- Protection Profile Name :
-
Protection Profile for Single Chip
Microcontroller equipped with a secure cryptographic unit
- Version of PP :
- 1.20
- Technology Type :
- Single Chip Microcontroller for embedded device
- Certification Identification :
- JISEC-C0764
- Date :
- 2022-09-30
- Version of Common Criteria:
- 3.1 release5
- Conformance Claim :
- EAL1 Augmented with ASE_SPD.1, ADV_ARC.1, ADV_FSP.2, ADV_TDS.1, ALC_FLR.1, AVA_VAN.2, AVA_SCU_EXT.1
- PP Identifier :
- None
- Procurement Entity :
- -
- Sponsor :
- National Institute of Advanced Industrial Science and Technology
-
- POC :
- Hirotaka Yoshida
- Division :
- Cyber Physical Security Research Center
- Phone :
- +81-3-3599-8001
-
E-mail :
- Evaluation Facility :
- ECSEC Laboratory Inc. Evaluation Center
PRODUCT DESCRIPTION
Description of PP
This PP specifies security requirements for a single-chip microcontroller with an SCU (Secure Cryptographic Unit) equipped in an embedded device.
The TOE conformant to this PP is a microcontroller for embedded devices that are so-called IoT edge devices such as sensors, actuators, and surveillance cameras.
The SCU consists of a cryptographic engine, a software gate allowing access to the cryptographic engine via “software gate APIs,” and a hardware gate.
PP security functionality
This PP requires the following security functionalities:
| - | Monitoring access to the cryptographic function: |
| A function that detects and responds to an attacker’s unauthorized use of the cryptographic function through the operation of the software gate and the hardware gate | |
| - | Self-protection function: |
| A function that prevents unintended information leakage, which is caused by radiated electromagnetic and power consumption during the SCU operation, and disclosure of information useful for attackers A function that detects and responds to physical attacks |
|
| - | Secure boot function: |
| A function that verifies the integrity of the software gate and the application software when startup | |
| - | Store keys: |
| A function that store keys into a non-volatile memory in ToE, which protects the confidentiality and integrity by cryptography. | |
| - | Import user keys: |
| A function that imports key storage containing user keys and secret information from external entities to the TOE while protecting the confidentiality. | |
| - | Trusted update function: |
| A function that obtains a correct version of the application software, verifies its authenticity and integrity and then updates it while preventing rollbacks. |