulnerability is not fixed in the A4,” said Upton. “An upcoming application note will describe how to store secrets in OTP so as to mitigate both the current vulnerability and a hypothetical future attack which can achieve complete readback.”
There are no plans as yet for an A5 version, he said.
Raspberry PI is also launching pin-compatible variants of the 60-pin RP2350A and 80-pin RP2350B parts with 2MB of flash memory in-package, called the RP2354. Each part costs just 20 cents more than the equivalent RP2350 part as detailed back in March by eeNews Europe.
If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :
