Strengthening the security of emerging IoT applications
ST is integrating its ultra-low-power STM32U5 microcontrollers (MCUs) with Microsoft Azure RTOS & IoT Middleware and a certified secure implementation of Arm Trusted Firmware -M (TF-M) secure services for embedded systems. The intensive engineering project has produced a TF-M based, Azure IoT cloud reference implementation that leverages the hardened security features of the STM32U5 complemented with the hardened key store of an STSAFE-A110 secure element.
Daniel Colonna, Marketing Director, Microcontroller Division, ST, said: “Developers of IoT devices face intense pressure to meet time-to-market constraints at the same time as satisfying the highest-level security-industry standards. Our solution accelerates embedded development by increasing security as well as power efficiency and performance.”
Moe Tanabian, Vice President and General Manager, Azure Edge Devices, Platform and Services said: “Our collaboration with ST is effective and timely, enabling developer communities to meet widespread market demands for smart, connected solutions that are trusted, robust, and efficient.”
Microsoft Azure RTOS provides a comprehensive middleware package optimised for resource-constrained, connected applications such as IoT edge devices and endpoints. It combines the compact footprint of the ThreadX real-time operating system with services for memory management and connectivity including NetX Duo IPv4/IPv6 and TLS secure socket support.
The Arm TF-M suite provides trusted services including secure boot, secure storage, cryptography, and attestation. Architected for Arm Cortex-M processors, TF-M suite integrates readily with ST’s STM32U5 MCUs, which are based on the advanced Cortex-M33 embedded core.
Additional security features of the STM32U5 include physical-attack resistance, Arm’s proven TrustZone architecture that provides extra isolation for security-critical resources. STM32U5 MCUs achieved PSA Certified Level-3 and SESIP 3 certifications in 2021 and achieved an EEMBC SecureMark-TLS score of 133,000 for cryptographic processing efficiency.
The STSAFE-A110 EAL5+ certified secure element brings an authentication scheme and personalization service that allow an automated and secured attachment of connected objects to Microsoft Azure. It safely relieves the historical burden on IoT-device makers to protect secret credentials during product manufacture.
The MCUs’ ultra-low-power credentials, confirmed by outstanding ULPMark benchmarks for deep-sleep, peripheral, and active energy demands, enable extended runtime in battery-powered equipment.