The e-magazine for KNX home & building control

Product Design: How KNX Systems can Benefit from MCUs with FRAM Technology

Szmulewicz_DamianOscar GuillenBy Damian Szmulewicz, Texas Instruments, and Oscar M. Guillen, Technical University of Munich.

There has been a tremendous increase in the adoption of building automation systems over the last two decades, in part due to the development of smart microcontroller (MCU)-driven products. With critical functions such as access control, video surveillance, intrusion and fire detection, heating, ventilating and air conditioning, security and integration are becoming increasingly important. In fact, the development of secure systems is one of the main challenges that manufacturers face today when designing the next generation of automation products.

Communication channels are a common door for security breaches. For this reason, the KNX Association recently released a guide outlining measures to increase security in KNX systems during installation and at runtime, known as KNX Data Secure .

KNX has developed new security concepts: KNX Data Secure and KNX IP Secure.
KNX has developed new security concepts: KNX Data Secure and KNX IP Secure.

Microcontrollers with ferroelectric random access memory (FRAM) technology enable protection against the most common runtime security vulnerabilities. This results in products that are reliable and robust against malicious attacks whilst also enabling highly-integrated solutions due to their wide range of analogue and digital peripherals.

FRAM Technology

FRAM is a memory technology that combines the best of Flash and RAM. It is non-volatile like Flash, but offers fast and low-power writes, write endurance of 1015 cycles, code and data security, resistance to radiation and electromagnetic fields, and unmatched flexibility. FRAM is random access memory, meaning that each bit is read and written individually.

FRAM stores data as a polarisation of a ferroelectric material. As an electric field is applied, dipoles shift in a crystalline structure to store information, enabling state retention, lowering voltage requirement (as low as 1.5V) and enabling fast write speeds. FRAM advantages over traditional memory technologies lead to real function-level benefits in low-power applications, such as:

• Fire and smoke detectors
• Electronic locks
• Thermostats
• Access control and security
• Low-energy backup on power fail
• Over-the-air updates
• Industrial remote sensing or data logging
• Energy harvesting
• EEPROM replacement

The molecular structure of FRAM results in an advantage in terms of speed and reliability.
The molecular structure of FRAM results in an advantage in terms of speed and reliability.

KNX Data Secure

Devices that support KNX Data Secure come preloaded with a unique cryptographic key. After the device is deployed and its key has been registered in the Engineering Tool Software (ETS), a new project-specific key is sent to the device and is used for all future communication. Additional runtime keys are generated by ETS and sent to the device for multicast communication. Due to FRAM technology’s high write endurance, keys can be written into non-volatile memory virtually unlimited number of times, while preventing accidental loss in case of a power failure.

Unlike EEPROM/Flash, FRAM can be modified up to the bit level without previously erasing a memory block. Additionally, FRAM can be written up to 100 times faster and at 250 times lower power as compared to other non-volatile memories. This speed advantage, coupled with low energy requirements during a memory write, increases the reliability of data being written, preventing partial writes in the case of a power failure. The same applies to sequence numbers used to protect against message replay attacks and other counter values.

In order to ensure that sequence values are valid upon reset, they must be stored in non-volatile memory. Similarly, during transmission, the application must ensure that nonce values, used for encryption, are unique. Since all values cannot be stored within an MCU, a common technique is to number messages sequentially. FRAM’s aforementioned benefits ensure that the sequence number is reliably stored and updated as often as needed.

FRAM MCUs can also enable the isolation of cryptographic material in a user-defined memory area. A memory protection unit can be configured to protect the cryptographic content from accidental modifications by the application code. Cryptographic keys, sequence numbers, as well as any associated metadata can be encapsulated in an area preventing read and write access from external code. Key management functions can then be incorporated to add, update, activate/deactivate and destroy cryptographic keys in a secure manner.

KNX supports two modes of data protection, namely integrity, authentication and confidentiality; or integrity and authentication only. Cryptographic algorithms used to provide these security measures are based on the use of the Advanced Encryption Standard (AES). MCUs equipped with AES-256 hardware accelerator enables development of efficient implementations of authentication algorithms such as CBC-MAC and authenticated-encryption algorithms such as AES CCM.

KNX runtime communication protection.
KNX runtime communication protection.

Designing a KNX System using MCUs with FRAM Technology

To help you get started with KNX on a low-power MCU, Texas Instruments (TI) provides complete reference designs for its MSP430 FRAM portfolio. Hardware-wise, the low-cost MSP430FR5969 MCU LaunchPad development kit contains everything needed to start developing quickly on the FRAM platform, including on-board emulation for programming, debugging and energy measurements, with multiple options for the physical layer interface (PHY).

(Left) KNX thermostat reference design with TI MSP430FR5969 MCU with FRAM, and (right) the TI MSP430FR5969 MCU LaunchPad development kit.
(Left) KNX thermostat reference design with TI MSP430FR5969 MCU with FRAM, and (right) the TI MSP430FR5969 MCU LaunchPad development kit.

For software, TI has partnered with Tapko Technologies GmbH to provide a best-in-class KNX stack, code examples, and a framework for easy development. Lastly, detailed documentation is available to guide developers, no matter what their knowledge level of KNX is. For more information on available resources, hardware/software requirements and development tools, check out the KNX thermostat reference design.

To learn more about FRAM technology, visit www.ti.com/whatisfram.

KNX PHY modules from Tapko Technology
KNX PHY modules from Tapko Technology

Conclusion

MCUs with integrated FRAM are the right choice for the development of fully-integrated KNX Data Secure systems. Taking the right security measures is critical in the development of automation systems, and it may even dictate the fate of the product in the market. Getting started with KNX on FRAM MCUs is easy and inexpensive.

Damian Szmulewiczis the Applications Engineer for MSP Microcontrollers
for Texas Instruments (TI). TI designs and fabricates semiconductors globally.

Oscar M. Guillen is a research assistant for the Technical University of Munich – Chair for Security in Information Technology (TUM EI SEC). Research at TUM EI SEC focuses on the security of embedded systems, covering attacks on hardware and embedded software, as well as countermeasures.

www.ti.com
www.sec.ei.tum.de

Share on facebook
Share
Share on twitter
Tweet
Share on linkedin
Share

SPONSORS

The new PEAKnx Control 12


The new PEAKnx Control 12
The 11.6-inch smart home panel by PEAKnx represents a significant advancement as the successor to the Controlmini. Among ...

LUXA 103 KNX presence detectors


LUXA 103 KNX presence detectors
Theben is expanding its LUXA 103 presence detector series for indoor and outdoor lighting and HVAC control with a KNX ...

Interra iX3 4” Touch Panel


Interra iX3 4” Touch Panel
A next-generation room controller that transforms environmental management. With integrated sensors for temperature, humidity, brightness, and air quality (optional ...