26 minute read

Bala Prasad Peddigari

Next Article
Nikhil Das

Nikhil Das

Cybersecurity Practices’ Awareness Necessity for All Digital Citizen

With the usage of advance mobile applications or getting anything in lesser time, sometimes unknowingly we fall ourselves in a trap of cyber-attack. With the increasing use of tech like Artificial Intelligence (AI), Machine Learning (ML), Internet of Things (IoT), Cloud Computing, and data analytics across various industries, Cybersecurity has become a necessity and a challenge. While talking with Nitisha from BISinfotech, Bala Prasad Peddigari, Senior Member, IEEE shared his thoughts about cyber-security and also emphasized the importance of upcoming opportunities in the same field.

Advertisement

Q. Why has cybersecurity become a major concern nowadays and how this issue can be resolved?

With the onset of the pandemic, majority of the businesses have made the shift to online. With that shift, the use of virtual tools like cloud has evidently escalated. However, while remote working and trends like BYOD and IoT shape the current technology landscape, there arises a huge risk of vulnerability to cyber threats, putting sensitive data in danger. The increased interconnectivity at all levels, without sufficient and up- to-date security tools, provides an excellent opportunity for cyber criminals to easily break into your network/system. Thus, making it crucial to invest in cybersecurity for businesses and as well as for individuals.

In the current scenario, the issues can be prevented by ensuring rigorous enforcement of the security policy in an organization and its partners by ensuring adequate training and awareness on data protection, implementation of appropriate security software and keeping them updated, data encryption and backing up data regularly. Cybercrimes and data breaches can be avoided by continuous risk assessment, audits and data security testing is a parallel activity that will help organizations proactively identify and plug gaps and secure data. In case of a data breach, mitigation actions need to begin to contain any further breaches - by taking systems off-line and limiting access, fixing the vulnerability, analyzing the damage for initiating reparative actions, reaching out to the affected parties with clear messages, contacting online sites to scrub off leaked data, initiating an audit and conducting data security tests.

Q. Please share the challenges, opportunities in securing the cloud.

The most important challenge today, is the lack

Bala Prasad Peddigari

Senior Member, IEEE

of adequate awareness about securing the cloud arising from the weakest link in the chain - the end-users. While various new technologies are being used to ensure security, at the same time, the same tech is also used by cybercriminals, which in a way creates a constant lag between detection of a new type of cybercrime and the counter for the same. It is equally important to raise the awareness of each digital citizen on cybersecure practices.

A drastic expansion of the attack surface is another key challenge for cybersecurity professionals. Government, industry, and society have embraced digital as the key enabler across all facets and domains of activity. As these “digital estate” or critical digital resources are not confined to a physical location, new policies, protocols, and technologies are required to ensure cybersecurity. Hence, traditional perimeter and end-point security mechanisms are not sufficient in the “new normal”. The onus on cybersecurity professionals is to protect assets that are connected to a multitude of devices – human-operated or sensors.

With the Internet of Things (IoT) morphing into the Internet of Everything, more than 25 billion devices are estimated to be connected in 2020 (reference – statista.com). Sensors and devices, apps, the internet, and cloud computing are the main building blocks of this digital age. Each block presents a point of weakness. While the cloud and internet are core infrastructure prone to DDoS attacks, there is a greater focus on cybersecurity by service providers due to mission criticality. The new challenges throw up many opportunities in cybersecurity. It is a mainstream requirement of any organization, and hence the need for cybersecurity professionals is expected to grow. I expect a rise in the requirements for security process automation tools for certain cybersecurity practices, thus partially easing the skills-gap.

Q. Share your views about digital transformation and increased cybersecurity concerns.

Digital technologies convergence has transformed customer experience and opened many vulnerabilities for industries to look at and face. Industries which were early to ride the digital wave are Banking, Financial Services, Insurance and Healthcare sectors - they primarily wanted to increase the reach of their services to customer segment, improve their processing capabilities and offer secured services to enable trust and confidence of the customer. Today, we see organizations of every shape and size significantly invest in cybersecurity, keeping time as a major essence.

