Renesas Data at Rest Application Note
Application Note
Renesas RA Family
Securing Data at R est Utilizing the Renesas Security
MPU
Introduction
This application project discusses the considerations for securing Data at Rest in an embedded system and
provides guidelines on how to use the Security MPU hardware feature of the RA Family MCUs to implement
a secure Data at Rest solution. At the time of release of this App lica ti on Proj ec t, the group of RA Family
MCUs which include the Security MPU are RA6M3, RA 6M2, R A6M1, RA4M1, RA4W1 and RA2A1. Securing
Data at Rest refers to the features and services provided to protect sensitive data residing on a device which
may or may not be modifiable.
Note: In the following sections within this application note, “RA MCUs” refers to RA MCU Groups RA6M3,
RA6M2, RA6M1, RA4M1, RA4W1 and RA2A 1 only.
RA MCUs offer data encryption, authentication schemes, and read/write and write-once access protection
from CPU and bus masters for secure Data at Rest designs. In addition, RA MCUs provide security functions
that disable control of certain security-related peripherals from non-secure software access.
For internal flash applications, this application project provides usage examples for sensitive data read
protection, write protection, read/write protection, write-once protection, and write-once with read protection.
For internal SRAM usage, this application project provides usage examples for read and write protection.
Upon completion of this guide, you will be able to use the secure Data at Rest features and solutions
provided by RA MCUs in your own design, configure the secure components correctly for the target
application, and write code using the included application example code as a reference. This guide provides
a step-by-step operational flow for setting up the memory access features to efficiently use the security
features of the RA MCU. More detailed hardware feature and API descriptions are available in the hardware
user manual and the Flexible Software Package (FSP) User’s Manual (see References section).
Required Resources
Development tools and software
• The e
• Renesas Flex Software Package (FSP) v2.2.0 or later
• SEGGER J-link
• Visual Studio 2017 Community Version (https://visualstudio.microsoft.com/downloads/
• Download and install Renesas Flash Programmer V3 using https://www.renesas.com/us/en/software-
• SEGGER J-Link V6.86 or later (segger.com/downloads/jlink/)
Hardware
• EK-RA6M3, Evaluation Kit for RA6M3 MCU Group (renesas.com/ra/ek-ra6m3
• Workstation running Wind o w s® 10; the Tera Term console, or similar a pp lic ation
• Two USB device cables (type-A male to micro-B male)
2
studio ISDE v2020-10 or greater
®
USB driver
The above three software components: the FSP, J-Link USB drivers and e2 studio are bundled in a
downloadable platform installer available on the FSP webpage at renesas.com/ra/fsp
Other tools:
tool/renesas-flash-programmer-programming-gui#downloads
)
)
Prerequisites and Intended Audience
This application project assumes you have some experience with the Renesas e2 studio ISDE and FSP.
Before you perform the procedures in this application note, follow the procedure in the EK-RA6M3-Quick
Start Guide to build and run the Out of Box program. Doing so enables you to become familiar with e
and the FSP and validates that the debug connection to your board functions properly. In addition, this
2
studio
R11AN0416EU0130 Rev.1.30 Page 1 of 46
Dec.15.20
Renesas RA Family Securing Data at Rest Utilizing the Renesas Security MPU
application project assumes you have some knowledge on RA6M3 flash memory or gan izati on and
customizing e
The intended audience are users who are interested in developing secure Data at Rest solutions with RA
MCUs.
2
studio linker script.
