Presentation is loading. Please wait.

Presentation is loading. Please wait.

Renesas Electronics America Inc. © 2010 Renesas Electronics America Inc. All rights reserved. Board ID – REA Sales Training Document for Internal Use only.

Published byEgbert Arnold Modified over 9 years ago

Similar presentations

Presentation on theme: "Renesas Electronics America Inc. © 2010 Renesas Electronics America Inc. All rights reserved. Board ID – REA Sales Training Document for Internal Use only."— Presentation transcript:

1 Renesas Electronics America Inc. © 2010 Renesas Electronics America Inc. All rights reserved. Board ID – REA Sales Training Document for Internal Use only June 2010 N. Ramatchandirane, Secure MCU 00000-A Rev. 0.00 Date: 06/21/2010

2 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 2 Agenda Introduction (Security IC market) Use cases (Anti-Cloning, Usage Control, Secure Tracking, IP protection..) Details on Renesas solution Customer / prospect list / promotion campaigns with Avnet Q&A

3 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 3 REA Support Organization Peter Carbone / Sr. Director, MCU Product Marketing Jun Ueda / Director, Security Product Marketing (Denis Pochet) Nadaradjane Ramatchandirane / Sr. Marketing Mgr Shotaro Saito / Staff Application Engineer Engineering Group : Shumpei Kawasaki/ Sr. Director Murthy Vedula Ali Sebt / VP Bill Hood / Sr. Director, Sales Security OS, Software Reference designs, FAE & customer support, Business Development, Design-win support, Tactical marketing Operation : Masanori Nakano, Mio Arakawa (ROM release, P.O. handling) Brian Davis / Director, Segment Marketing REL-Japan: MCU BU – Secure MCU BU (GM: Kenichi Ishibashi, Deputy GM: Kenichi Takahira)

4 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 4 M to M Authentication Embedded interface (I2C) Small package N Series USB Secure Token * Under development AE56U NFC NFC Series* Renesas in the Secure MCU market Contact Smart Card AE4 Series AE5 Series RS4 Series Banking, ID card Contactless Smart Card AE41R RS4X Series* Banking card Mobile Phone General Promotion Selected OEM support only Embedded Enterprise

5 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 5 Renesas History of Security IC 1980 19902000 Banking Card (Visa, MasterCard, Debit card) GSM, 3G SIM Card ETC SAM Contactless Card M to M Authentication 2009 ETC SAM : Electric Toll Collection Secure Authentication Module M to M : Machine to Machine 2010 SIM 3 B milestone Renesas in the Secure IC market

6 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 6 Hacks can affect almost any product High tech industrial High tech consumer Public infrastructure designs without strong security at high risk www.HackADay.com POOR SECURITY = HIGH RISK

7 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 7 The Big Bad Wolf Business risks: Liability Service Level Agreement Revenue loss Unfair competition Increased costs of operations License and brand protection Credibility with partners and customers Security breaches Device effectiveness

8 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 8 Levels of security Software security BAD Memory chip security Almost as BAD Board ID SECURE Strong crypto Tamper proof PKI for Embedded Systems Avnet VAS Keys NOT protected CPU intensive (can be OK for PKI comp. by the host) (encryption alone is NOT security) Outdated key lengths (like a ‘ 2 digits ’ PIN code) We bring proven Web user authentication technology to Embedded Systems

9 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 9 Low Cost Security Solutions Maxim 1-wire Secure EEPROM – 1Kb – SHA-1 Atmel CryptoAuthentication – SHA-256, authentication only Atmel CryptoMemory – 1Kb to 256Kb – Proprietary 64bit symmetrical keys

10 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 10 Algorithms for Security SHA-1 / SHA-256 Simple message digest Not “true” encryption – Mostly used for digital signature signing SHA-1 retired from use by US government Symmetrical Cryptography Proprietary, DES, 3DES, AES – 64, 128, 256bit keys Symmetrical keys used on both sides – Keys must be handled with the highest security – Sharing of common keys can lead to compromise – Any key compromise affects every unit Asymmetrical Cryptography RSA, ECC 1024, 2048, 4096 bit keys Uses public / private key pairs – Private keys are all different – Compromise of a single key only affects a single unit Can be more complex to implement

11 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 11 Case Study Background: Large, well known camera manufacturer Battery Cloning Issues – Direct Revenue Loss – Warranty Issues – LiIon Battery Safety Issues Solution Low cost SHA-1 based security device Result Camera firmware hacked to obtain keys Low cost microcontroller used to imitate security device Cloned batteries available within 3 months FAIL

