Introducing advanced security in low-power applications with FRAM MCUs
Security is becoming increasingly important in a wider range of applications. Numerous methods have been developed to force systems to expose confidential information or even application code, resulting in the development of countermeasures to ensure the security of Flash and EEPROM ICs. However, these countermeasures are often expensive to implement compared to the practicality of an attack and the value of data being compromised. In addition, these measures can increase power requirements as well as introduce additional complexity to designs, potentially reducing overall system reliability.
Using non-volatile ferroelectric random access memory (FRAM) instead of EEPROM or Flash provides a robust, unified memory architecture to simplify the design of secure systems. FRAM’s inherent resilience to different types of attacks allows it to offer enhanced security when compared to Flash or EEPROM while also eliminating the need for complex, power-hungry countermeasures.
FRAM and superior retention
FRAM offers superior retention and endurance compared to traditional Flash-based systems. With Flash, data is stored as charged states of transistors (i.e., ON or OFF). To write to Flash, the appropriate block must first be erased and then written to. This process is physically destructive to the Flash and eventually results in the inability of transistors to reliably hold a charge.
FRAM, by contrast, stores data as a polarization state of molecules (see Figure 1). Because this process is non-destructive, FRAM has nearly infinite retention and endurance. A single memory cell can allow 10^15 write/erase cycles. For an application such as a mobile payment system that needs to be able to perform 20,000-40,000 transactions over the life of the device, FRAM eliminates endurance and reliability concerns while combining this with very low-power and very fast memory write capability.
The high endurance of FRAM can directly impact security in certain applications.
In applications using crypto keys to secure data, FRAM can be used to generate and store secures keys for every data transaction. With flash-based MCUs this would result in decreased lifetime of the memory segment in use or an increased need for redundancy to ensure that these keys can be written and re-written over the lifetime of the end product.
FRAM and inherent resilience to the most commonly used ‘attack’ techniques
In addition to preventing unauthorized reading and writing of application data, systems must protect against the manipulation of parameters to gain access to sensitive information or invasive attacks against the MCU itself.
There are numerous methods that have been developed to force systems to expose confidential information or even their application code. The likelihood of a particular attack being appropriate depends upon the application and the value of the data at risk. Below are several common attacks:
Power analysis: Spectral Power Analysis (SPA) and Dynamic Power Analysis (DPA) are techniques where the electromagnetic emissions or power usage of an MCU is measured to determine what the MCU is doing internally. EEPROM and Flash require a charge pump operating at 10-14V, which makes them relatively easy to detect. The extremely fast read and write speed of FRAM (less than 50ns and 200ns respectively), as well as lower operating voltage (1.5V) makes it difficult to mount an SPA- or DPA attack against an FRAM MCU.
Microscopy: Atomic Force Microscopy (AFM) or Scanning Kelvin Probe Microscopy (SKPM) have been able to detect charge levels of the floating gate in an EEPROM after backside de-processing to record data stored in memory locations or transmitted on data lines. To counter microscopy, microcontrollers with FRAM, such as TI’s MSP430™ MCUs have the bit write and read lines physically located on either side of the polarized molecule, so delayering the chip is likely to destroy the contents of the memory.
Voltage manipulation: This attack has been used on EEPROM and Flash devices for years, specifically for defeating phone cards. The input voltage to the device is manipulated outside the standard range to force-program bit cells. It is difficult to provide brown-out and over-voltage protection circuitry that can operate longer than the time needed to complete programming of EEPROM bit cells. However, because of the fast read/write time for FRAM, it is possible to protect against voltage manipulation attacks by providing internal brown-out circuitry (BOR) and Supply Voltage Supervisors (SVS) that protect the voltage during read/write operations; this permits the anti-tearing circuitry to allow the FRAM to complete the write process correctly.
Light manipulation: Optical Fault Induction attacks alter data values on EEPROM bit cells. Neither laser light nor UV radiation impact FRAM bit cells (ignoring the heat effect of intense light), therefore FRAM-based devices are secure against these types of attacks.
Radiation: Alpha particles can cause bit flips in EEPROM. FRAM has not exhibited any effect from alpha particles or other radiation sources. In addition, given the ferroelectric nature of FRAM, they are not affected by magnetic fields either.
The use of FRAM, with its fast signals and use of polarization states, also provides a strong level of protection for sensitive code and data compared to Flash or EEPROM. To further protect a system, FRAM memory blocks can be configured with different types of access rights: Read Only for constants such as fonts used for the LCD, Read and Write Only for variables, and Read and Execute Only for application code. The use of access rights not only increases application stability by preventing unintended misuse of memory, it protects against intentional attacks against the system.
FRAM memory management also provides another layer of memory security through IP encapsulation that allows developers to define protected memory segments and create functional separation of the application. Direct read/write access to a protected segment is allowed only by code execution within the same encapsulated segment. Thus, the only way code from an unprotected segment can access an encapsulated segment is by calling a function within the protected segment. Specifically, code handling security keys and data can be encapsulated to isolate it from the rest of the application. Therefore, even if the application code is corrupted, it could not be forced to expose the secure parts of the system.
No application can be completely secure, but FRAM’s inherent resilience to various attacks provides more security as compared to Flash or EEPROM. Next time you need to create a secure system, consider an MCU with embedded FRAM to meet your security needs.