Contents
1. Secure Data Overview ............................................................................................................. 4
1.1 Sensitive Data at Rest Topology ............................................................................................................. 4
1.2 Data at Rest Security Measures .............................................................................................................. 4
1.2.1 Data Encryption ..................................................................................................................................... 4
1.2.2 Data Access Control .............................................................................................................................. 4
1.3 Data at Rest Risk Profile and Attack Surface Analysis ........................................................................... 6
1.4 Secure Data at Rest with and without Secure Boot Loader .................................................................... 6
2. RA MCU Features for Secure Data at Rest ............................................................................. 6
2.1 Overview of RA MCU Security Elements ................................................................................................ 7
2.2 Security MPU ........................................................................................................................................... 7
2.2.1 Secure Data Regions ............................................................................................................................ 7
2.3 Flash Access Window (FAW) ................................................................................................................ 11
2.3.1 Using the Security MPU and FAW for Code Flash Write Protection ................................................... 11
2.4 Debugging Security Considerations ...................................................................................................... 13
2.5 Notes on Arm MPU, Bus Master MPU, Bus Slave MPU ....................................................................... 13
2.6 Other Security Elements ....................................................................................................................... 13
2.6.1 Secure Crypto Engine (SCE) .............................................................................................................. 13
3. Configuring the Security Elements ......................................................................................... 14
3.1 Overview of RA MCU Option-Setting Memory ...................................................................................... 14
3.2 Configuring the Security MPU ............................................................................................................... 15
3.2.1 Setting up the Security MPU Registers ............................................................................................... 15
3.2.2 Locating Secure Code/Data to a Specific Memory Region ................................................................. 16
3.2.3 Resetting the Security MPU registers ................................................................................................. 16
3.3 Configuring the FAW ............................................................................................................................. 16
3.3.1 Setting up the FAW Region ................................................................................................................. 16
3.3.2 Clearing the FAW Regions .................................................................................................................. 16
3.4 Permanent Locking of the FAW Region ................................................................................................ 17
3.5 Setting up the Security Control for Debugging ...................................................................................... 17
3.5.1 Methods of Setting the OSIS ID Code ................................................................................................ 18
3.5.2 Method of Setting up the OSIS ID Code for Debugging ..................................................................... 19
3.5.3 Method of Resetting the OSIS ID code ............................................................................................... 19
4. Operational Flow using Security MPU and FAW .................................................................... 19
4.1 Internal Flash and SRAM Read Protection ........................................................................................... 19
4.2 Internal Flash Write Protection .............................................................................................................. 20
R11AN0416EU0130 Rev.1.30 Page 2 of 46
Dec.15.20
Renesas RA Family Securing Data at Rest Utilizing the Renesas Security MPU
4.2.1 Operational Flow ................................................................................................................................. 21
4.3 Internal Flash and SRAM Read/Write Protection .................................................................................. 21
4.3.1 Operational Flow ................................................................................................................................. 21
4.4 Internal Flash Write-Once Protection .................................................................................................... 22
4.4.1 Operational Flow ................................................................................................................................. 22
4.5 Internal Flash Write-Once and Read Protection ................................................................................... 22
4.5.1 Operational Flow ................................................................................................................................. 22
4.6 Operation Notes .................................................................................................................................... 23
4.6.1 Memory Allocation ............................................................................................................................... 23
4.6.2 Limitations on Programming the Option-S ett ing Me mo r y ................................................................... 23
4.6.3 Factory Bootloader Accessibility ......................................................................................................... 23
4.6.4 Access Secure Function from Non-Secure Functions ........................................................................ 23