12 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 12 Characteristics of a Secure Solution Must be based on strong cryptography Must provide for secure key storage Must provide a defense against physical attacks Physical attack on bare die Voltage Frequency Temperature Must include a secure supply chain Key generation / provisioning Device Programming

13 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 13 Board ID use examples I2C

14 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 14 Case 1: Anti-Cloning Business case Implementation example Renesas solution with Board ID

15 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 15 Board ID Example – Anti-Clone System Counterfeited routers Main CPU I2C Security key storage Plug-in router card modules Board ID Chips Router main board

16 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 16 Case 2: Anti-cloning, Usage control Business case Implementation example Renesas solution with Board ID

17 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 17 Board ID Example – Usage Control Medical Device unit and probe(s) Doctor prescribes Treatment (usage of probes) Medical probe(s)  Security IC in the probe enforces the usage prescribed (no overuse / misuse possible) Unalterable Usage Control info processed by the Security chip Main CPU Board ID chip Main Unit I2C Peripheral unit (disposable) Board ID chip

18 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 18 Case 3: Secure Tracking, IP protection Business case Implementation example Renesas solution with Board ID

19 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 19 Board ID Example – Protect Licensing Model Medical system vendor Approved Partner Co $ Main CPU Board ID chip Main Unit I2C accessory unit Accessory MCU

20 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 20 Details on Renesas solution Secure MCU Firmware and Security application Demo kit and reference software A complete solution with Avnet Key management and provisioning services

21 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 21 Conventional MCU or memory chip vs. Board ID chip Board ID Conventional MCU or memory chip Attacker can read data by monitoring current consumption Current consumption is scrambled by internal noise generator data cannot be extracted by current monitoring Attacker can capture data by probing metal patterns Chip is protected with: “active” metal shield to prevent data capture randomized layout These are only few examples: many more advanced security features are implemented in the Board ID chip Chip spec On chip detectors works Voltage Frequency Boundary of normal operation Chip spec Voltage Frequency Boundary of normal operation On chip detectors force to stop operation under abnormal conditions Attacker can read data under abnormal operating conditions

22 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 22 Board ID 1.0 Specs summary Hardware Specification P/N: R5H30211NB03NQ03 Operating Voltage1.8V - 3.3V Clock Speed6MHz with internal oscillator Communication interfaceI2C (100kHz) Operating Temperature - 20°C to +75°C WTR option (please consult with us) PackageQFN20 (4.2mm x 4.2mm) Software Specification Authentication AlgorithmPKI (RSA 1024 / 2048 bits) Anti-CloningPKI (Certificate and signature verification) Usage ControlLimit counter (1 to 4, 294, 967, 295 times) Secure Tracking4 bytes (32bits) of condition value IP Protection4 bytes (32bits) of condition value Secure Storage64 bytes X 8 pages (512bytes total)

23 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 23 The Solution

24 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 24 A complete one-stop-shop solution from Avnet 1- Devices are manufactured in secure Renesas facility and locked. 2- User data provided to Avnet, user keys and X509 certificates are generated by Avnet’s secure servers, 3- Devices are programmed and locked in Avnet’s secure programming center, every chip unique. 4- After programming devices are shipped only to customer or customer approved CM. 5- Entire process is auditable, customer required records produced as needed. Avnet: A Secure Supply Chain for Secure Products

25 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 25 New Board ID demo kit Board ID Device (R5H30211) 1.Capable to show authentication demo for each use cases (Anti-Cloning, Usage Control, Secure Tracking and IP Protection ) 2.Authentication is done between authenticator (SH7285 MCU) and Board ID device (R5H30211 with firmware version 1.0) 3.Authenticator software is provided as Board ID Security Stack (BSS) for easier porting by customers into their target MCU/MPU. 4.Low cost, MSRP: $149, MP available, in stock Authenticator (SH7285) YBIDKITSV2

26 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 26 Board ID Strengths 1- Unmatched web user like authentication 2- Built with proven PKI technology and standards 3- Strong authentication solution ideal for a high growth market: devices connected to the internet 4- COMPLETE, UNIQUE SOLUTION DEPLOYABLE NOW. Avnet will: - Provide full quotation including VAS - Handle NDA, Educate, and Support customer - Provide a unique product and logistics service (One stop shop) 5- Top companies have selected Renesas Secure MCU product to build the authentication solution in their system. Current shipment: several M units / month (same product family as Board ID)

