Protection Profile List

Protection Profile for Single Chip
Microcontroller equipped with a secure cryptographic unit

National Institute of Advanced Industrial Science and Technology
Protection Profile Name :
Protection Profile for Single Chip
Microcontroller equipped with a secure cryptographic unit
Version of PP :
Technology Type :
Single Chip Microcontroller for embedded device
Certification Identification :
Date :
Version of Common Criteria:
3.1 release5
Conformance Claim :
EAL1 Augmented with ASE_SPD.1, ADV_ARC.1, ADV_FSP.2, ADV_TDS.1, ALC_FLR.1, AVA_VAN.2, AVA_SCU_EXT.1
PP Identifier :
Procurement Entity :


Description of PP

This PP specifies security requirements for a single-chip microcontroller with an SCU (Secure Cryptographic Unit) equipped in an embedded device.
The TOE conformant to this PP is a microcontroller for embedded devices that are so-called IoT edge devices such as sensors, actuators, and surveillance cameras.
The SCU consists of a cryptographic engine, a software gate allowing access to the cryptographic engine via “software gate APIs,” and a hardware gate.


PP security functionality

This PP requires the following security functionalities:

- Monitoring access to the cryptographic function:
  A function that detects and responds to an attacker’s unauthorized use of the cryptographic function through the operation of the software gate and the hardware gate
- Self-protection function:
  A function that prevents unintended information leakage, which is caused by radiated electromagnetic and power consumption during the SCU operation, and disclosure of information useful for attackers
A function that detects and responds to physical attacks
- Secure boot function:
  A function that verifies the integrity of the software gate and the application software when startup
- Store keys:
  A function that store keys into a non-volatile memory in ToE, which protects the confidentiality and integrity by cryptography.
- Import user keys:
  A function that imports key storage containing user keys and secret information from external entities to the TOE while protecting the confidentiality.
- Trusted update function:
  A function that obtains a correct version of the application software, verifies its authenticity and integrity and then updates it while preventing rollbacks.