Tag Archives: RSA

Secured SAMA5D4 for industrial, fitness or IoT display

To target applications like home automation, surveillance camera, control panels for security, or industrial and residential gateways, high DMIPS computing is not enough.

The new SAMA5D4 expands the Atmel | SMART Cortex-A5-based family, adding a 720p resolution hardware video decoder to target Human Machine Interface (HMI), control panel and IoT applications when high performance display capability is required. Cortex-A5 offers raw performance of 945 DMIPS (@ 600 MHz) completed by ARM NEON 128-bit SIMD (single instruction, multiple data) DSP architecture extension. To target applications like home automation, surveillance camera, control panels for security, or industrial and residential gateways, high DMIPS computing is not enough. In order to really make a difference, on top of the hardware’s dedicated video decoder (H264, VP8, MPEG4), you need the most complete set of security features.


Whether for home automation purpose or industrial HMI, you want your system to be safeguarded from hackers, and protect your investment against counterfeiting. You have the option to select 16-b DDR2 interface, or 32-b if you need better performance, but security is no longer just an option. Designing with Atmel | SMART SAMA5D4 will guarantee secure boot, including ARM Trust Zone, encrypted DDR bus, tamper detection pins and secure data storage. This MPU also integrates hardware encryption engines supporting AES (Advanced Encryption Standard)/3DES (Triple Data Encryption Standard), RSA (Rivest-Shamir-Adleman), ECC (Elliptic Curves Cryptography), as well as SHA (Secure Hash Algorithm) and TRNG (True Random Number Generator).

If you design fitness equipment, such as treadmills and exercise machines, you may be more sensitive to connectivity and user interface functions than to security elements — even if it’s important to feel safe in respect with counterfeiting. Connectivity includes gigabit and 10/100 Ethernet and up to two High-Speed USB ports (configurable as two hosts or one host and one device port) and one High Speed Inter-Chip Interface (HSIC) port, several SDIO/SD/MMC, dual CAN, etc. Because the SAMA5D4 is intended to support industrial, consumer or IoT applications requiring efficient display capabilities, it integrates LCD controllers with a graphics accelerator, resistive touchscreen controller, camera interface and the aforementioned 720p 30fps video decoder.


The MCU market is highly competitive, especially when you consider that most of the products are developed around the same ARM-based family of cores (from the Cortex-M to Cortex-A5 series). Performance is an important differentiation factor, and the SAMA5D4 is the highest performing MPUs in the Atmel ARM Cortex-A5 based MPU family, offering up to 945 DMIPS (@ 600 MHz) completed by DSP extension ARM NEON 128-bit SIMD (single instruction, multiple data). Using safety and security on top of performance to augment differentiation is certainly an efficient architecture choice. As you can see in the block diagram below, the part features the ARM TrustZone system-wide approach to security, completed by advanced security features to protect the application software from counterfeiting, like encrypted DDR bus, tamper detection pins and secure data storage. But that’s not enough. Fortunately, this microprocessor integrates hardware encryption engines supporting AES/3DES, RSA, ECC, as well as SHA and TRNG.

The SAMA5 series targets industrial or fitness applications where safety is a key differentiating factor. If security helps protecting the software asset and makes the system robust against hacking, safety directly protects the user. The user can be the woman on the treadmill, or the various machines connected to the display that SAMA5 MCU pilots. This series is equipped with functions that ease the implementation of safety standards like IEC61508, including a main crystal oscillator clock with failure detector, POR (power-on reset), independent watchdog timers, write protection register, etc.

Atmel-SMART-SAMA5D4-ARM-Cortex-MPU-AtmelThe SAMA5D4 is a medium-heavier processor and well suited for IoT, control panels, HMI, and the like, differentiating from other Atmel MCUs by the means of performance and security (not to mention, safety). The ARM Cortex-A5 based device delivers up to 945 DMIPS when running at 600 MHz, completed by DSP architecture extension ARM NEON 128-bit SIMD. The most important factor that sets the SAMA5D4 apart from the rest is probably its implemented security capabilities. These will protect OEM software investments from counterfeiting, user privacy against hacking, and its safety features make the SAMA5D4 ideal for industrial, fitness or IoT applications.

This post has been republished with permission from SemiWiki.com, where Eric Esteve is a principle blogger as well as one of the four founding members of the site. This blog first appeared on SemiWiki on October 6, 2015.

Secure personalization service safeguards your IP

Written by Steve Jarmusz

Afraid of having your IP/firmware stolen?  Don’t want unauthorized accessories in the marketplace taking revenue that’s rightfully yours and potentially damaging your brand equity?  Security concerns are serious and worth addressing, but what if you don’t have the expertise in cryptography or infrastructure?

Well, one turnkey solution that does not require security expertise are Atmel ATSHA204 CryptoAuthentication™ ICs.  Atmel provides a personalization service to customers of CryptoAuthentication products. This personalization service (configuring the CryptoAuthentication device for a specific application) is performed at final package test. Before this service can be performed, Atmel solicits secrets from the customer while never knowing the value of those secrets. The secrets are received from the customer encrypted and stay encrypted until they are requested by the test program at final package test. Because of the transport key mechanism innate to the ATSHA204 silicon, these secrets are even encrypted at the probe tips while they are being placed into the secure memory of the ATSHA204.

How does Atmel protect the secrets solicited from customers? We use a SafeNet Hardware Security Module (HSM), which are ranked #1 in worldwide markets. HSMs provide the highest performing, most secure transaction security solutions for enterprise and government organizations. They are used in banking, military, and other government applications where information security is paramount.

SafeNet, Hardware Safety Module

SafeNet, Hardware Safety Module

Atmel sends customers that are going to use the Secure Personalization Service the public key of a RSA key pair that was generated and stored on the HSM. Atmel also provides a template that represents the CryptoAuthentications memory contents and an encryption utility. Once the customer fills in this template with their specific data, it is encrypted with an AES key generated by the encryption utility. After AES encryption, the AES key is encrypted with the public RSA key and then deleted.

The encryption utility subsequently packages the AES encrypted template with customer secrets, the encrypted AES key and various other non-encrypted data used for data integrity into a file that is sent to Atmel. This file then is placed on the HSM system at locations performing the final ATSHA204 package tests. When the tester has determined that the ATSHA204 has passed all functional and electrical tests, that file is sent into the HSM for decryption. It is here that the secrets are placed into the ATSHA204 device’s secure memory. Both device and the SafeNet HSM are tamper proof. If a physical attack or tamper is detected, all data contents are destroyed.