4.6.5 Debugger Access to the Security MPU Regions ................................................................................. 23
2
5. Security Application e
5.1 Project 1: e2 studio project - Internal Flash and SRAM Read Write Protection .................................... 24
5.1.1 Software Architecture Overview .......................................................................................................... 24
5.1.2 Memory Allocation Arrangement ......................................................................................................... 25
studio Projects: Internal Flash and SRAM ......................................... 23
5.1.3 Functionality Description ..................................................................................................................... 27
5.1.4 Establishing and Running Software from Secure SRAM Region ........................................................ 28
5.1.5 Importing and Building the Project ...................................................................................................... 29
5.1.6 Hardware Setup................................................................................................................................... 29
5.1.7 Verifying the Secure Functi ona lities .................................................................................................... 29
5.1.8 Migrating to Other RA MCUs ............................................................................................................... 36
5.2 Project 2: e2 studio Project - Reset the Security MPU and FAW setting .............................................. 36
5.3 Project 3: PC Application to Permanently Lock the FAW...................................................................... 38
5.4 Example Reset J-Link Script for the Security MPU and FAW ............................................................... 40
5.5 J-Link Scripts for Resetting OSIS ID code for RA6M3 .......................................................................... 41
6. Secure Data at Rest Next Steps ............................................................................................ 44
6.1 Secure Data Encryption and Authentication ......................................................................................... 44
6.2 External Storage Secure Data at Rest .................................................................................................. 44
6.3 Example using the Security MPU Security Functions ........................................................................... 44
7. References ............................................................................................................................ 44
8. Website and Support ............................................................................................................. 45
Revision History ............................................................................................................................ 46
R11AN0416EU0130 Rev.1.30 Page 3 of 46
Dec.15.20
Renesas RA Family Securing Data at Rest Utilizing the Renesas Security MPU
1. Secure Data Overview
With the dawn of AI, IoT, and Cloud connectivity, digital data security has become the number one priority
when protecting trade secrets and personal privacy.
Secure data technology includes Data in Transit and Data at Rest. Data in Transit, or data in motion is
data actively moving from one location to another, such as across the internet or through a private network.
Data in Transit protection is the protection of data while it is traveling from network to network or being
transferred from a local storage device to a cloud storage device. Data at Rest is data that is not actively
moving from device to device or network to network, such as data stored on a hard drive, laptop, flash drive,
embedded memory, or archived/stored in some other way. Data at Rest protection aims to secure inactive
data stored on any device or network. This application project focuses on Data at Rest design in an
embedded environment using a RA MCU.
Data at Rest protection uses Data Encryption and Data Access Control as major security measures.
This application project provides detailed steps to establish the Write Once and Read/Write Access Control
for a RA MCU as well as guidelines for applying these security features to a wide range of secure Data at
Rest applications. Data Encryption is not covered in this release and may be provided in later releases.
When considering securing Data at Rest, one should consider the impact of using a secure boot solution to
the overall application design.
1.1 Sensitive Data at Rest Topology
In an embedded system, secure data can reside in volatile data storage (MCU’s internal SRAM or external
SDRAM) or non-volatile data storage (such as MCU’s internal flash storage, external QSPI storage, and
external EEPROM storage.) As part of the application security design, one must consider the topology of the
data based on its use case. As an example, in a medical device, some data (like bloo d press ur e measur e d
every 5 minutes) can be stored in volatile memory while other types of data (daily blood pressure averages)
may need to be stored in non-volatile memory for future use. One should consider the nature of the data and
therefore determine its topology before beginning the design as this decision will have an impact on securing
the data.
With the first release of this application project, example code will be available to demonstrate how to secure
data that resides in an internal SRAM or internal flash storage. The follow-on release of this application
project will describe the methodology and provide sample projects to secure data in external storage (QSPI,
EEPROM, and so forth.)
1.2 Data at Rest Security Measures
Encryption and Access Control are two of the main secure Data at Rest protection schemes that will be
discussed in this application project. These two schemes apply to both volatile and non-volatile storage types
including internal and external storage. With the first release of this application project, access control for
internal storage (both volatile and non-volat ile) w ill be c over ed with exa mp le proj ec ts.
1.2.1 Data Encryption
Data Encryption is widely used in both secure Data at Rest and Data in Transit.
®
Securing internal data through encryption is increasingly becoming a necessity for small Arm
as these devices are used more in networking and communication applications. Secure Data at Rest almost
always means the data is encrypted or certain protocols exist that include encryption to protect the data from
unauthorized access. The SCE (Secure Crypto Engine) feature of RA MCUs are, for example, used to
generate encrypted private key s .