As the organizations are working in a remote manner owing to the current pandemic, some of the key factors influencing the cyber risk landscape are: • Elimination of Perimeter: Riding on the cloud wave, organization are bridging the gap between cloud and on-premise world • Artificial Intelligence: This is leveraged by network defenders and attackers to identify the loopholes to protect and identify loopholes to penetrate • Multitude of Technologies: Convergence of digital forces and accelerators such as Robotics, 3D microchips, Artificial Intelligence, Analytics, Mobile has opened cybersecurity challenges more than ever now • Modern Workplace: Enabling the remote workforce and employing the gig workers are pushing organizations to manage the IT security model with continuous monitoring • Lack of Security Awareness: Employees are the weakest link in the entire organization. Hence, their awareness can open the tollgates for attackers • Reactive Methods: Organization employing any reactive defense posture to analyze the threats after it happens will create opportunities for cyber criminals to take advantage of known vulnerabilities

Q. What is the status of cloud adoption in Indian industries?

The novel pandemic has undoubtedly accelerated the adoption of cloud services across sectors. As per IDC, India's public cloud services market will grow to $7.4 billion by 2024. BFSI and Healthcare industries have adopted cloud in multiple methods while ensuring that the privacy of customer and patient data is maintained following hybrid cloud models, multicloud models, poly-cloud models. They have transformed the overall culture in driving proactive education on cybersecurity and institutionalizing the security standards by setting up Security Operations Center (SOC) for continuous monitoring and management. These two sectors had a faster adoption roadmap to meet the needs of millennials and generation Z workers, where many of the business capabilities were converged to provide the services.

As the technology transformation had increased the service adoption, it also triggered security concerns. According to a recent report, 93% of Indian entities fall prey to public cloud security breaches. Some of the key challenges are as follows:

• Manage the privacy and security concerns triggered while

delivering services through cloud - There is a heavy reliance in securing customer personal identification data and there is also a greater emphasis required to protect the password, OTP, and other multi-factor authentication methods such as Face ID and Fingerprints • Threats resulted because of operational challenges – Today, BFSI and healthcare sectors use a hybrid cloud model to drive their operations but to access the information, they use the channels of OTP, fingerprints, and Face ID. These are increasingly facing threats in the form of phishing and hacking methods

• Integrations with Upstream and Downstream Systems are

exposing to threats - Banks, Insurance, and healthcare operate their functions with many upstream and downstream systems which need integration in the form of data-based, messagebased, and API-based. All these channels are extremely vulnerable because they get continuous attacks in the form of Denial-of-Service attacks, SQL-injection attacks, man-inthe-middle attacks

According to a recent IDC, more than 60% of the Indian organizations plan to leverage cloud platforms for digital innovation, as the firms re-strategize their IT spending plans because of Covid-19. Indian enterprises of all sizes fast-tracked

their decisions to shun the legacy infrastructure and move their operations -- in piecemeal or in full -- to artificial intelligence (AI) and machine learning (ML)-powered Cloud.

Q. What are the top IT trends for cloud and security in 2021?

2021 is going to set a new benchmark in the Indian IT sector. To counter some of the evolving cyber-risks associated with deep fakes, synthetic IDs, ransomware, quantum arms race, 5G hardware and firmware behaviors. Cloud Jacking is countered by investing in the following cybersecurity trends: data security, infrastructure security, container/microservices security, access management & vulnerability assessment and compliance certifications. Some of the key emerging trends include:

• Secured access and end-to-end encryption getting employed to avoid data leaks • Creating depth of defense cloud security strategy ensuring attacks will be reduced • PrivSecDevOps getting adopted as part of application development, integration, and delivery pipeline • Adoption of cloud security shared responsibility between customers and cloud platform vendors with continuous awareness and responsibilities to secure IT Infrastructure and application codebase • Adoption of AI-driven security assessments by continuously monitoring the endpoints and workloads, and enabling informed decision making to mitigate the security threats

Q. How was the response of cloud adoption during COVID 19 pandemic?

According to a forecast by Gartner, spending on public cloud services in India is expected to grow 29.4% to $4.1 billion in 2021 from $3.1 billion in 2020. Prior to the pandemic, India was at an early stage of cloud adoption when compared to more developed countries. The pandemic and nation-wide lockdown accelerated the adoption rate as enterprises had to move critical business applications to cloud so employees could work remotely.

Two industries that have enabled large-scale cloud adoption are BFSI and Healthcare industries that have adopted cloud in multiple methods, while ensuring the security and privacy of customer and patient data on the following models - hybrid cloud, multi-cloud, and poly-cloud.

Infineon’s Annual General Meeting Goes Virtual New VP and CHRO Announced at Allegro

Infineon Technologies has reported about the 21st Annual General Meeting that took place this year in a virtual format due to the coronavirus pandemic, without the physical presence of shareholders. In addition to enabling shareholders to submit questions before the AGM, Infineon was the first company listed in the DAX index to enable its shareholders to publish video messages. Key points of the addresses by members of the Management Board had been posted online almost two weeks before the Annual General Meeting. The new compensation system creates clear, transparent and sustainable guidelines for Management Board compensation at Infineon. The long-term variable, the share-based compensation component has been strengthened. The newly formulated targets for the Management Board reflect Infineon's strategy in its range of components. The Annual General Meeting also followed the administration's proposal to adjust the compensation system for Supervisory Board members with a large majority. As the next major step, Infineon is switching the electricity consumption of its sites in Europe completely to certified green power this year. Allegro MicroSystems has declared that Joanne Valente has been promoted to Vice President and Chief Human Resources Officer. Joanne is the successor to Sean Burke, Allegro’s former Senior Vice President and Chief Human Resources Officer, who formally retired in December 2020 after serving in a special advisory role during the transition. “I would like to thank Sean for his significant contributions to our HR function and strategic business matters. He provided leadership, support and invaluable coaching to many of our employees,” said Ravi Vig, President and Chief Executive Officer. “His positive impact will be felt at Allegro for many years to come, and we wish him well in his retirement.”

“Joanne strengthens our executive leadership team, bringing a strong track record that will help us empower our global workforce and deliver on our core values,” said Vig. “Allegro’s best innovations are born from our diverse, global team, and Joanne’s expertise will help ensure we find, develop, and retain the top talent we need to drive our success.” Joanne joined Allegro in 2018.

STMicroelectronics Becomes a Part of ZETA Alliance

STMicroelectronics has become a part of the ZETA Alliance, the industry body promoting ZETA LowPower Wide Area Network (LPWAN) technology for low-cost long-range IoT connectivity.

Joining the Alliance as a Promoter member, ST expects ZETA technology to further accelerate the spread of IoT in all territories worldwide. The standard lets developers create high-value IoT-based solutions to challenges that face extreme cost constraints.

“ZETA has a strong value proposition and is taking its place among established LPWAN technologies, boosting choice and flexibility for solution developers and enabling the IoT to deliver even greater benefits to more end-users,” said Hakim Jaafar, STM32 Wireless Marketing Director, STMicroelectronics. “ST is actively engaged with the industry bodies for all leading LPWAN standards for IoT connectivity and offers a portfolio of solutions that help developers bring their innovations to market quickly and cost-effectively.” Welcoming ST to the ZETA Alliance, Zhuoqun Li, CEO of Zifisense, a major contributor to the ZETA technology and a founding member of the ZETA Alliance, said, “We believe ST will greatly strengthen the ZETA developer ecosystem chain and promote further evolution and deployment of ZETA technology. We look forward to working with ST to create a broader LPWAN 2.0 global IoT ecosystem.”

ZETA technology is quickly becoming established throughout China, Japan, and beyond, bringing together innovative wireless technologies that enable low-power, low-cost devices to rely on robust connections over extended distances. Also, native support for mesh networking, which allows peer-to-peer communication among the network nodes, boosts network coverage and resilience.

ST is working with ZiFiSense to port the technology to the highly integrated STM32WL wireless System-on-Chip (SoC) devices, which combine ultra-low-power microcontroller functionality with a wireless stage certified to international radio-equipment regulations on the same chip.

Detecting Hardware Trojans using Machine Learning

State-of-the-art measurement technology and extremely fast clustering algorithm

Introduction

In our modern society, literally billions of electronic devices are used every day. In the future, this number will rise dramatically with the expansion of the Internet of Things (IoT). Accompanying this increase is the growing cybersecurity threat of hardware Trojans embedded in semiconductor chips for malicious purposes. With the increase in the outsourcing of circuit design, manufacturing, and the use of IP from outside suppliers, the risks from hardware Trojans are on the rise. Deploying devices with these vulnerabilities could put our society at huge risk, especially if they impact critical systems like e-commerce encryption, autonomous driving vehicles, or aviation controllers. Since it is essential that these systems are free of any malicious circuitry, the ability to detect hardware Trojans in electronic systems is extremely important.

A research team headed by Nozomi Togawa, a professor at Waseda University's Faculty of Science and Engineering, who have been researching hardware Trojan detection, used Keysight’s CX3300A Device Current Waveform Analyzer to dramatically improve their Trojan detection capabilities. The CX3300 has state-of-the-art dynamic current measurement technology capable of capturing hard-to-measure signatures at high bandwidth. It also supports an advanced machine learning algorithm capable of identifying small anomalies in very large databases (>1 Terabyte). In this article, we will describe how these technologies improved Trojan detection.

Trojan detection challenges

Hardware Trojans can cause serious damage via operations such as signal stoppage and destruction. These operations can be achieved by inserting only a dozen gates into the circuit in the IC design phase (making them hard to discover). The best way to detect Trojans is from circuit schematics or main channel communication signals. Unfortunately, increased outsourcing of circuit design and manufacturing, as well as the use of IP from other companies, make it difficult to understand and verify every detail of chip design and I/O patterns. This makes post silicon detection of Trojans by examining the main channel signal difficult and unreliable. On the other hand, the side channel signal from the supply current contains rich information about the semiconductor chip’s internal operations. If any malicious activities are present, then they will appear as supply current deviations. However, detecting Trojans by monitoring the supply current presents several challenges:

A. High-bandwidth, high-resolution current measurement

Semiconductor chips operate under high frequency clocks with multiple activities running concurrently, so their supply current deviations are fleeting and very small. This means that high-bandwidth and high-resolution current measurement technology is needed to identify Trojan activity.

B. Machine learning for big waveform data analytics

Since hardware Trojan activity rarely occurs, the ability to continuously measure at high speed and with high resolution uninterrupted for long time periods is required. However, this

long-term, high-resolution data collection can create extremely large databases. For example, recording a 10MSa/s data stream for 24 hours creates a waveform database greater in size than 1 Terabyte. This mandates the use of some sort of machine learning algorithm that can rapidly sort through huge databases. Until recently, existing technologies fell short of meeting these requirements. The following sections describe how Keysight Technologies solved these challenges.

High-bandwidth, high-resolution current sensing

The following figures show an example of detecting Trojan activity through analysis of the side-channel supply current signal. In this example, a low-power MCU has been programmed to encrypt payload data using AES-128 during its active period, with no activity occurring during sleep mode. However, in this case, there is a Trojan that disables the encryption occasionally. A supply current pulse train infected by the Trojan is shown in Figure1 (a). It is difficult to distinguish the pulses that are normal and infected visually. The magnified views show the signal differences when the Trojan is active (b) and inactive (c). Still, it is hard to distinguish between the two signals. If we expand the initial portion of the pulses, then we can see that there are micro-ampere-level differences with frequency components of several MHz.

Figure 1 (a). Side channel signal is shown when MCU operates AES-128 encryption during its active period. The encryption is disabled once in thousand times to simulate Trojan.

(b) When Trojan is active (AES is deactivated). (c) Normal state (AES is not deactivated). Detection is only possible using high-resolution and highbandwidth current sensing technology (beyond the performance capabilities of conventional current probes). Many current sensing technologies exist. For example, popular clamp-on current probes have a minimum measurable current of only at around 1-3mA [2]. This is insufficient for Trojan detection. In contrast, Keysight’s CX1101A current sensor can measure currents as small as 3μA with up to 100 MHz of bandwidth using an internal shunt resistor of 0.41ohm [3]. This low-level and high-bandwidth measurement capability is enabled by an innovative current sensing scheme that combines resistive current sensing at DC and low-frequency with magnetic current sensing at higher frequencies. Due to its small insertion resistance, large current spikes cannot cause a large power rail voltage drop sufficient to trigger MCU device brown-out. For these reasons, Keysight’s CX1101A current sensor can precisely capture dynamic current flow of the side channel signals.

Machine Learning for Big Measurement Data Analytics

Machine learning algorithms are classified into two categories: supervised and unsupervised. Supervised learning is used to detect known patterns, while unsupervised learning is best when the goal is to detect unknown anomalies. Since the signature created by Trojans is unknown, unsupervised learning is more useful when attempting to detect them. Among unsupervised learning algorithms, clustering has become an essential tool for analyzing big data in many applications. While many implementations of unsupervised machine learning algorithms utilizing clustering have been developed, most have been unable to handle large amounts of waveform data. The issue is that waveforms are numerical arrays containing thousands of data points. A waveform database containing millions of waveform segments each consisting of thousands of data points presents a difficult challenge in terms of data analysis and classification. Sorting and classifying such a massive database using conventional algorithms requires extensive computing resources and long processing times. However, Keysight has developed a new algorithm that can process huge amounts of waveform data using a low-cost PC platform in the same amount of time as large computing server solutions. The computation time of Keysight’s algorithm is linear versus data volume and dimension, even if the size of the measurement database exceeds far beyond the CPU main memory (Figure 2 (a)). Due to numerous innovations, the performance of Keysight’s algorithm running on an offthe-shelf PC is equivalent to that of comparable algorithms running on large computing servers containing 300-400 CPU cores. This represents a x100-x1000 speed improvement over conventional algorithms.

During data acquisition, the software uses the oscilloscope trigger function to define waveforms, which are simultaneously pre-sorted into approximate clusters (or tags) by a Real-Time Tagging process (Figure 2 (b)). The pre-sorted results are stored into the Tag database, which is a concise summary of all the waveforms. The size of the tag database is about 1/100 to 1/500 of the lossless database, which contains a complete archive of all the waveforms. These capabilities enable a user to begin analysis immediately after data acquisition completes. Because the tag database utilizes waveform meta-data, major data analysis operations can complete in 10 seconds or less. Changes to the number of clusters and sub-clustering (breaking a selected cluster down into further clusters), also complete very quickly. If the tag database does not have enough resolution to allow sub-clustering, then detail clustering using the lossless database can be performed. In addition to these features, a cluster focused playback capability allows near real-time viewing of captured waveforms, as well as the ability to locate specific waveform shapes rapidly. This technology allows quick and easy identification of even a one-in-a-million waveform.

Figure 2. Ultra-fast Clustering Algorithm.

Successful Trojan detection

Figure 3 shows an example of Trojan detection through analysis of the side channel supply current waveforms. Immediately after data acquisition completed, the software divided the captured waveforms into four clusters. The two main clusters (coded yellow and green) comprise the majority of the waveforms, but the software can differentiate the infected waveforms (coded in red) even though they only differ slightly from the main clusters. This type of analysis is not possible using an oscilloscope and current probe, because they lack the necessary resolution and bandwidth. In addition, conventional machine learning algorithms cannot handle waveforms of this number and complexity. Only the combination of the CX3300’s high-bandwidth high-resolution dynamic current measurement capabilities and Keysight’s ultra-fast clustering algorithm can provide such an efficient means to identify Trojans.

