Secure Software Updates for Cortex-M

There are a number of threats that may affect your Cortex M-based product, for instance theft of software, illegitimate access of IP or malicious software in product, causing risk of:

  • • Theft of sensitive data.

  • • Manipulation of information/features; region settings, travelled distance.

  • • Destructive/disruptive actions taken by malicious code.

  • • Corrupt software in product leading to product failures.

  • • Hijacked product.

Insufficient security measures may cause loss of revenue, after market costs, loss of customer confidence, inability to meet market/legal requirements and more.

Secure Software Updates means adding protection against attacks that could exploit the mechanisms that supports field updates. The Security aspects are particularly important for Internet-of-Things and other devices allowing remote updates.

Secure Boot is a pre-requisite for Secure Software Updates. Boot is in general how an embedded system starts after power on. In this context Secure Boot means:

  • • Authentication of software before is it programmed into memory.

  • • Checking integrity of software in memory before it is allowed to run.

BOOT:concept provides infrastructure, hardware and software tools supporting Secure Software Updates. It is based on proven industry standards, such as AES, RSA, SHA and CRC. Primary security mechanisms used in the concept include:

  • • Encryption of (software update) data.

  • • Authentication of (software update) data and communication sessions.

  • • Sensitive software and data in internal memory only

  • • Read-protection of internal memory

BOOT:able is a software product that implements Secure Boot, by blocking direct access to software and hardware (internal Flash memory). It is designed specifically for small embedded devices, such as the Cortex-M series ranging from M0 and upwards. It also provides important features needed in boot loaders; collecting data related to “crashes” supporting post-mortem analysis, programming “last good configuration” and more.

BOOT:hook is an optional communication dongle that connects to a computer (or the Internet) via USB or Ethernet and offers Secure Communications with BOOT:able, and has necessary keys and methods for this. BOOT:hook is supported by Windows tools.

Secure Software Update is supported both locally using “wired connections” and remotely via the Internet etc. The concept allows for end users to securely update their own products without the need for expensive hardware or visiting a service center.

BOOT:concept is generically usable for most Microcontroller families, with focus on “small” Microcontrollers with internal memory only.

© Embedable AB, 2017