An example use of encryption of Data at Rest is encryption of data in external storage. An embedded system
could use an AES key to encrypt sensitive data and code that resides on the external storage. Upon
successful authentication, the external code data can be decrypted and used.
1.2.2 Data Access Control
Increased demands for device connectivity as well as increased complexity in embedded systems result in
more potential attack surfaces exposed. Controlled access to the secure data effectively reduces the attack
surface, thus increasing system security. The following is a brief introduction to possible use cases where
access controls provided in RA MCUs can be applied.
Cortex MCUs
R11AN0416EU0130 Rev.1.30 Page 4 of 46
Dec.15.20
Renesas RA Family Securing Data at Rest Utilizing the Renesas Security MPU
1.2.2.1 Read Protection
Sensitive data and code residing in flash and SRAM can have read protection properties set such that only
software granted with read permission can access them. RA MCUs have a Security MPU unit that can help
establish sensitive regions with read protection.
• Section 2.2 introduces the Security MPU’s functionality
• Section 3.2 provides the configuration methods for the Security MPU
• Section 4.1 explains the operational flow of establishing read protection using the Security MPU .
1.2.2.2 Write Protection
It is important to protect sensitive data from being maliciously modified or erased. Volatile and non-volatile
data can be write-protected to avoid unauthorized writes by using the memory options setting in RA MCUs.
There are two ways to establish flash write protection:
• The RA MCU Security MPU can disable the flash erase and write access from non-secure software
access. See section 2.2 for details.
• The RA MCU Flash Access Window (FAW) can protect sensitive flash data from being modified by
secure and non-secure software.
Section 2.3 introduces the FAW functionality
Section 3.3 provides the configuration methods for the FAW
Section 4.2 explains the operational flow of establishing write protection using the FAW.
1.2.2.3 Read/Write Protection
Read/write protection reduces the attack surface from malware and IP theft. For internal flash data, similar to
write protection, there are two ways RA MCUs can provide read/write protection:
• The RA Security MPU can disable read and write access to the security MPU flash and SRAM regions
from non-secure software.
• When the Security MPU and FAW are used together, the sensitive data in flash can be read and write
protected from both secure and non-secure software. An example project for this use case is provided in
this release.
Section 4.3 explains the operational flow of establishing read and write protec tio n us ing the Security
MPU and FAW.
1.2.2.4 Write-Once Protection
In some use cases, sensitive Data at Rest needs to be protected from access or alteration for the lif eti me of
the device. For example, a secure boot loader must be immutable for the lifetime of the product. For use
cases where the data resides on internal flash, FAW settings can be programmed to provide write-once
protection.
It is important to note the implication of using a secure boot manager in your design. If your end application
uses a secure bootloader, then special consideration must be taken to include the write-once data memory
regions for the application with the regions that the secure bootloader reserves for its own. This must be
done because setting the Flash Access Window (FAW) properties to implement the write once policy can
only be done once for the lifetime of the device. In other words, once the FAW policies are programmed, they
cannot be changed.
• Section 4.4 explains the operational flow of establishing write-once secure data and program usage.
1.2.2.5 Write-Once and Read Protection
Write-once protected data can be optionally read protected. When handling sensitive data, read protection
can be provided to the write-once protected flash data such that only secure software can read the contents.
For RA MCUs, this is realized by using both the Security MPU and FAW.
• Section 4.5 explains the operational flow of establishing write-once and read protection for RA MCUs.
R11AN0416EU0130 Rev.1.30 Page 5 of 46
Dec.15.20
Renesas RA Family Securing Data at Rest Utilizing the Renesas Security MPU
1.3 Data at Rest Risk Profile and Attack Surface Analysis
To fully consider and design for secure Data at Rest in an embedded environment, one should thoroughly
consider the following topics:
1. Consider who will have access to the sensitive data in the embedded system.
2. Consider if the CPU bus can access the sensitive data.
3. Consider if other bus masters can access the sensitive data. If so, determine which peripheral the bus
master connects to, and what entity this peripheral communicates with.
