Microcontrollers(650)

Smart Home Audio(325)

M2351 Series

Nuvoton IoT Security MiniSite

NuMicro® M2351 Series – a TrustZone® empowered microcontroller series focusing on IoT security.

The rise of the internet of things era has increased awareness for the integration of the physical world into digital systems. While the digitization of our everyday lives led to efficiency improvements and economic benefits, it has also caused pressure on systems designers who are now required to come up with innovative IoT products capable of performing secure connection and data exchange while maintaining low power consumption. Since security and power consumption are both key requirements in IoT application, Nuvoton has developed the NuMicro® M2351 Series, which excels in supporting the proliferation of intelligent connected devices.

The NuMicro® M2351 microcontroller series is powered by Arm® Cortex®-M23 core with TrustZone® for Armv8-M architecture, which elevates the traditional firmware security to a new level of robust software security.

Figure 1‑1 Design Concept of IoT Security Project

The low-power M2351 series microcontroller operates at up to 64 MHz frequency, with up to 512 Kbytes embedded Flash memory in dual bank mode, supporting secure OTA (Over-The-Air) firmware update and up to 96 Kbytes embedded SRAM. Furthermore, the M2351 series also provides high-performance connectivity peripheral interfaces such as UART, SPI, I²C, GPIOs, USB and ISO 7816-3 for a smart card reader. Its secure and efficient power management features strengthen the innovation of IoT security.

Figure 1‑2 M2351 Series Block Diagram

TrustZone® for Arm®v8-M empowered

The NuMicro® M2351 series is empowered by the Arm® TrustZone® for Armv8-M architecture. Arm® TrustZone® technology is a System on Chip (SoC) and CPU system-wide approach to security. In addition to firmware-level security, the M2351 series offers a more enhanced software-level security for robust security and greater power efficiency.

Figure 1‑3 M2351 Series TrustZone® Architecture

In addition to the Cortex®-M23 CPU core, the TrustZone® components of the M2351 Series include:

  • Secure Attribution Unit (SAU, inside of the Cortex®-M23 CPU)
  • Implementation Defined Attribution Unit (IDAU)
  • Flash Memory Controller (FMC)
  • Security Configuration Unit (SCU, supports SRAM and peripheral configurations)

As shown in the figure above, certain functionalities are fixated as secure attribution or allow secure access only to assure higher software-level security. Besides, other parts of the functionalities are designed to support TrustZone® implementation with bus master and bus slave IPs integration to realize the security functions.

Nuvoton® Security Functions Strengthened

In addition to TrustZone® technology, the NuMicro® M2351 series is also equipped with rich functions to improve system security. The Secure Bootloader supports trusted boot feature. The hardware crypto accelerators, including ECC, supports encryption and decryption operation to offload processor-computing power. The KPROM is a password protection mechanism to allow Flash memory write and erase. The XOM (Execute-Only-Memory) defines execute-only memory regions to protect critical program codes. The Flash lock bits are designed to disable external Flash read/ write and debug interface. Tamper detection pins can detect the state transition on the tamper pins.

Figure 1‑4 M2351 Series Security Functions

Power Management Technology for IoT Innovation

Other than security, power consumption is also critical for IoT applications. M2351 Series offers multiple power modes for more efficient power management. Regarding the power consumption of M2351 series, the normal run mode consumes 97 μA/MHz in LDO mode and 45 μA/MHz in DC-DC mode. The current consumption of stand-by power down mode is 2.8 μA and the deep power-down mode without VBAT is less than 2μA.

Table 1‑1 M2351 Series Power Consumption Comparison

Arm® PSA  with Nuvoton Secure Microcontroller Platform (NuSMP) Supported

The Arm® Platform Security Architecture (PSA) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA is a contribution from Arm® to the entire IoT ecosystem, offering common ground rules and a more economical approach to building more secure devices.

Nuvoton has developed the Nuvoton Secure Microcontroller Platform (NuSMP) to support the Arm® PSA. The NuSMP is a range of hardware and software mixture technology for security requirements of general purpose and secure IoT microcontrollers. With NuSMP, developers can easily achieve the secure services with the M2351 Series microcontroller in coverage of: Trusted Boot (Root of Trust), Secure OTA (Over-The-Air) firmware update (including secure software download), Power Management APIs for non-secure world and PC side crypto related development software tool.

Figure 1‑5 Nuvoton Secure Microcontroller Platform Architecture

The entire offering suite is constructed in compliance of Chain of Trust (CoT) with several secure booting layers named NuMicro® Boot Loader 1 (NuBL1, hardware level), Boot Loader 2 (NuBL2 first software level including trusted boot code and memory partition manager with OTA update feature), Boot Loader 32 (NuBL32, for Secure World), Boot Loader 33 (NuBL33, for Non-Secure World). With the CoT guarantee, all services and software tool can support most security requirements for MCU applications.

Easy to Develop, Easy to Implement.

Being committed to providing an easy development experience, Nuvoton offers a wealth of resources to work with the NuMicro M2351 series. For compiler selection, M2351 Series supports the development on Arm® Keil MDK, IAR Embedded Workbench for Arm® and GCC. Furthermore, the Keil MDK Nuvoton Edition for M2351 series is free to use. For supporting tools, M2351 Series offers helpful tools to aid the project progress. For example, the TrustZone Template Generator could assist the security state planning and the secure firmware building; the CryptoTool could support the cryptographic requirements of M2351 series, including key generation, key exchange, signature, encryption and decryption. For security project developing, Nuvoton offers NuSMP (Nuvoton Secure Microcontroller Platform) of integrated security technologies. The application note, sample code and training videos for each technology would be available for developers to access and reference. Lastly, the Arm® Mbed OS for IoT solutions and the Segger emWin for interactive interfaces are both supported in M2351 Series.

Figure 1‑6 Multiple Supported Resources of the M2351 Series

Security Features

  • Arm® Cortex®-M23 TrustZone® Technology
  • 8 regions MPU_NS (for non-secure world)
  • 8 regions MPU_S (for secure world)
  • 8 regions Security Attribution Units (SAU)
  • Implementation Defined Attribution Unit (IDAU)
  • 2 KB OTP ROM with additional 1KB lock bits
  • Hardware Crypto Accelerators
  • CRC calculation unit
  • Up to 6 tamper detection pins
  • 96-bit Unique ID (UID), 128-bit Unique Customer ID (UCID)
  • Arm® Platform Security Architecture (PSA) and Trusted Base System Architecture-M (TBSA-M) supported

  Applications

  • IoT Devices with Secure Connection
  • Collaborative Secure Software Development Business Model
  • Fingerprint Card, Fingerprint Lock
  • Smart Home Appliance
  • Smart City Facilities
  • Wireless Sensor Node Device (WSND)
  • Auto Meter Reading (AMR)
  • Portable Wireless Data Collector
  • Digital Currency Authentication
  • Trusted Execution Environment (TEE) with Trusted Applications (TAs)