News

Evaluation Kit with Crypto Key Management for Secure IT and IoT Devices

February 21, 2019 by Scott McMahan

STMicroelectronics' STSAFE-A100 Evaluation Pack extends the company's richly supportive STM32 Nucleo ecosystem to accelerate secure-element integration. The evaulation pack leverages reusable source code that simplifies the creation of secure IoT devices, high-value consumables such as medical probes, IT accessories, and consumer products.

The pack is comprised of the X-NUCLEO-STSA100 expansion board (see image above), which contains the STSAFE-A100 Secure Element, and the STSW-STSA100 software pack. The software includes device drivers, STM32 microcontroller source code, and STSAFE-A100 source code for use cases such as brand and ecosystem protection, device enrolment, and secure cloud connection.

The STSAFE-A100 is an 8-pin device that the that according to the company, provides robust, immutable, hardware-based authentication and secure data-management services to a host system. The device is highly resistant to cyber-attacks. It features a secure OS running on a state-of-the-art, CC EAL5+-certified secure microcontroller, advanced symmetric and asymmetric cryptography, crypto key management, and has built-in protection against physical and side-channel attacks.

The STSAFE-A100 secure element can be combined with an unrestricted variety of STM32 microcontrollers, sensors, and actuators to protect products ranging from simple IoT endpoints to industrial networking and control equipment, wearables, computer peripherals, mobile accessories, and gaming equipment.

The STSAFE-A100 Evaluation Pack is available now for $35 from st.com or distributors. Access to the STSW-STSA100 software pack is free, at www.st.com/stsw-stsa100

The STSAFE-A100 Nucleo expansion board, X-NUCLEO-STSA100, is intended for evaluation of the STSAFE-A100 secure element.

It is designed to allow easy and fast software development using STMicroelectronics' STM32 Nucleo boards, which support both ARDUINO® and ST morpho connectivity.

The board hosts a personalized X-NUCLEO-STSA100 device usable in association with the STSW-STSA100 software package.

Key Features of the STSAFE-A100 Nucleo expansion board (X-NUCLEO-STSA100)

  • STSAFE-A100 prepersonalized with an evaluation configuration
  • Morpho connectors for easy connection to STM32 Nucleo boards
  • ARDUINO® connectors for connection to ARDUINO®-compatible microcontroller boards
  • HE10 Aardvark™ connector for connection to a Total Phase Aardvark adaptor.
  • Voltage selector to select the 3.3V or 5V power supply
  • Chip reset jumper to force the chip reset stage
  • USB connector for connection to a Nucleo board over USB
  • User LED for use in applications

Features of STSAFE-A100 Secure Element

  • Authentication (of peripherals, IoT and USB Type-C devices)
  • Secure channel establishment with remote host including transport layer security (TLS) handshake
  • Signature verification service (secure boot and firmware upgrade)
  • Usage monitoring with secure counters
  • Pairing and secure channel with host application processor
  • Wrapping and unwrapping of local or remote host envelopes
  • On-chip key pair generation
  • Security features
    • Latest generation of highly secure MCUs
    • CC EAL5+ AVA_VAN5 Common Criteria certified
    • Active shield
    • Monitoring of environmental parameters
    • Protection mechanism against faults
    • Unique serial number on each die
    • Protection against side-channel attacks
  • Advanced asymmetric cryptography
    • Elliptic curve cryptography (ECC) with NIST or Brainpool 256-bit and 384-bit curves
    • Elliptic curve digital signature algorithm (ECDSA) with SHA-256 and SHA-384 for digital signature generation and verification
    • Elliptic curve Diffie-Hellman (ECDH) for key establishment
  • Advanced symmetric cryptography
    • Key wrapping and unwrapping using AES-128/AES-256
    • Secure channel protocols using AES-128
    • Secure operating system
    • Secure STSAFE-A100 kernel for authentication and data management
    • Protection against logical and physical attacks

Hardware features of STSAFE-A100 Secure Element

  • Highly secure MCU platform
  • 6 Kbytes of configurable non-volatile memory
  • Highly reliable CMOS EEPROM technology
  • 30 years' data retention at 25°C
  • 500,000 erase/program cycles endurance at 25°C
  • 1.62V to 5.5V continuous supply voltage
  • Operating temperature: −40°C to 105°C
  • Protocol
    • I²C-bus slave interface
      • Up to 400 kbps transmission speed (Fast mode) and true open-drain pads
      • 7-bit addressing
  • Packages
    • ECOPACK®-compliant SO8N 8-lead plastic small outline and UFDFPN 8-lead ultra-thin profile fine pitch dual flat packages