4. Consider if the debugger can access the sensitive data.
5. Consider the robustness of the application design such that there are measures taken against the
application itself to accidently damage the sensitive data by overwriting the security policies and
measures in place.
Reducing the attack surface helps in all of the above situations. Securing the entire MCU’s memory may not
effectively enhance the overall data security, since a larger attack surface translates to a higher chance that
hackers will find a weak point. A good guideline for securing sensitive data is to design the application such
that only the minimum amount of data is secured, and access is controlled throu g h str ateg ical in ter faces .
The analysis of a system’s risk profile and attack surface is outside of the scope of this application note;
however, the security measures offered by RA MCUs will be introduced to help in reducing the attack surface
and minimizing the system’s risk profile.
1.4 Secure Data at Rest with and without Secure Boot Loader
Whether your system will or will not use a secure bootloader solution will have an impact on how to
implement secure Data at Rest.
As mentioned before in section 1.2.2 Data Access Control, there may be a need for the application to protect
sensitive data for the lifetime of the device and a secure boot manager is being used. In this case, one must
consider the setting of FAW (Flash Access Window) properties appropriately to ensure that the applicationspecific sensitive data can be allocated in the region unmodifiable by FAW and programmed onto the MCU
at the same time the secure boot manager is programmed during the manufacturing provisioning process. In
addition, if the application must protect sensitive data with read protection only, the Security MPU region
needs to be appropriately considered to ensure that the application-specific read-protected sensitive data
can be allocated within the Security MPU reg ion.
It is worth noting that RA MCUs allocate the Security MPU setting in the first block of the user flash (which is
a block of 8 KB flash). As a result, if there is a need to permanently lock the Security MPU settings, the first
8 KB of internal flash needs to be part of the write-once flash region.
2. RA MCU Features for Secure Data at Rest
RA MCUs provide a rich set of hardware features to address secure Data at Rest needs. From a hi gh leve l,
RA MCUs support the following data protection features:
• Write Once access control for internal flash
• Read/write access control for internal flash
• Read/write access control for internal SRAM
• Data access protection from bus masters and debuggers
• Hardware data encryption support for both volatile and non-volatile, internal and external storage
• Security functions to disable certain peripherals from being accessed by a non-secure program
This chapter will introduce the hardware features that can support the above security features without getting
into the operational details. Details on the configurations of these hardware components are provided in
section 3.
Integration of the MCU internal data access control with encryption support for external data provides a
consistent level of security support for the entire embedded system.
R11AN0416EU0130 Rev.1.30 Page 6 of 46
Dec.15.20
Renesas RA Family Securing Data at Rest Utilizing the Renesas Security MPU
MCU Groups ►
RA6M3, RA6M2,
RA4M1
RA2A1
MCU Feature▼
Security MPU
Yes
Yes
Yes
FAW
Yes
Yes
Yes
SCE
Yes (*)
Yes (*)
Yes (*)
OSIS Register
Yes
Yes
Yes
2.1 Overview of RA MCU Security Elements
Following is a list of security elements on the RA MCUs.
• Security MPU
• Flash Access Window (FAW)
• Secure Crypto Engine (SCE)
• Debug Protection with OSIS
Table 1 summarizes the availability of the secure elements on the RA MCUs.
Table 1. Secure Elements of RA MCUs
RA6M1
Note: * Refer to section 2.6.1 for details on the SCE support for RA MCU families. RA2A1 MCU hardware
user manual named the Secur ity and Encryption hardware bl ock differently compared with t he
other part.
This section also explains how the Arm
Data at Rest from a high level.
®
MPU, bus master MPU, and bus slave MPU operation relate to
2.2 Security MPU
The Security MPU feature of RA MCUs implements a set of versatile data security policies by creating
isolation between different s oftwar e and hardware components. Identif ication of secure and non-secure
program and data is based on address location.
