Secure Key Memory and PUF Technology for Industry 4.0

Secure Key Memory for Industry 4.0

PUF as Key Storage
© Fraunhofer IMS
PUF as Key Storage
Test chip with PUF as secure key memory and RISC-V microprocessor
© Fraunhofer IMS
Test chip for the application of firmware and sensor data encryption with PUF as a secure key memors and RISC-V microprocessor

As a continuation of the first and second industrial revolution in the 19th century and the so-called industrial revolution in the 20th century with the emergence of digital technology and the use of computers for automation of production, the increasing networking of machines and devices within the production facilities is commonly called the fourth industrial revolution. But in the so-called “industry 4.0” it is not only about networking of devices and the exchange of data, but also about so-called cyberphysical systems that can make decisions independently to solve certain tasks.

However, the safety aspect must not be disregarded in all these endeavors. Several attack scenarios are possible that could cause significant damage to a company. Especially the manipulation of important production data can bring production to a standstill by disturbing important processes or decision processes of the cyberphysical systems. The attack can occur by intercepting or changing of the sent data of individual industry 4.0 nodes, like sensors, or by an exchange of the devices or their firmware.

Security not only for performant systems

The individual nodes in an industry 4.0 network form mostly small, lightweight, embedded systems. To protect embedded systems from manipulation, the system has to be identifiable and authenticate itself inside of an industry 4.0 network. In addition, the firmware has to be stored in an encrypted form in the memory to protect it from manipulation. Also, the communication should be carried out in an encrypted way to shield the data from interception or manipulation of the data. For these tasks there are established cryptographic protocols that have been found safe that usually need a cryptographic key that is filed on the system inside of a secure key memory.

These keys are often filed in a secure storage area. For example, for smartcards or debit and credit cards an asymmetric cryptosystem is used in which the private key is generated on the device inside of a so-called hardware safety module (HSM) and filed in a memory area that cannot be read out from outside and therefore serves as a secure key memory. The key can be applied for the encryption and signing of data without leaving the system. Before a hardware access to the stored key, such a system is not necessarily secure anymore.

An individual fingerprint for every chip

Fraunhofer IMS has developed a system that uses the random manufacturing deviations in the ASIC as an individual fingerprint to derive a cryptographic key. Every chip exhibits deviations within the defined limits of the production process, for example in the values of passive circuit elements. Combined with a robust readout circuit these elements build a secure key memory, because the saved value is undisclosed to manufacturer and user and must never leave the chip.

Because the exact value of the circuit element is generated within the production process, it can’t be recreated with another production, which is why this is called a physical unclonable element or Physical Unclonable Function (PUF). An external measurement of the small variations is practically impossible or changes the features of the component permanently and therefore realizing a high security level in comparison to common key memories. With this form of secure key memories combined with the additional manipulation safeguard, the security level can be increased even more. In the Fraunhofer-internal research project COPYCAT, for example, a manipulation protective film has been developed that safely recognizes when the electronic housing is opened and can consequently delete or block parts of the memory area. This creates an additional guard from manipulation and reverse engineering.

PUF can also be implemented as a so-called “Strong PUF”. These have with the so-called “challenge” an input word, to which the PUF sends back an individual answer or “response”. Ideally, a high number of “challenges” is available. This way, the system can be identified, in addition to the application as a key memory, inside of a “challenge-response-protocol”, without having to carry out cryptographic calculations on the chip.

Fraunhofer IMS is currently working on a project of the cooperative industrial research (IGF), supported by the Federal Ministry of Economics and Technology (BMWi), in cooperation with the University of Applied Sciences Offenburg and a consortium of companies inside the sensor and automation industry, to make PUF technologies and secure key memories to small businesses for lightweight sensor nodes in industry 4.0 networks.

This might interest you

Customer-Specific HF and NFC Transponder

Transponder-based sensor systems, security and special solutions for NFC and RFID according to ISO 15443, ISO 15693 / ISO 18000-3

Runtime Measurements

Fraunhofer IMS develops Time-to-Digital Converter (TDC) for high-resolution runtime measurements in magnetostrictive sensors, LiDAR applications and volume flow measurements

RISC-V Processors for Safety and Security

Fraunhofer IMS offers functional safety and cyber security with processor cores on an RISC-V basis.

Inductive Sensors

Read out circuits for inductive sensors that can be applied even in harsh environments due to their non-contact, wear-free work principle.

GaN power modules - PENTA program »GaNext«

The project focuses on the development of an intelligent power module (IPM) based on GaN devices. 

Overview Pages

ASICs (Home)

We offer analog, digital and mixed-signal ASIC and IC design solutions for reliable and trustworthy electronics

Applications

We offer applications for ASIC and IC design solutions from the fields of industry, medical technology, automotive and logistics.

Technologies

Fraunhofer IMS offers ready for use solutions and IP for the integration into your ASIC for many different areas.

Customer Benefits

We develop ICs for industrial sensor systems, automotive and medical technology and are the ideal partner for customer-specific IC-/ASIC-based electronic systems.

Download