# Security / Trusted Execution Environment and Functional Safety with Zynq Ultrascale+ MPSoC / RFSoC

□Sebastian Stiemke, Director Operations, Missing Link Electronics Andreas Schuler, Director Applications, Missing Link Electronics





2/7/19

# **Agenda**

- Definition Safety and Security
- Security Intro
  - Why?
  - General intro
  - Arm TrustZone
  - OP-TEE
- Safety Intro
  - State of the art
  - Xilinx Safety Lounge

mle missing link electronics

# **Security and Safety (Sicherheit)**

Security:
Protection of the
system against
unauthorised access



Safety: Protection of the environment from system effects

2/7/1



# **Functional Safety is State of the Art**

Xilinx supports Functional Safety with a lot of activities and tools





**E** XILINX









Reference Design & Ecosystem Partners

Source: **XILINX** 



# **Devices are Developed under Functional Safety Aspect**

Safety architecture of Zynq UltraScale+



Source: **E** XILINX

mle missing link electronics

# Vivado Toolchain Certified for Safety Use



Source: **E** XILINX



# **Functional Safety Lounge**

For more information visit the Functional Safety Website: https://www.xilinx.com/safety

For Toolchain Certificates, Functional Safety Assessment Reports and much more you can register to the:

#### **Functional Safety Lounge**











# Responsibilities



Digital Signatures, User Passwords, Tokens, Biometrics Role-based Accounts, etc.

Customer Responsibility

Hypervisors, Microkernels, TrustZone, Isolation Design, Flow Protections, Security Monitor, etc.

Shared Responsibility

**Xilinx** Responsibility

Asymmetric/Symmetric Authentication, AES Crypto, DPA Protections, etc.

Security Critical Redundancy, JTAG Protections, Environmental Monitors, Tamper Detection/Penalties, etc.

World Class Best Practices, Authorized Suppliers, Blind Buys, Anti-counterfeit, etc.



2/7/19



**Security Feature Overview** 

| Active Security Features                       | Virtex-5<br>(65nm) | Spartan-6<br>(45nm) | Virtex-6<br>(40nm) | 7-Series<br>(28nm) | Zynq-7000<br>(28nm) | (20/16nm) | Zyng US+<br>(16nm) |
|------------------------------------------------|--------------------|---------------------|--------------------|--------------------|---------------------|-----------|--------------------|
| Internal Configuration Memory R/W Access       | 1                  | 1                   | 1                  | 1                  | 1                   | 1         | 1                  |
| Programmable Logic SEU (Health) Checking       | 1                  | 1                   | 1                  | 1                  | 1                   | 1         | 1                  |
| Dynamic JTAG Disable/Monitor                   | 1                  | -                   | 1                  | 1                  | 1                   | 1         | *                  |
| Secure Programmable Logic Clock Source         | 1                  | 1                   | 1                  | -                  | 1                   | 1         | *                  |
| Internal AES Key Clear                         | 1                  | 1                   | 1                  | -                  | 1                   | + Verify  | ✓ + Verify         |
| Global 3-state/Set-reset (GTS/GSR)             | 1                  | 1                   | 1                  | 1                  | 1                   | 1         | 4                  |
| On-chip Temperature/Voltage Monitors & Alarms  | 1                  | *                   | 1                  | 1                  | 1                   | 1         | *                  |
| Unique Identifiers (Device DNA & User eFUSE)   | *                  | *                   | 1                  | 1                  | 1                   | 1         | *                  |
| Permanent JTAG Disable (internally)            | *                  | ×                   | ×                  | ×                  | ×                   | 1         | *                  |
| Secure BBRAM Key Agility in the Field          | *                  | *                   | ×                  | ×                  | ×                   | 1         | *                  |
| Non-volatile Tamper/Maintenance Logging        | *                  | *                   | ×                  | ×                  | ×                   | 1         | 4                  |
| Permanent Decryptor Disable                    | *                  | *                   | ×                  | ×                  | ×                   | 1         | *                  |
| User Accessible Crypto Accelerators            | ×                  | ×                   |                    | ×                  | *                   | *         | 1                  |
| Programmable Tamper Responses                  | *                  | ×                   | ×                  | ×                  | ×                   | *         | 1                  |
| Secure External Data Storage (via PUF)         | ×                  | *                   | ×                  | ×                  | ×                   | ×         | 1                  |
| Public Key Revocation/Replay Protection        | n/a                | n/a                 | n/a                | n/a                | *                   | ×         | 1                  |
| ARM TrustZone                                  | n/a                | n/a                 | n/a                | n/a                | 1                   | n/a       | 1                  |
| ARM v8 Cryptography Extensions                 | n/a                | n/a                 | n/a                | n/a                | _ * _               | n/a       | 1                  |
| Memory/Peripheral Protection Units (XMPU/XPPU) | n/a                | n/a                 | n/a                | n/a                | *                   | n/a       | 1                  |
| AXI/APB Isolation Block (AIB)                  | n/a                | n/a                 | n/a                | n/a                | *                   | n/a       | 1                  |
| System Memory Management Unit (SMMU)           | n/a                | n/a                 | n/a                | n/a                | ×                   | n/a       | 1                  |