The Security MPU settings are read and applied before the reset vector is fetched, and therefore apply
before any code is executed.
Security MPU exists on every RA MCU.
2.2.1 Secure Data Regions
Figure 1 describes the available secure data regions and secure program regions provided by the Security
MPU. Each region is defined by a pair of start and end addresses and an enable bit.
R11AN0416EU0130 Rev.1.30 Page 7 of 46
Dec.15.20
Figure 1. Security MPU Secure Regions
Renesas RA Family Securing Data at Rest Utilizing the Renesas Security MPU
The Security MPU provides four secure data regions, as shown in Figure 1.
• One secure flash data region (located in the MCU’s code flash region). Note that in terms of Security
MPU usage, the secure flash data region can contain both secure flash data and secure flash program.
Figure 2. Secure Flash Data Region
• One secure SRAM data region. Note that in terms of Security MPU usage, secure SRAM data region can
contain both secure SRAM data and secure SRAM program.
Figure 3. Secure SRAM Data Region
• Two security function regions
Security function region for the SCE (Secure Crypto Engine): address 0x400C0000 to 0x400DFFFF
• This region maps to the RA MCU’s internal peripheral bus 7
• When this security function is enabled, the SCE cannot be controlled from a non-secure program
Security function for the flash (code and data) erase and program (E/P): address 0x40100000 to
0x407FFFFF
• This region maps to the RA MCU’s internal peripheral bus 9
• When this security function is enabled, the flash cannot be put in erase and program mode from a
non-secure program
• Note that this security function does not control TSN even though it is in the same memory space.
R11AN0416EU0130 Rev.1.30 Page 8 of 46
Dec.15.20
Renesas RA Family Securing Data at Rest Utilizing the Renesas Security MPU
Figure 4. Security Function Regions
2.2.1.1 Secure Program
The Security MPU provides two secure program regions, each defined by a pair of start and end Program
Counter (PC) addresses and an enable bit. There can be one secure flash program region and one secure
SRAM program region. For security purpose, it is recommended that the secure program regions are located
within the secure flash and secure SRAM data region respectively as shown in Figure 1.
Note: The secure program region can reside outside of the secure flash and secure SRAM region; however,
in this case, there is a security hole. The secure program in Flash and SRAM can be read by nonsecure software.
Non-secure program and secure program can make function calls into each secure and non-secure region,
which provides efficiency in embedded system design.
2.2.1.2 Secure Access Monitor and Protection
• The Security MPU monitors and protects secure flash and secure SRAM data regions (Region 0 and
Region 1) from unauthorized CPU read from the D Code bus (Data access), as shown in Figure 5. The
I Code bus (Instruction access) is not monitored. This allows secure instructions to be accessed by the
non-secure program.
• The Security MPU monitors and protects secure SRAM data and security function regions from system
bus access (such as debugger access), as shown in Figure 5.
• The Security MPU monitors and protects all four secure data regions from access from the three bus
master groups. See the hardwar e user’s manual for definition of the bus master groups.
R11AN0416EU0130 Rev.1.30 Page 9 of 46
Dec.15.20
Renesas RA Family Securing Data at Rest Utilizing the Renesas Security MPU
Figure 5. Data Protection for Security MPU Regions
The table in Figure 6 describes the details of CPU access and debugger access to the secure and nonsecure regions.
• indicates that the bus master on the left is granted access to the region on the top
• indicates that the bus master on the left is not granted access to the region on the top
Note: The secure program located in the SRAM region other than the SRAMHS region cannot be fetched by
a non-secure program as marked by the red box shown in Figure 6.
Configuration details of the Security MPU are described in section 3.2.
