Overview The goals of a secure IoT device Security - How can I secure my device? Security - Platform Security Architecture Security - Arm TrustZone technology Security - CryptoCell and CryptoIsland technologies Security - Mitigating against physical attacks Security - Implementing additional security IP - What IP do I need to make a secure IoT device? IP - The processor IP - The AMBA components IP - The CryptoCell IP - Power control, timers, Wi-Fi, and display Build - How does the IP fit together? Build - Starting to develop an example TBSA-M system Build - Select AMBA components to link the IP together Build - Connect to RAM, ROM, and eFlash memory Build - Connect the CryptoCell-312 Build - Add power control to the SoC Build - Add the timers as peripherals Build - Add a theoretical Wi-Fi and display component Build - Integrate the IP into the SoC Build - Add your own registers for the SoC Build - Arm subsystems SSE-123 - Exploring the SSE-123 Example Subsystem SSE-123 - SSE-123 features SSE-123 - Working with the SSE-123 SSE-123 - SSE-123 timers SSE-123 - SSE-123 registers SSE-123 - Debugging with the SSE-123 SSE-123 - The SSE-123 I/O port SSE-123 - Ideas for extending the SSE-123 Related information Next steps
Connect the CryptoCell-312
The AHB5 bus matrix provides a slave and master interface for the CryptoCell-312 to connect to. The CryptoCell-312 connects as a slave to the AHB5 bus matrix through an AHB4 interface. It connects as a master to the AHB5 bus matrix through an AHB5 interface. An AHB5 to APB4 asynchronous bridge is needed between the AHB4 interface and the AHB5 bus matrix.
You must also implement One Time Programmable (OTP) memory and a persistent state storage block for the CryptoCell. The CryptoCell stores key state information in the persistent state storage block. If a cold reset occurs, the CryptoCell repopulates persistent values from the OTP memory. Implement the OTP memory using on die e-fuses or using private, protected eFlash locations.