32-bit Arm Cortex-M MCUs offer ultimate IoT security

Renesas Electronics Corporation now offers PSA Certified Level 2 and Security Evaluation Standard for IoT Platforms (SESIP) certifications for its RA Family of 32-bit Arm Cortex-M MCUs.

The company’s RA6M4 MCU Group devices with the Flexible Software Package have been PSA Level 2 certified, increasing on the PSA Certified Level 1 delivered by RA4 and RA6 Series MCUs. Its RA6M3, RA6M4, and RA4M2 MCU groups have gained SESIP1 certification with Physical and Logical Attacker certifications.

As well as these widely recognised industry certifications, the MCUs give customers the ultimate IoT security by combining Secure Crypto Engine IP with NIST CAVP certifications on top of Arm TrustZone for Armv8-M. RA Family devices include hardware-based security features from simple AES acceleration to fully-integrated crypto subsystems isolated in the MCU. The Secure Crypto Engine gives symmetric and asymmetric encryption and decryption, hash functions, TRNG, and advanced key handling, including key generation and MCU-unique key wrapping. An access management circuit closes down the crypto engine if the correct access protocol is not followed, and dedicated RAM assures that plaintext keys are never disclosed to any CPU or peripheral bus.

“Renesas understands that security is essential for IoT designers, so we have engineered the RA Family from the ground up with security in mind,” said Roger Wendelken, senior vice president in Renesas’ IoT and Infrastructure Business Unit. “These industry certifications augment what is already the most secure device family in the industry for IoT applications.”

“We are glad to work with Renesas on the SESIP and PSA Certified certifications. Renesas RA Family certifications are prime examples of the relevance of security standards for the industry,“ said Carlos Serratos, senior director of Strategy, Policy and Advocacy at Brightsight. “From an OEM perspective, there is an increasing awareness of the value of certified devices as a tool for managing risk and for aligning with multiple device certifications. While this is particularly relevant for devices used in critical infrastructures, it is steadily becoming the norm for the rest of the IoT domain.”