27 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 27 Customer / prospect list / promotion with Avnet

28 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 28 - Promotion activities - FebMarAprMayJunJulAugSepOct. DocumentUser ’ s Manual update Datasheet update UM Update for BID 2.0 ToolsProto ready100 units in stock S/W update for BID 2.0 REA Sales/FAE training Sales trainingFAE training Sales Training ESC Chicago REA Promotion Alliance Partners Recruitme nt Article on Embedded Computing Design DevCon 2010 (10/12) Avnet Promotion Programming / Key generation ready -Sales training -Press release -Tech Review Article -Flyers Programming update to BID 2.0 Avnet course and booth at DevCon Joint Promotion - White paper MDM event in NY Avnet webinar on Security Avnet Branch visits Medical device Caravan Road MapBID 2.0 Evaluation BID 2.0 Sampling BID 2.0 MP ship Use case presentation Development tools lab Partner presentation Demo at Chandler, AZ Avnet can support key and certificates pair generation Board ID Status Board ID 2.0 Update at Avnet Prog. center Integration of Board ID 2.0 samples in Rx promotion board to leverage Rx campaign.

29 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 29 Board ID Target customers SegmentUse Cases ExampleTarget Customers Networking / Server Anti-Cloning, Secure Tracking, Key storage Ex.) Need to ensure only approved components are accepted Brocade, Nortel, Ericsson, IBM, HP, Intel Bigfoot Net.: Production started 5~10K units/Mo Metering / Smart Grid Network access (Identification + Authentication) Ex.) Microsoft.net Micro solution approach for Smart Grid Elster, Landis &Gyr, Echelon, Austin International, Sensus, GE IUSA: proposal sent, TAM 300Kunits/y Microsoft, Google Consumer Electronics Anti-Cloning, Access Control Ex.) Need to ensure that only approved (licensed) companies’ products can work on system Motorola (via Telicos): cancelled Whirlpool, GE Direct TV, Kingston Enterprise – Financial services - Industrial Network access (Identification + Authentication) Need to perform a very secure authentication Pitney Bowes, Otis, HID, Medical devices Anti-Cloning + Usage Control Need to protect business model and enforce medical safety policy (repeat sale of peripheral units). Zeltiq: Production starts from 2010 GE Medical, Welch Allyn, Philips, Boston Scientific

30 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 30 OEM customer / prospect status for Security IC AccountsRegionsLevel of interestcomments CiscoWestMPM2M authentication AppleWestMPM2M authentication JuniperWestMPM2M authentication Arista NetworksWestMP (low volume)M2M authentication RSANorth EastMPSecure token for Enterprise IBM US US /Europe MP Recent RFP – ‘token’ oppty unclear Secure MCU (sec. module) To follow up RIMCanadaHighBattery auth. Very low price KingstonWestHighFeasibility / Devt phase Microsoft (Smart Energy)North WestMedium / HighRef design under discussion EMCNorth EastInquiry onlyMore visits needed MotorolaChicagoInquiry (at ESC)To follow up WhirlpoolMichiganInquiry only – Contact-lessTo follow up HP, Dell, LenovoUSVery low (for Secure IC)To follow up Palo Alto NetworksWestInquiry onlyLOST (Weak auth. sol.) ActivIdentityWest / EuropeInquiry for opportunity with US govtIn discussion Force 10, BrocadeWestNo activityTo follow up IntelWestNo activityTo follow up Scientific Atlanta, Web TVUSNo activityTo follow up Meter comp. / Smart Grid: GE, IUSA US / MexicoInquiry onlyTo follow up

31 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 31 Promotion campaigns with Avnet (summer 2010) 1- Campaign targeting medical device manufacturers, customers of Avnet. - Led by Nick Lukianov (Avnet manager in charge of the medical segment) and his team of account managers - Promotion material (flyer, ppt) produced by REA and Avnetized by Nick - Campaign to start in July/August 2010 (details to be defined by Avnet) - MDM event in NY (June 8-10) 2- Regional caravan with 6-8 Avnet regions targeting top customers (not limited to the medical segments). - New webinar and training to be done by Avnet to Avnet FAEs (end June 2010) - Campaign to be rolled out in August/September (coordination by Steve Ryan)  REA Mktg to update Sales / FAEs as soon as Avnet plans are finalized

