STMicroelectronics’ STM32U5 General-Purpose Microcontrollers Achieve PSA Certified Level-3 and SESIP3 Security Certifications
August 04, 2021
STMicroelectronics announced PSA Certified Level-3 and SESIP 3 certifications for its general-purpose secure STM32U585 microcontroller, passing tests for logical, board, and basic physical resistance that confirm a substantial level of cyber protection.
With tamper resistance and software protection, the STM32U585 is also suitable for controlling PIN Transaction Security (PTS) equipment that must satisfy Payment Card Industry Security Standards Council (PCI SSC) requirements. As a secure, general-purpose microcontroller, the STM32U585 offers a solution that is designed to simplify the design and production of Point-Of-Sale (POS) and self-service payment terminals.
According to the company, achieving recognition as an official PTS Approved Device requires a dedicated security chip to resist online and side-channel attacks, with a separate microcontroller (MCU) to manage features such as the keyboard, display, and USB connection. The STM32U585 can now consolidate all these capabilities, enabling a simplified design and streamlining production logistics from purchasing and inventory management to final assembly. Terminal makers can also test and certify their products to applicable standards such as PCI PTS v6.
The STM32U585 is compliant with Arm Trusted Base System Architecture (TBSA) requirements and features Arm TrustZone architecture. Typical security features for connected devices are included, including cryptographic accelerators, secure data storage, secure firmware installation, secure boot, and secure firmware update.
Additional security features are designed to further elevate cyber protection over and above that of typical general-purpose MCUs. These include internal monitoring that erases secret data in the event of a perturbation attack, which contributes towards meeting PCI SSC requirements for POS applications. Even further protection includes hardening of encryption of symmetric and asymmetric public-key accelerators (AES, PKA) against attacks with side-channel analysis (SCA), a hardware unique key for secure data storage, and built-in active tamper detection.
Ensuring cyber protection for cost- and power-conscious connected devices, the STM32U585 also provides core performance and peripheral integration. The Arm Cortex-M33 embedded core combines with peripherals including two analog-to-digital converters (ADCs), two digital-to-analog converter (DAC) channels, two op-amps, two comparators, and multiple timer channels including general-purpose, low-power, and PWM motor-control timers. Per the company, 40nm process technology and proprietary features developed by ST save power and boost performance. These include autonomous peripherals that can operate while the main circuitry sleeps to save energy, and selectable voltage regulators that cut dynamic consumption to under 19µA/MHz.
As a general-purpose secure MCU in the STM32 portfolio, the STM32U585 is a key element of ST’s STM32Trust roadmap. STM32Trust is ST’s security framework designed to bring together knowledge, STM32 MCUs and MPUs, STSAFE common criteria certified secure elements, tools, hardware and software, and design services to help developers protect their designs and ensure secure connectivity and system integrity.
The STM32U585 is in production now in a 7mm x 7mm UFBGA169 package.
For more information, visit https://www.st.com/en/microcontrollers-microprocessors/stm32u5-series.html.