Taiwan based memory chipmaker Winbond Electronics announced that its TrustME W77Q Secure Flash had obtained Security Evaluation Standard for IoT Platforms (SESIP) Level 2 with Physical Attacker Resistance Certification.
Winbond says with SESIP level 2 certification, W77Q Secure Flash will provide connected devices a higher level of assurance by simultaneously requiring a vulnerability analysis and actual penetration testing on IoT platform design systems using Secure Flash in compliance with security and functional safety standards simultaneously.
Further information shared by Windbond in its release includes:
This is the first certification using GlobalPlatform SESIP Profile for Secure External Memories, and NIST 8259A (IoT device cybersecurity capability core baseline). The certification also claims compliance with IEC 62443 (security for industrial automation and control systems). With the prestigious industry-recognized security certification, TrustME W77Q Secure Flash can simultaneously satisfy emerging cybersecurity demands in IoT applications.
The W77Q family has also been certified with the Common Criteria EAL2+, Functional safety ISO26262 ASIL-C level and FIPS 140-3 CAVP.
W77Q Secure Flash comes in densities of 16Mb, 32Mb, 64Mb and 128Mb; it operates at a frequency of 66MHz in Double Transfer Rate mode and 133MHz in Single Transfer Rate mode. It features a standard single/dual/quad/QPI serial peripheral interface (SPI) and industry-standard packages and pin-outs to facilitate their uses as a drop-in replacement for non-secure SPI NOR Flash devices. W77Q Secure Flash can retain data for over 20 years and perform 100,000 Program/Erase cycles with a wide operating temperature range of -40°C to 105°C.
Complementary to the host chip, W77Q Secure Flash provides the security features of secure boot code storage and authentication, secure firmware update, remote attestation for building platform Root of Trust and firmware resiliency. These outstanding security features are enabled by the below security functions from the perspectives of protection, detection, and recovery:
Data and command authentication
Code integrity protection
Cryptographically secured write protection
Secure code update with rollback protection
DICE-like attestation mechanism
Authenticated Watchdog Timer with an optional hardware reset output
Secure firmware over-the-air update, via an end-to-end secure channel between an update authority (a.k.a. OTA server) and the W77Q even when the host processor or SoC has been compromised.
"We would like to congratulate GlobalPlatform Full Member Winbond for achieving SESIP Level 2 certification," adds Ana Tavares Lattibeaudiere, Executive Director of GlobalPlatform. "SESIP is helping IoT product manufacturers, like Winbond, comply with specific security requirements and regulations. Because the methodology is mappable to other evaluation methodologies, and compliant with many standards and regulations, it reduces the complexity, cost and time-to-market for IoT stakeholders as we all work to bring greater trust to the IoT ecosystem."
"In the world of connected devices, security is becoming strategic for risk management, market differentiator and compliance. Many standards and regulations are emerging across regions and verticals. Standards like IEC 62443, NIST 8259A and others are looking to address core security functionality. SESIP has rapidly grown internationally as the recognized certification going beyond the security fragmentation. As an optimized version of CC applied to IoT market, SESIP is providing evidence of secure products by design. The proper protection of stored data is a key element of the overall security of devices." says Carlos Serratos, Director of Strategy at SGS Brightsight. Carlos goes on to say, "SGS Brightsight congratulates Winbond with the successful certification of their W77Q16/32 Secure Flash Memory under SESIP and CC, an achievement on itself that gets enhanced for proving its readiness for applications in the scope of IEC 62443 and NIST 8259A. Glad to be the Winbond partner in its security journey!"