Secure Flash for high security smart cards

By Ines Pedersen, Infineon Technologies

Safety has relied on Infineon Flash for years - What about security?

Over the last years the smart card market has changed dramatically. Technical progress, an increasing demand for security as well as a broad change in people’s minds have led to strong growth of electronically supported systems, like cashless payment – in different form factors such as smart cards, mobile phones or dongles – as well as sophisticated identification and paperless transport ticketing.

The need for individual solutions in order to improve comfort and security of the card users are manifold, which makes it essential to design products with maximum flexibility to be able to react fast to new market trends. Shortening development cycles and production lead times become an important factor of success, as well as the degree of flexibility a product can offer to be able to adapt to the fast changing market requirements. On the other hand, the clear focus of all parties involved in this competitive market environment is an optimized product offering, which can only be achieved by respecting the total cost of ownership, which includes the optimization of the complete value chain.

Advantages of Flash for smart card ICs

To cope with the strong price pressure in the high volume chip card markets for payment, identification and transport applications, fixed Mask ROM (Read Only Memory) has been the standard memory type of choice for program code on microchips for many years. Its physical hardware design characteristics minimize silicon size and, on the other hand, supports an easy logistics model for high volume production, as long as the software design has very few changes and can accept long production lead times.

The increasing demand for fast market adaptations, short development and production lead times and high flexibility has changed this picture. As a result, non-volatile memory mass storage Flash has become the main memory type in almost all high-tech industries ranging from consumer electronics to safety critical automotive applications. Flash is also now finding its way into the smart card market. SIM/UICC cards are today already widely using Flash technology and security-certified Flash-based products are also available for risk-sensitive applications like payment and identification.

The advantages of Flash are obvious:

  • Flash-based products offer the opportunity to reduce time-to-market. A strong reduction of the production lead times realizes a fast reaction to market changes. Where Mask ROM products have to be produced specifically for every project and perhaps each end customer with the associated long lead times during the semiconductor production process, Flash-based products can be manufactured as a standard product and be programmed at the end of production or even at the customer premises by on-demand remote personalization programming. Besides the lead time reduction the develop-ment time can also be optimized in in such a way that a fast prototyping and sampling process can be supported by flexible Flash products, where every code change can be realized immediately on an example of the final product.
  • The total cost of ownership will be reduced with Flash products in different ways. Non-specific Flash products can be stored and used flexibly by programming on demand, which enables a reduction of inventory and inventory risks, but also lowers the complexity and uncertainty of the planning and forecasting process. In the end, the overall product costs themselves are also improved. The relative costs of Mask ROM products will increase with shrinking technology nodes. Mask costs will more than double with every technology step of silicon geometry and the minimum order quantities for specific ROM Masks of smaller geometry chips on larger wafers will increase to a non-economic number. Flexible standardized Flash products avoid this trend.
  • In general Flash-based products offer a high degree of flexibility, as they can be individually configured by the card vendors or the card issuer or even by the end user. This last argument is of particular importance to the diverse payment and transport markets, where Flash-based products are already being introduced on a broad basis. The capability to offer customer specific solutions in a very fragmented market is key here, and is best supported by flexible Flash products.

The FLASH advantages

In the past, the advantages of Flash-based products described above had to balance against the relatively larger silicon size of a given Flash memory block compared to a Mask ROM of the same capacity. However starting with 90nm silicon geometries and beyond, the disadvantage of bigger Flash memory design against Mask ROM will shrink to an insignificant minimum.

In order to benefit from all the advantages described above,
one key prerequisite has to be fulfilled when it comes to the use of Flash in applications like payment, transport and identification: Security. This means that Flash has to fulfill the same integrity,
reliability, stability and quality requirements as Mask ROM.

Essential security concepts for secure Flash

In high-security smart card applications in particular, it is mandatory that Flash-based products offer the same security level as Mask ROM. Dedicated design concepts are required to guarantee that the flexible Flash memory fulfills the strong security requirements.

FLASH secure loading

Extra key measures have be considered and implemented to secure the Flash:

  • Secured locking mechanism to protect the finally programmed memory content from attacks, so that the Flash behaves like a fixed Mask ROM
  • Secured, encrypted Flash content loading mechanisms to protect the chip against unwanted uploading of the Flash memories
  • Memory management including a hardware firewall, which protects the individual code, data and application parts from another application and avoids interference
  • Memory encryption to protect the data against analysis even if it was be read by some unauthorized access
  • Error correction, which detects and corrects the data from internal or external errors
  • Memory protection mechanism to protect the memory content from unwanted changes through the environment, attacks, etc.
  • Value chain security as part of the certification process

Security key measures are also respected in the product certification process required for Common Criteria or EMVCo.

Infineon’s SOLID FLASH™ combining best flexibility with reliability and highest security

Infineon, which has been selling Flash-based products into the consumer and automotive market for many years, announced in December 2010 the introduction of the new 90nm security IC generation, which will be completely based on SOLID FLASHTM. SOLID FLASHTM is a special product concept developed by Infineon, which combines its long experience in high quality automotive Flash with its best security know-how. SOLID FLASHTM is optimized to be used in security applications like payment, government ID, high-end mobile communications and transport and combines the advantages of flexible Flash with a dedicated security concept, taking into account the previously described security measures.

Infineon just recently received the first EMVCo certifications for its new 90nm SOLID FLASHTM products, proving that Flash is seen to be as secure as Mask ROM, protected by the dedicated security measures.

Conclusion and outlook

The increasingly growing and fast-changing smart card market requires a high degree of flexibility as well as a focus on cost reduction and optimization over the complete value chain.

Flash-based products can offer the required flexibility and contribute to an overall optimized product handling, but also need dedicated measures to meet the high security standards needed for risk-sensitive applications like payment, government ID and transport. Starting with 90nm technology smart card IC designs using the latest Infineon security concepts, Mask ROM can be replaced by SOLID FLASHTM-based products, as the cost/size advantages of ROM products disappear and the numerous advantages of Flash are welcomed by all the stakeholders in the market.

Tags: , , , , ,

Categories: Technical Articles

SUBSCRIBE & CONNECT

Subscribe to our RSS feed and social profiles to receive updates.

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: