SAM L10 / L11 Series 32-bit Microcontroller · SAM L11 authenticates with secure element to ensure...

SAM L10 / L11 Series

32-bit Microcontroller

Customer Presentation

2

Agenda

SAML10/L11 Overview

Key Features & Benefits

Target Applications

Development Tools Support

Demos

Development Ecosystem

Security Use Cases

Summary

SAM L10/L11 Overview

4

Security, Low Power & Touch Innovation

SAML10/11 Family:

Industry Leading Security in its performance class

Industry’s first Arm® Cortex-M23 with chip-level robust security features&

Arm® TrustZone®

Hardware security integrated in a small footprint MCU

Comprehensive security software framework

Industry’s lowest power in its performance class

Microchip’s proprietary picoPower® Technology delivers staggering results

EEMBC ULPMark Certified Score of 405 ( over 200% higher than the nearest

competition)

Ultra-low Active Current (<25uA/MHz)

Standby RAM Retention (<0.6 uA)

OFF Mode (<100 nA)

Wakeup time 1.5 uS idle & 2.6 uS sleep

Industry leading Capacitive Touch

Highly responsive & accurate

Superior water tolerance & excellent noise immunity

Advanced Information - Microchip Confidential

5

SAML10 & SAML11

Configuration

SAM L11

Performance and Memory:

32 MHz Cortex-M23

Up to 64KB Flash

Up to 16K SRAM

Key Peripherals:

Enhanced PTC

12-Bit ADC; 10-bit DAC

OP Amps; SERCOM

Security:

TrustZone

Chip-level Tamper Detect

Crypto Accelerator (AES128, SHA256)

Secure Boot & Bootloader

Secure Key Storage

SAM L10

Performance and Memory:

32 MHz Cortex-M23

Up to 64KB Flash

Up to 16K SRAM

Key Peripherals:

Enhanced PTC

12-Bit ADC

10-bit DAC

OP Amps

SERCOM

Pins Packages

32 TQFP(7x7),QFN(5x5), WLCSP(2.8x2.8)

24 SSOP(5x8), QFN(4x4)

Temp Options

-40C to 85C & -40C to 125C


6

Timelines

Key Milestones Current Schedule

Stream Out Complete

Early Adopter Support Now

Release to Production CQ2’18


7

Key Features & Benefits

Key Selling Feature Benefits

picoPower® Technology Power & Performance balance

Improves battery life, reduces battery

replacements & lowers overall system cost

Low Power Analog (Op Amps, DAC, ADC, AC) Reduces BOM by eliminating the need for

external analog components

Enhanced Peripheral Touch Controller(PTC)

Advanced Touch with Driven Shield Plus &

Parallel Acquisition

Differentiates user interfaces with highly

responsive, elegant & Water Tolerant Touch

TrustZone Resists software attacks

Isolates & Protects IP & proprietary S/W

Secure Key Storage

(TrustRAM & DataFlash)

Protects Keys/secrets against physical attacks

Prevents Cloning & Counterfeit products

Secure Boot & Secure Bootloader Eliminates the risk of malicious code running on

the MCU

New Cortex M23 Core Better performance & smaller code size than

Cortex M0+


8

picoPower® Technology

EEMBC ULPMark Certified Score of 405

over 200% higher than the nearest competition

Ultra-low Active Current (<25uA/MHz)

Standby RAM Retention (<0.6 uA)

OFF Mode (<100 nA)

Wakeup time 1.5 uS idle & 2.6uS sleep

Power Saving Techniques Benefits

SleepWalking Ability of the peripherals to perform a task without waking up the CPU from the sleep mode to

maintain low power for extended period

Dual Performance Levels (PL0 & PL2) Ability to change the CPU speed on the fly to suit the application activity Level. Helps strike balance

between power and performance in active mode

Event System Inter-peripheral communication

Reduces CPU overhead & saves CPU cycles

Power Domain Gating Unused power domain can be switched off to reduce the sleep currents even further

Low Power Analog

(Op Amps, ADC, AC, DAC)

Reduces BOM

Can take inputs from sensors when in sleep

picoPower® TechnologyFlexible Power Saving Features

Longer Battery Life

Lower Total System Cost


9

Industry Leading Touch

Enhanced Peripheral Touch Controller(PTC)

Integrated capacitive touch controller for buttons, sliders, wheels &

small surfaces(up to 8x8 cm)

Highly Responsive & Accurate Touch

Autonomous Operation

Low CPU utilization

Ultra-Low Power Mode(under 4µA)

Improved Performance:

Driven Shield Plus

Industry leading moisture tolerance

Excellent noise immunity

Parallel Acquisition

Faster Response & High Signal to Noise Ratio


10

Broad Application Spectrum

IoT & Security

Smart Cities

Home Automation

Smart Agriculture

Medical Devices

Accessories Authentication

Ultra-Low Power

Wearables

Gaming Controls

Energy Harvesting

Low Power Industrial

Capacitive Touch

Appliances

Fitness Trackers

Automotive Door Handles

Key Pads

Remote Controls


11

SAML11 32 pin TQFP

64KB Flash & 16 KB SRAM

32MHz ARM Cortex M23 with Security

ARM®TrustZone®

Secure Boot

Crypto Accelerator(AES128, GCM & SHA256)

mikroBUS header

Xplained Pro extension headers

On board Debugger

XAM for Power Debugging

ECC508A

Xplained Pro Kits

SAML10 32 pin TQFP

64KB Flash & 16 KB SRAM

32MHz ARM Cortex M23

mikroBUS header

Xplained Pro extension headers

On board Debugger

XAM for Power Debugging

ECC508A

Price: $58

Price: $58


12

Demos

Demo Name Description Hardware

Trusted Execution Environment Illustrates trusted execution of low power

temperature sensor application & SAML11 counter

acting malicious code attacks

• SAML11 Xplained pro

• IO1 Xplained Pro

Secure LoRa IoT Node Securely transmits light sensor info to The Things

Network(TTN) gateway. Leverages TrustZone to

recover the sensor-node incase of code failure



• RN2903/RN2483

• TTN Gateway

Low Power Weather Station Implements ultra-low power features & analog of

SAML10 to provides temperature, humidity,

pressure & air-quality data on 1.54” e-ink display


• MikroE Weather click

• MikroE Air Quality click

• Waveshare 1.54” e-Ink

• MikroBus adapter

SleepWalking Demo Illustrates the sleepwalking and dynamic power

gating for ultra-low power consumption



Water Tolerant Touch Illustrates the Driven Shield Plus capability to reject

false triggers due to water & accurately track finger

touch


• QT7 Xplained Pro

Low Power Key Pad Illustrates the wakeup on touch of SAML1x for ultra-

low power key pad design


• QT3 Xplained Pro


13

Rich Development Ecosystem

IDE

• Atmel Studio 7

• IAR Embedded Workbench

• Arm® Keil® MDK

Software

Framework

• Atmel START

• Atmel START TrustZone Manager

Security

Framework

• End-to-End Solution Support

• Secure Key Provisioning

Low Power• Power Debugger Tool

• Data Visualizer

Touch

• QTouch Configurator

• QTouch Modular Library

• 2D Touch Surface Library


SAM L11 Security Use Cases

15

Prevention Against

Software (Remote) Attacks

How does SAML11 Help? TrustZone can partition the CPU &

memory into secured & non secure

zones

Secure Zone contains a copy of

application code that is protected

Anytime a code injection is detected

in non-secure world, secure world

loads the non-secure world with the

copy of application & restores the

normal state of operation

Applications : Connected Key Pads

Gas Stations/POS

Terminals

Access Control

Smart Door Locks

Connected Thermostats

Wireless Patient Monitoring

LoRa & SigFox Nodes

It is possible that Nodes that are connected are prone to remote software

attacks. Anytime an attack is detected a remedial action to replace the

infected code must take place


16

Remote Software Attacks

Typical Block Diagram

Example: SAM L11 will deny access to illegal requests, and load a copy of IoT

application from trusted-side back to the system if malware attack is

detected to avoid the system down time


Wireless Patient Monitor & Vital Signs Tracking System

Loads a copy of App if Malware

attack is detected

Wireless

ModuleIoT

AppIoT

App

Sensitive

Data

BioMetric

Sensor

Denies access to

illegal requests

SAML11

Secure Partition

Non-TrustedTrusted

17

Secure Boot

How does SAML11 Help? SAML11 facilitates secure boot

process

At start-up Crypto module performs

integrity & authenticity check on the

firmware

If these checks pass, SAML11 lets

execution of the firmware else it

halts the application code from

executing

Applications : Automotive

IoT Nodes

Single Purpose devices

E-readers, Voice

Assistants, GPS,

IP Cameras

Secure boot process is the vital first step in securing any embedded

system. It ensures the desired application code is executed on the product

to ensure the product’s key functionality is not tampered or altered


18

Secure Boot


Example: SAM L11 ensures malicious code on the non-trusted side is

not executed, in this car door touch handle example


Water

Tolerant

Touch

PTC &

Touch

Library

Crypto

Secure

BootLINECU

SAML11

Secure Partition

Non-TrustedTrusted

Application

Code

Authentication

19

Anti-Cloning

How does SAML11 help? SAML11 TrustRAM & Data Flash

with scrambling capabilities can

secure the keys

TrustRAM has active shield which

can erase the keys if physical attack

is detected

TrustZone can protect the keys

from malicious software requesting

keys

Applications : Printer Cartridges

Smart Phone/Tablet

accessories

Key Boards

Wireless Chargers

Game Controllers & Consoles

Keys/credentials which uniquely identify the end product brand are critical

& need to be secured to prevent the products from cloning.

The host & the accessory need to mutually authenticate to prevent cloning


20

Anti-Cloning


Example: SAM L11 authenticates with secure element to ensure the printer

cartridge is a genuine product from the original manufacturer


Printer

DataFlash

Secure Key

Storage

Customer

IP

SAML11

Secure Partition

Non-TrustedTrusted

Application

Code

Ink Cartridge

ECCx08A

Secure ElementAuthentication

21

Secure Communication

How does SAML11 Help? On-Board Crypto Module capable

of AES128 & GCM to encrypt

messages

Reduces burden on the CPU

TrustZone can be leveraged to map

serial ports(transferring sensitive

data) to secure zone to prevent

malicious code from accessing

these ports

Data need to be encrypted during transmission to prevent eavesdropping

Applications : Interconnected Nodes

MCU to external serial Flash

Medical Devices storing

patient’s sensitive data in

serial Flash

Secure communication

between nodes & gateway


22

Secure Data


Example: SAM L11 makes sure the patient private data stored in the

Blood Glucose Meter via secure serial communication from

trusted side with data encrypted


Blood Glucose Meter

Secure

Application

Secure

SERCOMEncrypted Data

Serial Flash

(Encrypted)

storing Patient

Private Data

SAML11

Secure Partition

Non-TrustedTrusted

Application

Code

23

Secure Firmware Upgrades

How does SAML11 Help? Offers Secure Bootloader

The Secure Bootloader &

SAML11’s on-board crypto verifies

the new firmware to be upgraded

SAML11 performs decryption,

checks for the integrity &

authenticity of the new firmware

before upgrading the product with it

Applications : Consumer

Fitness trackers, smart

watches & wearables

Server firmware upgrades by

BMC

Industrial sensors in a

manufacturing line

Medical devices

Glucose meters, Blood

pressure meter, CPAP

It is essential to authenticate the new firmware while doing OTA firmware

updates to ensure it is free from malware and is a genuine copy from the

manufacturer


24

Secure Firmware Upgrade


Example: SAM L11 ensure in this case, a smart watch, will only be upgraded with

the firmware from original manufacturer


Smart Watch

Bluetooth

Low

Energy

Firmware

Upgrade

Crypto

Secure

Bootloader

SAML11

Secure Partition

Non-TrustedTrusted

Authentication

Firmware Upgrade

25

IP Protection & Sandboxing

How does SAML11 Help? TrustZone can partition the CPU &

memory into secured & non secure

zones

Secure Zone exposes only those

APIs that are needed by non-

secure world

Any inadvertent access or illegal

request to read IP in Secure Zone

from non-secure would result in a

hard fault

End products that require two customers for App development see a need

to isolate their application and protect them from IP infringement or

accidental stepping in to certified software

Applications : Medical devices with proprietary

software

LoRa Edge devices with

certified stacks

Sensors with light weight

industrial protocol stacks, e.g.:

IO-Link Protocol


26

IP Protection & Sandboxing


Example: Any end products which requires more than one companies to develop

the codes, in this case an earbud heart rate sensor


Earbud Heart Rate Sensor

Heart

Rate

Sensor

OEM

Application

Heart

Rate

Sensor

IP

SAML11

Secure Partition

Non-TrustedTrusted

Company-B Application Code

• Full access to program & debug non-

trusted zone only

• Cant Access Company-A Firmware IP

other than exposed APIs

Company-A Firmware IP

• Fully protected

• No readout capability

• Only Necessary APIs are provided to

Company-B for App Development

SAML11 Chip Erase commands are

protected by keys.

DAL1 (Debug Access Level1) can used

so that only Non-Trusted Zone can be

programmed/Debugged

27

Summary

Industry’s First MCU with chip-level robust security features &

ARM® TrustZone®

Comprehensive Security Software Framework

Makes Security Simple

picoPower® Technology outperforms the competition

Industry leading Touch Solution

Widely Supported Family with Rich Development Ecosystem


Date post:	11-Jun-2020
Category:	Documents
Upload:	others
View:	2 times
Download:	0 times

SAM L10 / L11 Series 32-bit Microcontroller · SAM L11 authenticates with secure element to ensure...

Documents