Courtesy: Microchip
The Role of CEC173x’s SPI Monitor in Ensuring Secure Data Transmission
In the dynamic landscape of electronic devices, data integrity and security are paramount concerns. Ensuring the safe and secure transmission of data between a host device and its Flash components is a critical aspect of many applications, and this is precisely where the CEC173x family’s SPI monitor feature shines.
Understanding the SPI Monitor
At the core of the CEC173x family’s new set of real-time platform root-of-trust features lies the SPI monitor, a powerful tool designed to shield the integrity and validity of Serial Peripheral Interface (SPI) traffic between a host device and its SPI Flash components. The SPI monitor accomplishes this by passively monitoring the SPI bus traffic simultaneously with the Flash devices, stepping in with an “intervention” when it detects any form of violation. These interventions and the violations that trigger them can all be defined and customized on the CEC173x chips using our Trust Platform Design Suite (TPDS) software.
Identifying Violations
A “violation” is how the SPI monitor flags illegal activities, defined by pre-programmed rules, on the SPI bus. These violations trigger an interrupt status, and depending on the severity, an intervention may be initiated by the CEC173x’s internal Soteria-G3 firmware.
The Role of Intervention
An “intervention” involves the hardware taking control of the signals going to the Flash devices, effectively halting any illegal read, write or erase operations. This not only ensures the immediate cancellation of unauthorized activities in the Flash devices but also disrupts any attempted reads from forbidden regions.
Full Intervention for Maximum Security
A “full intervention” is the most comprehensive response, delivering a series of immediate hardware actions to secure the system:
- Forcing Flash chip select signals to a safe state; this prevents further communication with the Flash devices
- Isolating the external host SPI bus segment by using internal analog Q-switches to cut off communication between the host and the Flash devices
- Resetting the Flash devices to ensure a clean slate for future operations
- Resetting the external host or alerting it to stop SPI activity and halt any ongoing communication from the host
After these steps, the system is brought to a static reset state, allowing the violation interrupt to propagate to the Soteria firmware for further action.
Delayed Interventions for Multi-Channel Configurations
In scenarios where there are multiple SPI monitor blocks (SPI channels), full interventions may be delayed at a chip level to avoid potential power disruptions. For instance, if a violation occurs on a basic SPI host, the intervention may wait until a reset is transmitted to another channel to prevent adverse effects on other components.
Reduced Intervention (RIV) for Read Accesses
For SPI read accesses, a “Reduced Intervention” (RIV) is available. This intervention removes the Flash Chip Select early, stopping the Flash device from presenting data. While it allows the violation interrupt to reach firmware and log information, it re-arms itself autonomously to react to the next SPI data frame.
Collaborative Components: QMSPI and SP
To enhance the SPI monitor’s capabilities, the CEC173x family incorporates the Quad Mode SPI (QMSPI) host controller and PER or SPI Peripheral (SP) target components:
- QMSPI: This on-chip block outside the SPI monitor is configured by firmware to exercise internal and external Flash devices. It reads match patterns for SPI monitor comparison and performs Hash calculations on specific regions.
- PER or SP: Another on-chip block outside the SPI monitor, it provides a host-directed interface from the external host to EC firmware. With its SPI Chip Select, it ensures seamless communication while maintaining data integrity.
In conclusion, the CEC173x family’s SPI monitor stands as a vigilant guardian, ensuring the secure and reliable transmission of data between host devices and Flash components. With its sophisticated monitoring capabilities and intelligent interventions, the CEC173x family provides a robust solution for applications where data integrity is non-negotiable.
 software.){kind=link}