By Damian Szmulewicz, Texas Instruments, and Oscar M. Guillen, Technical University of Munich.
There has been a tremendous increase in the adoption of building automation systems over the last two decades, in part due to the development of smart microcontroller (MCU)-driven products. With critical functions such as access control, video surveillance, intrusion and fire detection, heating, ventilating and air conditioning, security and integration are becoming increasingly important. In fact, the development of secure systems is one of the main challenges that manufacturers face today when designing the next generation of automation products.
Communication channels are a common door for security breaches. For this reason, the KNX Association recently released a guide outlining measures to increase security in KNX systems during installation and at runtime, known as KNX Data Secure
Microcontrollers with ferroelectric random access memory (FRAM) technology enable protection against the most common runtime security vulnerabilities. This results in products that are reliable and robust against malicious attacks whilst also enabling highly-integrated solutions due to their wide range of analogue and digital peripherals.
FRAM Technology
FRAM is a memory technology that combines the best of Flash and RAM. It is non-volatile like Flash, but offers fast and low-power writes, write endurance of 1015 cycles, code and data security, resistance to radiation and electromagnetic fields, and unmatched flexibility. FRAM is random access memory, meaning that each bit is read and written individually.
FRAM stores data as a polarisation of a ferroelectric material. As an electric field is applied, dipoles shift in a crystalline structure to store information, enabling state retention, lowering voltage requirement (as low as 1.5V) and enabling fast write speeds. FRAM advantages over traditional memory technologies lead to real function-level benefits in low-power applications, such as:
• Fire and smoke detectors
• Electronic locks
• Thermostats
• Access control and security
• Low-energy backup on power fail
• Over-the-air updates
• Industrial remote sensing or data logging
• Energy harvesting
• EEPROM replacement
KNX Data Secure
Devices that support KNX Data Secure come preloaded with a unique cryptographic key. After the device is deployed and its key has been registered in the Engineering Tool Software (ETS), a new project-specific key is sent to the device and is used for all future communication. Additional runtime keys are generated by ETS and sent to the device for multicast communication. Due to FRAM technology’s high write endurance, keys can be written into non-volatile memory virtually unlimited number of times, while preventing accidental loss in case of a power failure.
Unlike EEPROM/Flash, FRAM can be modified up to the bit level without previously erasing a memory block. Additionally, FRAM can be written up to 100 times faster and at 250 times lower power as compared to other non-volatile memories. This speed advantage, coupled with low energy requirements during a memory write, increases the reliability of data being written, preventing partial writes in the case of a power failure. The same applies to sequence numbers used to protect against message replay attacks and other counter values.
In order to ensure that sequence values are valid upon reset, they must be stored in non-volatile memory. Similarly, during transmission, the application must ensure that nonce values, used for encryption, are unique. Since all values cannot be stored within an MCU, a common technique is to number messages sequentially. FRAM’s aforementioned benefits ensure that the sequence number is reliably stored and updated as often as needed.
FRAM MCUs can also enable the isolation of cryptographic material in a user-defined memory area. A memory protection unit can be configured to protect the cryptographic content from accidental modifications by the application code. Cryptographic keys, sequence numbers, as well as any associated metadata can be encapsulated in an area preventing read and write access from external code. Key management functions can then be incorporated to add, update, activate/deactivate and destroy cryptographic keys in a secure manner.
KNX supports two modes of data protection, namely integrity, authentication and confidentiality; or integrity and authentication only. Cryptographic algorithms used to provide these security measures are based on the use of the Advanced Encryption Standard (AES). MCUs equipped with AES-256 hardware accelerator enables development of efficient implementations of authentication algorithms such as CBC-MAC and authenticated-encryption algorithms such as AES CCM.
Designing a KNX System using MCUs with FRAM Technology
To help you get started with KNX on a low-power MCU, Texas Instruments (TI) provides complete reference designs for its MSP430 FRAM portfolio. Hardware-wise, the low-cost MSP430FR5969 MCU LaunchPad development kit contains everything needed to start developing quickly on the FRAM platform, including on-board emulation for programming, debugging and energy measurements, with multiple options for the physical layer interface (PHY).
For software, TI has partnered with Tapko Technologies GmbH to provide a best-in-class KNX stack, code examples, and a framework for easy development. Lastly, detailed documentation is available to guide developers, no matter what their knowledge level of KNX is. For more information on available resources, hardware/software requirements and development tools, check out the KNX thermostat reference design.
To learn more about FRAM technology, visit www.ti.com/whatisfram.
Conclusion
MCUs with integrated FRAM are the right choice for the development of fully-integrated KNX Data Secure systems. Taking the right security measures is critical in the development of automation systems, and it may even dictate the fate of the product in the market. Getting started with KNX on FRAM MCUs is easy and inexpensive.
Damian Szmulewiczis the Applications Engineer for MSP Microcontrollers
for Texas Instruments (TI). TI designs and fabricates semiconductors globally.
Oscar M. Guillen is a research assistant for the Technical University of Munich – Chair for Security in Information Technology (TUM EI SEC). Research at TUM EI SEC focuses on the security of embedded systems, covering attacks on hardware and embedded software, as well as countermeasures.