This technology has many uses beyond just hardware Trojan detection, as it is a very general-purpose tool for detecting anomalies in any big measurement data environment. Keysight plans on continuing to develop leading-edge machine learning algorithms and the state-of-the-art measurement technologies in the future.

Figure 3. Clustering result of Trojan detection.

References

[1] M. Goto, N. Kobayashi, G. Ren, M. Ogihara, “Scaling Up Heterogeneous Waveform Clustering for Long-Duration Monitoring Signal Acquisition, Analysis, and Interaction: Bridging Big Data Analytics with Measurement Instrument Usage Pattern”, IEEE International Conference of Big Data, Los Angeles, CA. USA. 2019, pp. 1794-1803. [2] Keysight Technologies, “Evaluating current probe technologies for low-power measurements.” http://literature. cdn.keysight.com/litweb/pdf/ 5991-4375EN.pdf. [3] Keysight Technologies, “CX3300 Series Device Current Waveform Analyzer Datasheet.” https://literature.cdn.keysight. com/litweb/pdf/ 5992-1430EN.pdf?id=2727780. [4] K. Hasegawa, K. Chikamatsu, and N. Togawa, “Empirical Evaluation on Anomaly Behavior Detection for Low-Cost Micro-Controllers Utilizing Accurate Power Analysis”, IEEE International Symposium on On-Line Testing and Robust System Design (IOLTS), 2019, pp. 54-57.

About the Authors

Kiyoshi Chikamatsu

Kiyoshi Chikamatsu is an R&D project manager at Keysight Technologies. Before joining Keysight, he was involved in military surveillance radar project for Japan Self-Defense Forces at NEC corporation, where he engaged in the development of 4GHz silicon power amplifiers. At Keysight, he pursued the cutting-edge device development to be used for high-sensitive precision test and measurement instruments, such as low-current relay which can switch on and off current down to a femto-ampere, equivalent to the current when ~6000 electrons move per second. Also, he invented the new type of current sensing technique combining resistive and magnetic method, described in the article, to measure the unmeasurable. These unique devices and techniques differentiated the Keysight Parametric Test System, Device Semiconductor Analyzer, and Device Current Waveform Analyzer. His interest is always somewhere around enabling technologies to break through the limitation in test and measurement to meet the unmet customer needs.

Masaharu Goto

Masaharu Goto is a Principal Research Engineer in Keysight Technologies. He co-developed the ROOT/CINT scientific data analysis framework (https://root.cern.ch) for CERN's LHC (Large Hadron Collider) experiment which was the world's first big data project. He provided C++ interpreter (https://root.cern.ch/cint) for seamlessly connecting interactive big data exploration and highperformance computing. At Keysight, he spearheaded the research and development of various test and measurement systems for big measurement data environments. These systems enable the massive parametric measurements for the most advanced semiconductor research and highvolume production. His current research project combines big data analytics with real-time data processing for various test and measurement applications.

Alan Wadsworth

Alan Wadsworth is the Business Development Manager for Precision and Power Products for the Americas region at Keysight Technologies. He has over 30 years of industry experience in both IC design and parametric test, and he is the author of Keysight’s 277-page Parametric Measurement Handbook.

STM32WL5x, The 1st Wireless MCU with Embedded Multi-Modulation LoRa Radio, Now With Dual Core

ST recently launched the STM32WL5x, a dual-core version of the STM32WL, the first wireless MCU with an embedded multi-modulation radio (LoRa, (G)FSK, (G)MSK, BPSK). The new models offer a Cortex-M0+ and a Cortex-M4 core for greater flexibility and security. We also released an update to the STM32CubeWL MCU package that includes a Sigfox stack. Hence, engineers will be able to take advantage of the modulation schemes available and reduce their time to market. The increased polyvalence of the STM32WL series also opens the door to new applications for smart cities or smart agriculture, among others. Therefore, let’s look at the journey that would lead engineers and decision-makers to choose an STM32WL5x.

