Last Updated 2024-09-02
- Protection Profile Name :
-
Protection Profile for Single Chip
Microcontroller equipped with a secure cryptographic unit
- Version of PP :
- 1.20
- Technology Type:
- Single Chip Microcontroller for embedded device
- Certification Identification :
- JISEC-C0764
- Date :
- 2022-09-30
- Version of Common Criteria:
- 3.1 release5
- Conformance Claim :
- EAL1 Augmented with ASE_SPD.1, ADV_ARC.1, ADV_FSP.2, ADV_TDS.1, ALC_FLR.1, AVA_VAN.2, AVA_SCU_EXT.1
- PP Identifier :
- None
- Procurement Entity :
- -
- Sponsor :
- National Institute of Advanced Industrial Science and Technology
-
- POC :
- Hirotaka Yoshida
- Division :
- Cyber Physical Security Research Center
- Phone :
- +81-3-3599-8001
- E-mail :
-
- Evaluation Facility :
- ECSEC Laboratory Inc. Evaluation Center
- Certification/Validation Report :
(658 KB)(2024-09-02) - CC Certificate Image :
(228 KB)(2024-07-18) - Protection Profile :
(1.8 MB)(2024-09-02)
PRODUCT DESCRIPTION
Description of PP
This PP specifies security requirements for a single-chip microcontroller with an SCU (Secure Cryptographic Unit) equipped in an embedded device.
The TOE conformant to this PP is a microcontroller for embedded devices that are so-called IoT edge devices such as sensors, actuators, and surveillance cameras.
The SCU consists of a cryptographic engine, a software gate allowing access to the cryptographic engine via “software gate APIs,” and a hardware gate.
PP security functionality
This PP requires the following security functionalities:
- Monitoring access to the cryptographic function:
A function that detects and responds to an attacker’s unauthorized use of the cryptographic function through the operation of the software gate and the hardware gate - Self-protection function:
A function that prevents unintended information leakage, which is caused by radiated electromagnetic and power consumption during the SCU operation, and disclosure of information useful for attackers
A function that detects and responds to physical attacks - Secure boot function:
A function that verifies the integrity of the software gate and the application software when startup - Store keys:
A function that store keys into a non-volatile memory in ToE, which protects the confidentiality and integrity by cryptography. - Import user keys:
A function that imports key storage containing user keys and secret information from external entities to the TOE while protecting the confidentiality. - Trusted update function:
A function that obtains a correct version of the application software, verifies its authenticity and integrity and then updates it while preventing rollbacks.