**Security Feature Overview** 

| Passive Security Features               | Virtex-5<br>(65nm) | Spartan-6<br>(45nm) | (40nm)     | 7-Series<br>(28nm) | Zynq-7000<br>(28nm) | UltraScale/+<br>(20/16nm) | 2ynq US+<br>(16nm) |
|-----------------------------------------|--------------------|---------------------|------------|--------------------|---------------------|---------------------------|--------------------|
| Confidentiality w/ AES-256              | ✓ CBC Mode         | ✓ CBC Mode          | ✓ CBC Mode | ✓ CBC Mode         | ✓ CBC Mode          | ✓ GCM Mode                | ✓ GCM Mode         |
| Secure AES Key Storage (BBRAM/eFUSE)    | ✓ BBRAM Only       | 1                   | 1          | 1                  | 1                   | 1                         | 1                  |
| Readback Disable                        | 1                  | 1                   | 1          | 1                  | 1                   | 1                         | *                  |
| Symmetric Authentication                | *                  | *                   | ✓ HMAC     | ✓ HMAC             | ✓ HMAC              | ✓ AES-GCM                 | ✓ AES-GCM          |
| Asymmetric Authentication               | *                  | *                   | *          | *                  | ✓ RSA-2048          | ✓ RSA-2048                | ✔ RSA-4096         |
| Permanent JTAG Disable                  | *                  | *                   | ×          | 880                | 1                   | 1                         | 1                  |
| DPA Resistance                          | *                  | *                   | *          | ×                  | *                   | 1                         | *                  |
| Permanent DFT Disable                   | *                  | *                   | ×          | ×                  | ×                   | 1                         | 1                  |
| Obfuscated Key Storage                  | *                  | *                   | ×          | ×                  | *                   | 1                         | 1                  |
| Encrypted (black) Key Storage (via PUF) | (*)                | *                   | *          | ×                  | ×                   | *                         | *                  |
| Secure Boot/Configuration Clock Source  | *                  | *                   | ×          | ×                  | ×                   | *                         | *                  |



13 2/7/19



#### **Arm TrustZone - Hardware Enforced Isolation**

# Non-Secure (Untrusted) Secure (Trusted)

- Secures the AXI bus for read and write transactions
- AxPROT[1] AXI Read or Write
  - ▶ '0' Clear for secure transactions
  - ▶ '1' Set for non-secure transactions
- Propagated from the Application Processing Unit (APU) to the Programmable Logic (PL)
- Applicable Xilinx Labs
  - Functional and Physical Isolation Within the Programmable Logic (PL) of the Zynq UltraScale+ MPSoC
  - Functional and Physical Isolation Within the Processing Subsystem (PS) of the Zyng UltraScale+ MPSoC

15 2/7/19



#### **Arm TrustZone - Hardware Enforced Isolation**



Source: https://www.slideshare.net/linaroorg/bkk16110-a-gentle-introduction-to-trusted-execution-and-optee

miss

16

#### Arm TrustZone - Hardware Enforced Isolation extended in PL

The secure functions can be extended into the Programmable Logic:

- The Arm TrustZone regulates the access to this resource by checking if the request comes from a trusted or untrusted source
- Xilinx Isolation Design Flow (XIDF) ensures the function is physically isolated and can not be tempered by closeby IP cores









#### **OP-TEE**

- What is OP-TEE?
  - OP-TEE is a Open Platform Trusted Execution Environment
  - Utilizes arm TrustZone to isolate Hardware
  - Utilizes Exception Levels to isolate Software
- Why OP-TEE or why Software Isolation?
  - To minimize attackable surface
  - Add another Layer of security between the adversary and your keys

9 2/7/



### **Real World Application**

- Trusted Touch Screen
  - Touch screen get elevated to secure HW
  - Data processed in secure world



- Secure Storage
  - Encrypt/Decrypt algorithms run in trusted world
  - Encrypted data stored in untrusted world



- Secure Communications
  - Data comes in from an untrusted source that gets authenticated in the trusted world



mle missing link electronics

20

# **Quick Look at Zynq Ultrascale+ Architecture**

OP-TEE utilizes following parts of a Xilinx Zynq Ultrascale+ device:

- ARM Cortex A53 , ArmV8
- Internal Memory (OCM / TCM)
- Configuration and Security Unit
- Indirectly PMU for ATF



21

2/7/19



#### **TEE Software Components**

- Secure Monitor ATF
  - Handles switching from the non-secure state to the secure state and vice versa
  - Called via a Secure Monitor Call (SMC) exception
  - Operates at EL3
- Trusted Operating System
  - Handles secure device drivers
  - Loads trusted applications and schedules their operation
  - Operates at secure exception level 1 (SEL1)
- Trusted Applications
  - Runs in the trusted OS to safely deliver trusted services to untrusted applications
  - Called via a TEE driver running in the non-secure kernel or hypervisor
  - Operates at SEL0











# **OP-TEE Functionality**

| Functionality                      | OP-TEE<br>free | OP-TEE<br>by MLE |  |  |
|------------------------------------|----------------|------------------|--|--|
| OP-TEE Basic functionality         | Х              | X                |  |  |
| Trusted Applications               | Х              | X                |  |  |
| Secure Paging                      | Х              | ×                |  |  |
| Testsuite                          | х              | x                |  |  |
| AES-GCM (hardware accelerated)     | -              | x                |  |  |
| RSA (hardware accelerated)         | -              | X                |  |  |
| SHA3 (hardware accelerated)        | -              | X                |  |  |
| Physical Unclonable Function (PUF) | -              | Х                |  |  |
| eFuse programming                  |                | x                |  |  |
| Secure Bitstream Loading           |                | X                |  |  |
| Performance Measurement            | -              | X                |  |  |
| Custom PL Functions                | -              | X                |  |  |

7

2/7/19



# **Evaluation/Test Hardware**



Ultra96 V2 (~\$250)

# **Production**



Special Order Code to ensure entropie of PUF

mle missing link electronics

28

#### **Documents**

Security Guidance for Zynq UltraScale+:

- XAPP1323 Developing Tamper Resistant Designs with Zynq UltraScale+

#### Automotive Standards:

- Auto-ISAC (Information Sharing & Analysis Center)
- ISO 21434 (Draft): Road vehicles Cybersecurity engineering
- SAE J3101 Requirements for Hardware-Protected Security for Ground Vehicle Applications
- SAE J3061 Cybersecurity Guidebook for Cyber-Physical Vehicle Systems

Security and Safety landing pages from Xilinx:

www.xilinx.com/security www.xilinx.com/safety

9 2/7/19



#### **Contact Information**

Missing Link Electronics GmbH Neu-Ulm, Germany Phone DE: +49 (731) 141149-0

Missing Link Electronics

Web: http://www.MLEcorp.com/security

Email: <a href="mailto:sales-web@mlecorp.com">sales-web@mlecorp.com</a>



