RA product family of 32-bit Arm Cortex-M microcontrollers,Create a secure IoT with Renesas Secure Encryption Engine and Arm TrustZone technology.

TOKYO, Japan, March 10, 2021 – Renesas Electronics Group (TSE: 6723), a global supplier of semiconductor solutions, today announced that the RA product family of 32-bit Arm® Cortex®-M microcontrollers (MCUs) has received PSA Level 2 Certification and IoT Platform Security Evaluation Standard (SESIP) certification.

The RA6M4 MCUs with the Flexible Configuration Package (FSP) are PSA Level 2 certified, expanding on the PSA Level 1 certification for the RA4 and RA6 series MCUs. The Renesas RA6M3, RA6M4 and RA4M2 MCU product groups are certified to the SESIP1 standard for "physical and logical attacker" protection.

In addition to widely recognized industry certifications, Renesas RA MCUs enable advanced IoT security for customers by combining a NIST CAVP-certified secure encryption engine based on Arm TrustZone® of Armv8-M. The RA product family incorporates hardware-based security features ranging from simple AES acceleration to fully integrated cryptographic subsystems isolated within the MCU. The secure encryption engine provides symmetric and asymmetric encryption/decryption, hash functions, true random number generator (TRNG) and advanced key management functions, including key generation and unique key encapsulation functions related to MCU hardware. Access management circuitry shuts down the encryption engine if the correct access protocol is not followed, and built-in dedicated RAM ensures that the plaintext key is never exposed to any CPU or peripheral bus.

Roger Wendelken, Senior Vice President, IoT and Infrastructure Business Division, Renesas Electronics, said, "Renesas Electronics understands that security is critical for IoT designers, so we design RA products with security in mind from the very beginning. family. Today, these industry certifications further enhance the security features of RA products for IoT applications.”

Carlos Serratos, Senior Director of Strategy, Policy and Communications at Brightsight, said: “We are delighted to partner with Renesas Electronics on the SESIP and PSA certification programs. The certification of the Renesas RA product family is a testament to the relevance of safety standards to the industry. There is a growing awareness of the value of certified devices as an effective risk management tool and aligned with multiple device certifications. Certifications are currently primarily for devices used in critical infrastructure and are steadily becoming the standard for other devices in the IoT space.”

PSA certification builds a framework for securing connected devices, from security analysis to security assessment and certification. The framework provides standardized resources to address the increasingly fragmented needs of IoT development, ensuring that security is no longer a barrier to product development. PSA Certification PSA Level 2 certification certifies products against scalable software attacks through third-party lab evaluation of the PSA Root of Trust (PSA-RoT). Assessment Labs rely on PSA-RoT's vulnerability analysis and penetration testing to determine if the nine security requirements of the PSA-RoT protection profile are met.

SESIP is an optimized version of the Common Standard Method (ISO 15408-3) for evaluating IoT components and networking platforms. SESIP defines a Security Feature Requirements (SFR) catalog that product developers can use to build their security appliances and scale them appropriately based on their specific threat models and use cases. SESIP also consolidates and completes the Common Criteria Security Assurance Requirements (SAR), including requirements for the ALC_FLR.2 defect reporting procedure. Renesas is addressing this issue through the PSIRT (Product Security Incident Response Team) process and public web channels. The SESIP methodology is designed for SFR reuse and mapping to other certifications, enabling product developers to properly certify their devices against other industry standards such as IEC 62443, etc.

Leave a Reply

Your email address will not be published.