Memories Offer Measure Of Security For IoT Devices

Storing your keys in the freezer isn’t a sustainable model.

popularity

Consumers are going to extremes to keep their electronic devices secure. A first-person account in The New York Times offered a novel way to thwart thieves from breaking into a car with a remote keyless system and stealing it — the author kept her car keys in the freezer.

As extreme as this seems, it may only get worse as we move into the era of the Internet of Things. A recent Hewlett-Packard research report confirms that security is a growing concern. The survey concluded that 70% of IoT devices currently on the market are vulnerable to security breaches.

IoT device manufacturers know that securing an IoT device is not an easy matter and understand their chip designers are not experts in security. These device manufacturers understand that creating a secure device requires addressing many possible vulnerabilities. There is no “silver bullet.”

As part of this overall solution, device manufacturers are starting to place their faith in embedded memories to keep devices secure from hackers and thieves. Heading a ready-made list of “must haves” for embedded memory is power management, because many IoT devices are battery-operated. Other features include low power with instant-on, a small silicon footprint and programmable non-volatile code storage. The most important feature is a security protocol that does not compromise power management.

Embedded non-volatile memory (eNVM) is a configurable, embedded on-chip component able to reduce costs, improve performance and enable secure storage. Examples are electrical fuses, embedded flash, multi-time programmable (MTP), and one-time programmable (OTP). Logic eNVM technologies, implemented in standard logic CMOS with no additional masks or processing steps, work well for most IoT applications.

Several technologies fall into the logic eNVM space and range from polyfuse and floating gate to antifuse one-time programmable (OTP), the most secure eNVM with best-in-class security and lower active and standby power. Best of all, it has all the “must have” features needed for IoT device memory.

A protective layer at the vulnerable physical layer ensures that the antifuse eNVM cannot be hacked using passive, semi-invasive or invasive methods. Its bit cell does not store a charge, which means there is no physical evidence of the state of the non-volatile memory bit cell. Instead, the bit determines an initial “0” or programmed “1” through the process of sensing current, not voltage.

Passive techniques using current profiles to determine word patterns fail because the bitcell current for “0” and “1” is smaller than the current required for sensing or operating peripheral circuits to be able to read the memory. Invasive techniques, including backside attacks or SEM passive voltage contrast, are unsuccessful because it is difficult to isolate the bitcell since it is connected in a cross point array. It is nearly impossible to establish programmed bits because it is difficult to locate the oxide breakdown using chemical etching or mechanical polishing and by looking at a cross-section or top view.

IoT device manufacturers can integrate eNVM storage for data protection because information programmed into an antifuse bit cell provides physical security to make the system impenetrable.

While the author of The New York Times article believes she may be at the forefront of a new digital safety trend, there has to be another way to keep our IoT devices secure from thieves and hackers. Embedded memories may be the key to the answer.

The New York Times article, “Keeping Your Car Safe From Electronic Thieves,” can be found here.