Figure 6. CPU and Debugger Access Summary
R11AN0416EU0130 Rev.1.30 Page 10 of 46
Dec.15.20
Renesas RA Family Securing Data at Rest Utilizing the Renesas Security MPU
2.3 Flash Access Window (FAW)
The Flash Access Window (FAW) defines one contiguous flash region within the MCU flash space. Within
this region, the flash erase and write operation is allowed from both secure and non-secure program. The
access window is only valid in the program flash area. The access window provides protection in selfprogramming mode, serial programming mode, and on-chip debug mode.
The FAW region setting uses flash block boundaries as the start and end addresses of the flash access
window. There is one bit (FSPR bit) in the FAW control register that, when cleared, disables any possible
update to the flash access window setting for the lifetime of the device. The internal flash write-once
protection uses this bit to implement the write-once protection.
Refer to section 3.3 for configuration details on the FAW.
Figure 7. Flash Access Window
2.3.1 Using the Security MPU and FAW for Code Flash Write Protection
As explained in section 1.2.2, there are two ways to establish flash region write protection. In this application
project, the FAW is used to establish flash write protection. Figure 8 summarizes the code flash read, erase
and programming access control when the Security MPU is used in conjunction with the FAW, and the
security function is not enabled.
R11AN0416EU0130 Rev.1.30 Page 11 of 46
Dec.15.20
Renesas RA Family Securing Data at Rest Utilizing the Renesas Security MPU
Figure 8. Code Flash Read, Erase, and Program Control when Security Function is not Enabled
R11AN0416EU0130 Rev.1.30 Page 12 of 46
Dec.15.20
Renesas RA Family Securing Data at Rest Utilizing the Renesas Security MPU
2.4 Debugging Security Considerations
The RA MCUs provide OCD/serial programmer ID code protection with the OSIS register. The OSIS register
stores the ID for ID code protection of the OCD/serial programmer. Once the OSIS register ID code is set for
the MCU, the user must provide the matching ID code when connecting an OCD/serial programmer. If the
ID code matches, debugging is allowed; otherwise, the debugging process is not allowed. Configuration of
the OSIS ID code protection is described in section 3.5.
2.5 Notes on Arm MPU, Bus Master MPU, Bus Slave MPU
This section explains how the MPU, Bus Master MPU, and Bus Slave MPU relate to Data at Rest design.
Refer to the Arm
Refer to RA MCUs hardware user’s manuals to understand the definition and settings of the Bus Master and
Bus Slave MPUs.
While these three MPUs intend to catch inadvertent accesses to the regions defined by these MPUs, they do
not provide protection of reading and updating the register settings from non-secure program. The register
settings of these MPUs are not protected from reading by a debugger nor by non-secure programs. Secure
and non-secure programs can follow correct procedures to update the registers.
In addition, the MPU regions defined by these three MPUs do not provide the same level of security
compared to the protection prov ide d by the Security M PU:
• A debugger can access the protected regions
• A read-protected region (without write protection) can be written by secure and non-secure code
• A write-protected region (without read protection) can be read by secure and non-secure code
• A read/write-protected region cannot be read nor written by either secure or non-secure code
®
Cortex technical user manual to understand the definition and settings of the Arm MPU.
2.6 Other Security Elements
2.6.1 Secure Crypto Engine (SCE)
The Secure Crypto Engine (SCE) hardware block on RA MCUs provides data encryption and authentication
capability. Following are the encryption and authentication algorithms supported.
2.6.1.1 Security Algorithms
• Symmetric algorithms: AES
• Asymmetric algorithms: RSA and ECC
• MCU support status:
RA6M3, RA6M2, and RA6M1 MCU Groups support all the above symmetric and asymmetric
algorithms
RA4M1, RA4W1, and RA2A1 support only symmetric algorithms
Configuration details of the SCE is outside the scope of this application project. Refer to the hardware user
manual and FSP user manual for operational details.