32 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 32 What is available now Board ID kit with complete software (stock in Avnet) Board ID 1.0 product (under MP) Full documentation (from REA and from Avnet): Without NDA: flyers, data sheet, brochures, info online (REA site – section Board ID) Sales documentation (new Board ID page on sales Reps site) With NDA: User manuals (Board ID chip, Board ID Kit), demo kit and related documentation and software Avnet programming services Key/cert generation Production of samples (first articles) Support services on kit, Board ID chip and MP ramp up Training material (ppt): Sales, FAE (on P drive) New training course ‘Board ID overview’ on Renesas Interactive Support from REA mktg and Avnet technical team

33 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 33 Board ID product, tools and programming services are now ready for deployment. are now ready for deployment. We look forward to supporting an aggressive promotion effort by REA Sales and FAEs and Avnet teams!

34 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 34 Q and A

35 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 35 Response What are the services provided by Avnet to Board ID customers? 1- Logistics support as a Franchised distributor of the product and the Board ID demo kit 2- PKI programming services including key/cert generation 3- Technical assistance to: a- define the programming scheme, b- help authentication code porting (MCU code)

36 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 36 Response How to obtain more information, Board ID samples and demo kit? Please contact: 1- Avnet as a Franchised distributor of the product and the Board ID demo kit will provide support on the Board ID solution. 2- REA website: america.renesas.com/boardid and Avnet site: logistics.avnet.com 3- REA and Avnet Sales and FAE teams

37 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 37 Response What are the benefits of Board ID solution compared with Software security? Software: CPU intensive, key NOT protected, (can be OK to compute PKI on the host side) Board ID: Complete authentication, External to MCU with key totally protected, Strong PKI crypto

38 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 38 Response What are the differences of a Crypto memory Solution compared with a Board ID solution for a customer? Crypto memory: inexpensive, NOT protected, weak (out dated) key length Board ID: Complete authentication with standard based strong PKI crypto Physical protection Smart card / Secure IC technology

39 © 2010 Renesas Electronics America Inc. All rights reserved. INTERNAL USE ONLY 39 Question Are there issues with Export Control? The Board ID product is designed to meet applicable EC rules and regulations. The product can be exported to foreign countries in accordance with applicable US laws. The customer must ensure compliance to these laws.

40 Renesas Electronics America Inc. © 2010 Renesas Electronics America Inc. All rights reserved.

Download ppt "Renesas Electronics America Inc. © 2010 Renesas Electronics America Inc. All rights reserved. Board ID – REA Sales Training Document for Internal Use only."

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.

Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.
Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.

Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.
Mobile Payment Security The Good, the Bad and the Ugly

Mobile Payment Security The Good, the Bad and the Ugly
Www.selaprojects.net. What we do Larotecs Web2M is an off-the shelf, end-to-end, web-based solution designed to manage multiple widely distributed devices.

What we do Larotecs Web2M is an off-the shelf, end-to-end, web-based solution designed to manage multiple widely distributed devices.
CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
LeadManager™- Internet Marketing Lead Management Solution May, 2009.

LeadManager™- Internet Marketing Lead Management Solution May, 2009.
Zenith Visa Web Acquiring A quick over view. Web Acquiring Allows merchants to receive payments for goods and services through the Internet Allows customers.

Zenith Visa Web Acquiring A quick over view. Web Acquiring Allows merchants to receive payments for goods and services through the Internet Allows customers.
Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server 2008. Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),

Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),
SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.

SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.

Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
CONDO MANAGER The Leader in Association Accounting and Management Software Mailing Address: P.O. Box 26844 Charlotte, North Carolina 28221 Web Site www.condomanager.com.

CONDO MANAGER The Leader in Association Accounting and Management Software Mailing Address: P.O. Box Charlotte, North Carolina Web Site
Implementation of LSI for Privacy Enhancing Computation Kazue Sako, Sumio Morioka 2011.2.10

Implementation of LSI for Privacy Enhancing Computation Kazue Sako, Sumio Morioka
Principles and Learning Objectives

Principles and Learning Objectives
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.

Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.
Dr. Sarbari Gupta Electrosoft Services Tel: (703)757-9096 Security Characteristics of Cryptographic.

Dr. Sarbari Gupta Electrosoft Services Tel: (703) Security Characteristics of Cryptographic.
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,
Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.

Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.

Similar presentations

Ads by Google