# Customer Training Workshop Traveo™ II Device Security



# **Target Products**



# Target product list for this training material

| Family Category                             | Series     | Code Flash Memory Size |  |
|---------------------------------------------|------------|------------------------|--|
| Traveo™ II Automotive Body Controller Entry | CYT2B6     | Up to 576KB            |  |
| Traveo II Automotive Body Controller Entry  | CYT2B7     | Up to 1088KB           |  |
| Traveo II Automotive Body Controller Entry  | CYT2B9     | Up to 2112KB           |  |
| Traveo II Automotive Body Controller Entry  | CYT2BL     | Up to 4160KB           |  |
| Traveo II Automotive Body Controller High   | CYT3BB/4BB | Up to 4160KB           |  |
| Traveo II Automotive Body Controller High   | CYT4BF     | Up to 8384KB           |  |
| Traveo II Automotive Cluster                | CYT3DL     | Up to 4160KB           |  |
| Traveo II Automotive Cluster                | CYT4DN     | Up to 6336KB           |  |





Device Security is in "CPU and Memory" and "Peripheral Interconnect"



#### Hint Bar

Review TRM chapters 13 and 27 for additional details





Device Security is in "CPU and Memory" and "Peripheral Interconnect"



#### Hint Bar

Review TRM chapters 13 and 27 for additional details

## Introduction to Traveo II Cluster



Device Security is in "CPU and Memory" and "Peripheral Interconnect"



#### **Hint Bar**

Review TRM chapters 13 and 27 for additional details

# **Device Security Overview**



- Traveo™ II provides advanced security to protect user designs from unauthorized access and copying
- Features
  - Lifecycle stage
  - Memory and Peripheral Protection<sup>1</sup>
    - Memory Protection Units (MPU)
    - Shared Memory Protection Unit (SMPU)
    - Peripheral Protection Units (PPU)
  - Flash Write and eFuse Read/Write Protection
    - Software Protection Units (SWPU)
  - Cryptography (Crypto) block

#### **Hint Bar**

Review the Device Security and Cryptography Block TRM chapters for additional details

# Lifecycle Stages



- Traveo II has the following nonvolatile and irreversible lifecycle stages:
  - NORMAL\_PROVISIONED
  - SECURE
  - SECURE\_WITH\_DEBUG
  - RMA
  - CORRUPTED
- > ROM/Flash boot determines protection states based on the lifecycle stage
- > DAP, PC1, and PCx are protected according to the protection state

#### **Hint Bar**

# Lifecycle Stage Transitions



- Lifecycle stages transition by blowing the fuse of eFuse
- eFuse cannot be changed once programmed





#### **Hint Bar**





| Lifecycle Stage    | Description                                                                                                                                                                                                              |
|--------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| NORMAL_PROVISIONED | Customers receive parts in this lifecycle stage.                                                                                                                                                                         |
| SECURE             | This is the lifecycle stage of a secure device. Access restrictions in SECURE mode are controlled by eFuse settings.                                                                                                     |
| SECURE_WITH_DEBUG  | This is similar to the SECURE lifecycle stage, except with NORMAL access restrictions applied to enable debugging, even if authentication fails. Devices that are in this stage are only used by developers and testers. |
| RMA                | Devices can be brought into this stage so that Cypress can perform a failure analysis.                                                                                                                                   |
| CORRUPTED          | This stage is entered in case an error is detected when the boot process tries to determine the current lifecycle stage.                                                                                                 |

### Hint Bar



## Overview

- The MPU/SMPU/PPU restrict access to memory or peripheral address space
  - Internal attack protection
    - Prevents unauthorized code or bus masters from reading protection areas
  - External attack protection
    - Restricts access from unauthorized external equipment



#### **Hint Bar**

Review the Device Security TRM chapter and the Program and Debug Interface TRM chapter for additional details



- Allow debugger access to the CPU after password authentication
  - Debugger sends the password to SRAM
  - Generate a password authentication interrupt from the debugger
  - CM0+ executes password authentication
  - Allow access to the CPU after password authentication





- Allow debugger access to the CPU after password authentication
  - Debugger sends the password to SRAM
  - Generate a password authentication interrupt from the debugger
  - CM0+ executes password authentication
  - Allow access to the CPU after password authentication