2.6.1.2 Other Crypto Security Features
• TRNG (True Random Number Generator)
• Hash value generation: SH A1, SH A22 4, SHA 256 , GH ASH
• 128-bit unique ID
• MCU support:
RA6M3, RA6M2, and RA6M1 support this entire group of features
RA4M1, RA4W1 supports AES, TRNG and GHASH
RA2A1 supports AES and TRNG.
R11AN0416EU0130 Rev.1.30 Page 13 of 46
Dec.15.20
Renesas RA Family Securing Data at Rest Utilizing the Renesas Security MPU
3. Configuring the Security Elements
This section explains the detailed process to setup the Security MPU, FAW, and the OSIS ID register to
provide the desired security level for Data at Rest security design. It also explains how to undo the security
feature settings in the development stage. In addition, steps needed to lock the security features in the MCU
are provided.
3.1 Overview of RA MCU Option-Setting Memory
The Security MPU and the FAW registers are in the MCU Option-Setting Memory, as shown below. The
option-setting memory is in the flash user area. Setting these registers requires different procedures
compared to erasing and programming the other part of the code and data flash area. Figure 9 is an
example location of the option-setting mem or y based o n RA6M3. Other MCUs can have the FAW register
located at a different loc at io n. Refer to the hardware user’s manual for the exact location for the MCU
involved.
Figure 9. Option-setting Memory Area
As we can see from Figure 9, the Security MPU registers are allocated in the first sector of the program flash
area. The FAW register and OSIS register settings are allocated in the configuration setting area.
With FSP 0.8 or lower, we recommend using the following methods to set up the Security MPU and FAW
registers:
• Use the RA MCU configurator to define the Security MPU registers. Section 3.2.1 describes this method.
• Use the FSP flash driver API to configure the FAW register when locking the register settings is not
required. Use the factory bootloader to lock the FAW register setting. Section 3.3 describes this method.
Other methods of setting the Security MPU and FAW registers include the following:
• Use a J-Link script.
• Use a serial port to communicate with the MCU’s factory bootloader and use the factory bootloader’s
utilities (section 3.4 describes using this method to clear the locking bit, FSPR and hence permanently
lock the FAW register setting).
R11AN0416EU0130 Rev.1.30 Page 14 of 46
Dec.15.20
Renesas RA Family Securing Data at Rest Utilizing the Renesas Security MPU
3.2 Configuring the Security MPU
This section describes the steps needed to set up and reset the Security MPU registers.
3.2.1 Setting up the Security MPU Registers
Through the RA MCU configurator FSP BSP tab, users can define and enable the four secure data regions
and the two secure program regions.
Figure 10. Security MPU Configuration
The following list describes all the regions defined by the above property fields (in bold).
• Secure flash program
PC0 Start and PC0 End: program counter region for the secure flash program
Enable or disable PC Region 0: enable or disable the secure flash program
• Secure SRAM program
PC1 Start and PC1 End: program counter region for the secure SRAM program
Enable or disable PC Region 1: enable or disable the secure SRAM program
• Secure flash data region
Memory Region 0 Start and Memory Region 0 End: secure flash data region start and end
addresses
Enable or disable Memory Region 0: enable or disable the secure flash data region
• Secure SRAM data region
Memory Region 1 Start and Memory Region 1 End: secure SRAM data region start and end
addresses
Enable or disable Memory Region 1: enable or disable the secure SRAM data region
• Security Function Region 1
Memory Region 2 Start and Memory Region 2 End: security function 1 start and end addresses
(must be the address space for internal peripheral bus 7 or 9, see description that follows)
Enable or disable Memory Region 2: enable or disable the security function 1
• Security Function Region 2
Memory Region 3 Start and Memory Region 3 End: security function 2 start and end addresses
(must be the address space for internal peripheral bus 7 or 9, see description that follows)
Enable or disable Memory Region 3: enable or disable security function 2
See section 4.1 for the operational flow of using the Security MPU in an application project.
R11AN0416EU0130 Rev.1.30 Page 15 of 46
Dec.15.20
Loading...