Security-on-a-Chip with Certified Protection Profiles for European Utilities
STMicroelectronics has brought together the latest digital security techniques in a single chip to protect Smart Things and Networks including those for utility infrastructure against cyber threats. Focused on providing state-of-the-art security for connected objects, the STSAFE-J100 gives the object an unalterable identity that can be authenticated; it also handles encrypted communications and provides secure storage. It is easily integrated in IoT (Internet of Things) devices like smart meters, data concentrators, and utility gateways.
Customizable with market-specific applets, the STSAFE-J100 secure element combines CC EAL5+[1] certified hardware and a CC EAL5+ certified secure operating system. Device designers can take advantage of the freedom to create their own security profiles, or get to market faster using ST's pre-certified profiles such as German BSI and French Enedis smart-utilities specifications.
The STSAFE-J100 extends ST's successful track record in robust, user-friendly, hardware-digital security for e-government, transportation, banking, and consumer projects, with over 1 billion embedded secure elements delivered yearly to protect devices and networks worldwide.
"Today's on-line services and connection to remote objects need a high level of protection against ever-evolving cyber threats. It is crucial to offer device makers state-of-the-art security for a minimum integration effort," said Laurent Degauque, Marketing Director, Secure Microcontroller Division, STMicroelectronics.
"The flexible STSAFE-J100 solution raises the bar with extra performance and support for the latest encryption algorithms and security standards, including security profiles for the important German and French smart-metering markets," Degauque added.
To help customers take full advantage of the flexibility of the STSAFE-J100 and ensure uncompromising threat protection, ST provides secure device-personalization service. Personalizing each device with its unique identity and cryptographic keys is a fundamental part of the secure-element philosophy to create trusted hardware resistant to cloning or hacking. ST's service is safe and cost-effective, and relieves customers of responsibility for secure programming, preventing exposure of keys and secrets, and distributing programmed devices.
Security:
- AIS-31 class PTG.2 compliant true random number generator (TRNG)
- AIS-20/31 class DRG.3 deterministic number generator (DRNG)
- Enhanced cryptographic algorithms:
- DES/3DES, ECC and AES
- SHA-1, SHA224, SHA-256, SHA384, SHA512, MD5 and CRC16
- Generic Mapping primitive for Password Authenticated Connection Establishment (PACE) protocol
- Hardware security DES accelerator
- Hardware security AES
- Differential power analysis (DPA) and differential fault analysis (DFA) countermeasures against side-channel attacks
- Active shield
- Unique serial number on each die
The STSAFE-J100 occupies minimal real-estate on the main system board. It is available in a 5mm x 5mm VFQFPN32, a 6.0mm x 4.9mm SO8N, or a 4.2mm x 4.0mm UDFN8 package.