- Allow debugger access to the CPU after password authentication
  - Debugger sends the password to SRAM
  - Generate a password authentication interrupt from the debugger
  - CM0+ executes password authentication
  - Allow access to the CPU after password authentication





## Use Case

- Allow debugger access to the CPU after password authentication
  - Debugger sends the password to SRAM
  - Generate a password authentication interrupt from the debugger
  - CM0+ executes password authentication
  - Allow access to the CPU after password authentication



(Note: The password authentication process is implemented by the user in software)

## Flash Write and eFuse Read/Write Protection



## Overview

- Traveo II has software protection units (SWPUs)<sup>1</sup> that support:
  - Permissions for flash writing and erasing
  - Permissions for eFuse reading and writing

# Advantage

- Prevents malicious or inadvertent modification of flash or eFuse
- Prevents reading of eFuse protection data

#### **Hint Bar**

# Crypto Overview



- Crypto provides hardware implementation and acceleration of cryptographic functions
- Features
  - Cryptography function:
    - Symmetric key ciphers
    - Hashing
    - Asymmetric key ciphers
    - Pseudo-Random Number Generator (PRNG)
    - True Random Number Generator (TRNG)
    - Cyclic Redundancy Check (CRC)
  - Secure Hardware Extension (SHE)<sup>1</sup>
  - Hardware Security Module (HSM)<sup>1</sup>

#### **Hint Bar**

# Crypto Block Diagram





#### **Hint Bar**

# Hardware-Based Cryptography IP



- Asymmetric key ciphers
  - RSA and ECC
- Symmetric key ciphers
  - TDES: 64-bit length using a 64-bit key
  - AES: 128-bit length and programmable key length (128/192/256-bit key)
  - Chacha20: 512 random-looking bits



#### **Hint Bar**

# Hardware-Based Cryptography IP



- Hashing: SHA1, SHA2, and SHA3 hashes
- PRNG: Generate in a fixed range using three LFSRs
- TRNG: Generate using ring oscillators
- CRC: Programmable polynomial of up to 32 bits



#### **Hint Bar**

# Secure System Implementation



- The cryptography IP can be accessed only by the secure master (CM0+)
- Requests to CM0+ must be made via system calls using IPC from CM4/CM7



#### **Hint Bar**





- Traveo II can support digital signatures by controlling the hardware IP with software
  - Step 1: Distribute the public key







- Step 2:
  - First, using the hash function, calculate the hash value of the data.
  - Next, encrypt the hash value using the private key.
  - Finally, add the encrypted hash value as "signature" to the created data and send it.







- Step 3:
  - First, decrypt the encrypted hash value using the public key.
  - Next, calculate the hash value of the received data using the same hash function as the sender.
  - Finally, compare the decrypted hash value with the calculated hash value. If they match, the data is correct.





## Use Case

- Random numbers and encryption are used to authenticate the CAN communication partner
  - Step 1: Master ECU transmits the generated random number



#### **Hint Bar**



## Use Case

 Step 2: The slave ECU encrypts the received random number with Key#3 and sends it to the master ECU



#### **Hint Bar**



## Use Case

Step 3: The master ECU decrypts the received encrypted data with Key#3



#### **Hint Bar**



## Use Case

 Step 4: The master ECU checks whether the decrypted data and the transmitted RNG are the same, and authenticates the communication partner if they are the same



#### **Hint Bar**



Part of your life. Part of tomorrow.





| Revision | ECN     | Submission<br>Data | Description of Change                                                                                                              |
|----------|---------|--------------------|------------------------------------------------------------------------------------------------------------------------------------|
| **       | 6152725 | 04/29/2018         | Initial release                                                                                                                    |
| *A       | 6396994 | 07/31/2018         | Added pages 2, 7, 8, 24, and 25<br>Updated pages 3, 4, 5, 10, 11, 12, 13, 16, 17, 18, and 19                                       |
| *B       | 6678028 | 09/18/2018         | Added page 2 Updated page 3, 4, 5, 20, 21, 22, 23 - Delete CYT2B5 series                                                           |
| *C       | 6824363 | 03/04/2020         | Added page: 20, 21, 22<br>Updated page: 3 to 26 (Hint Bar), 9 to 13 (Contents)<br>Deleted page: 27, 28 (delete the appendix pages) |
| *D       | 7082696 | 02/03/2021         | Updated pages 2, 3, 4, 5. Convert content to IFX format                                                                            |