Security User’s Guide

This group of topics provides an overview of the security features available on RSL15, and how to use them. These topics will be of interest to anyone who wants to incorporate security into their RSL15-based applications and products. The security features have their roots in the Arm® TrustZone® CryptoCell™-312 Security IP, which is used in conjunction with the Arm Cortex®-M33 processor and the boot ROM.

RSL15 provides a security solution that is flexible in its deployment options, yet robust against attack when properly configured. This is supported by:

  • The use of cryptographic techniques to form a cornerstone of the solution
  • Utilizing industry standard techniques wherever possible, to achieve the required level of security and best practice when defining cryptographic assets
    • Any cryptographic algorithms are compliant with the relevant standards
  • Extensible solutions with the potential to support future devices beyond RSL15
  • A hardware-based True Random Number Generator (TRNG), given that a core consideration in any cryptographic operation is the availability of random numbers
  • Hardware accelerators for standard cryptographic algorithms
  • A secure storage capability for cryptographic keys and other assets
  • The Root Of Trust provides:
    • a managed device life cycle
    • a Root of Trust (RoT) embedded in hardware
    • a secure boot facility to ensure that only verified and authenticated code can be executed
    • a secure debug facility to ensure that only authenticated users can access the system through the debug port
  • Standard APIs to allow simpler firmware support 
    • The API for using the hardware accelerators allows for a high level of software abstraction.

NOTE: For the purposes of this document, device manufacturer typically refers to an RSL15 user who would be building their own application, but in some circumstances the words can refer to other parts of the supply chain.

Depending on your needs you might wish to start with any of the main sections:

  1. General overview material indicating the main features provided by the device
  2. Theory of operation material detailing the modes and states of the system and how they work together to provide secure devices
  3. Tool support section detailing how the provided tools can be used to perform the functions outlined in the theory section—including specific examples where appropriate