Prototyping Starts Here

The first challenge for most teams is the ability to come up with a proof-of-concept rapidly. Being able to demonstrate how to use these two cores will be crucial when convincing managers. Hence, ST is launching its NUCLEO-WL55JC1, the first development board with an STM32WL55JC. On the software side, the latest version of STM32CubeWL includes application examples for this new Nucleo board to hasten developments. For instance, we provide a reference template to help build software that takes advantage of the two cores. Additionally, STM32CubeMX received an update enabling the configuration of the LoRaWAN and Sigfox stacks straight from the utility. We also offer demonstration programs that can send sensor data to a gateway or “Concentrator.” Since seeing is believing, a demo application running on this Nucleo board is the fastest

The STM32WL55JC

way to show why the dual-core version of the STM32WL brings greater flexibility and security to projects.

STM32WL5x: A Fully Open Dual-Core Architecture for Greater Flexibility

2 Cores to Avoid Re-Certification With Every Update

The first STM32WL that we launched in January 2020 has a single Cortex-M4 that runs everything. Engineers that don’t need to update their application frequently tend to prefer such architecture for its simplicity. However, some teams with more demanding constraints could have felt trapped. Let’s take the example of a product that needs frequent upgrades. If the network and applications stacks are on the same core, modifying the code means re-certifying the communication protocol. Thanks to the dual-core architecture of the STM32WL5x, developers sidestep this problem. Indeed, engineers can put the network stack on the Cortex-M0+ and run the application on the Cortex-M4. Hence, updating the latter doesn’t automatically trigger the need to re-certify the network stack.

2 Cores to Avoid Multiple Qualifications

Another challenge comes from the need to qualify components. A small startup working on an IoT project tends to prioritize the most straightforward approach. In this regard, the STM32WLE and its single-core architecture is a great answer. For instance, we recently saw an automated rubber collection system that used the MCU to send alerts to the cloud. This smart agriculture system used the STM32WLE and relied on LoRa to help farmers optimize their operations. The system is a popular and high-volume product because of the integrated nature of the microcontroller and its single-core architecture that made it easy to develop a proof-of-concept.

However, when a large corporation works on a myriad of projects and supports multiple protocols, using one device for all of them is a tremendous asset. Indeed, the need to qualify only one component means a greater return on investment and a faster time to market. With the STM32WL5x, teams can create an application for the Cortex-M4 and use a different sub-gigahertz protocol on the Cortex-M0+ to suit their needs. Furthermore, it enables them to test various protocols more easily.

STM32WL5x: A Cortex-M0+ for More Security

2 Reasons Behind our Dual-Core Architecture

ST decided to use the Cortex-M0+ for a myriad of reasons, but two particularly stand out. First of all, the dual-core approach offered similar performance and a more costeffective structure for sub-gigahertz applications than the use of one larger core. Second of all, we understood the necessity of integrating a hardware platform geared toward security. The new STM32WL5x thus offers hardware isolation between each core as well as a key management service. The system stores and manages user application keys in a secure area for greater security. It also enables features like authenticity verification, strong data decryption, and data integrity monitoring. The dual-core STM32WL5x also comes with many of our STM32Trust features, such as secure firmware install and update. Additionally, it has two very useful unique IDs (64-bit and 96-bit) and it offers multiple protection levels against read and write operations.

2 Different Approaches to the Cortex-M0+

The response from ST’s customers has been both positive and creative, with some using the STM32WL in an unexpected fashion. Indeed, most systems use the Cortex-M0+ for their sub-gigahertz protocol and the Cortex-M4 for their application. However, thanks to the flexibility of our implementation, some ST partners did the exact opposite. Some companies chose to enjoy the security benefits of the Cortex-M0+ for their sensitive application layers. Their teams then put the radio stack on the Cortex-M4, thus releasing a more secure and cost-effective solution for their application. Engineers are always trying to adapt to new security demands while making their products more accessible. The new dual-core architecture of the STM32WL offers them a new tool to reach their objective.

The STM32WL5x

For further info, check the link: https://blog.st.com/stm32wl5x/

(The article is an original piece written by ST.)

This article is from: