Cyber security concerns in the manufacturing sectors typically focus on network architectures and the software applications that run on them. To further enhance the security of devices used in manufacturing, microcontroller producers are now releasing products with installed security capabilities.
One of the newer security-enabled microcontrollers to hit the market comes from Microsemi Corporation, which recently released the SmartFusion2 system-on-chip (SoC) field programmable gate array (FPGA) family. These FPGAs are reportedly designed to “address fundamental requirements for advanced security, high reliability and low power in critical industrial, defense, aviation, communications, and medical applications.” The aim of these chips is to protect classified designs against tampering, cloning, overbuilding, reverse engineering, and counterfeiting.
To deliver this level of security, SmartFusion2 integrates a flash-based FPGA fabric, a 166 MHz ARM Cortex-M3 processor, advanced security processing accelerators, DSP (digital signal processing) blocks, SRAM (static random access memory), eNVM (embedded nonvolatile memory), and high-performance communication interfaces on a single chip. SmartFusion2’s design and data security capabilities include a root-of-trust device with secure key storage capability using what Microsemi claims is the SoC FPGA industry's only physically un-clonable function (PUF) key enrollment and regeneration capability. The company also says that SmartFusion2 is the only SoC FPGA protected from differential power analysis attacks using technology from the Cryptographic Research Inc. portfolio.
On top of these capabilities, users can also employ the SoC’s built-in cryptographic processing accelerators, which include: advanced encryption standard AES-256, secure hash algorithm SHA-256, 384 bit elliptical curve cryptographic engine and a non-deterministic random bit generator.
Another new entry in the field of secure embedded devices comes from Zilog Corporation with the release of ZGate Embedded Security, which comprises Zilog’s eZ80F91 microcontroller and what Zilog calls a “full-featured TCP/IP stack” that features Icon Labs’ Floodgate Embedded Firewall. Using the embedded firewall will enable ZGate to block denial of service attacks, packet floods, port scans, and other Internet-based threats encountered when accessing connected devices.
ZGate features include Ethernet, IP/UDP/TCP/ICMP filtering, low latency, and application programming interfaces for event logging. Zilog claims that ZGate’s configurable filtering rules offer static/rules-based filtering to block packets based on configurable rules, and dynamic filtering/stateful packet inspection to block packets based on the state of a connection. According to the company, tests of these packet-blocking filters show “dramatically improved network throughput under load.”
Zilog’s eZ80F91 microcontroller is a new addition to the company's eZ80Acclaim-based products used in wired and wireless Internet connected devices in the defense, energy, medical, transportation and manufacturing industries.
If you’re not an automation engineer who designs controllers or other intelligent automated devices, you may not deal with embedded devices such as these very much. However, knowing more about the devices you purchase and use—and whether or not the device manufacturers you interact with are employing advanced microcontroller technologies such as this—can be very helpful as you make decisions about your future automation plans.
