Designers of a host of consumer and industrial Internet of Things (IoT) applications—from light switches, meter readers, and smart locks to solar inverters and security panels—need to strike the right balance between high performance and low performance. consumption - especially for battery-powered designs - while ensuring that your deployments are secure. In many cases, the basis for these designs is a microcontroller (MCU), so the designer must carefully consider which one to use.
In addition to strong support for security, factors to consider are processor core performance, efficiency, peripheral and I/O support, overall form factor, and ecosystem support. Although an MCU may meet the design requirements in terms of performance and power, implementing a secure design has a learning curve that can cause delays or cause security to not be properly implemented.
This article briefly discusses security considerations for edge IoT devices. He then introduces Silicon Labs' EFM32PG23 MCU and shows how to apply it to secure edge IoT designs, with an emphasis on low power.
IoT device security issues
The number of remote attacks on Internet-connected devices continues to rise. Embedded developers may be tempted to think that their IoT edge device does not need security because it contains “nothing of value”. The truth is that almost every device has something that a hacker might find valuable, whether it's sensor data, customer data, the firmware on the device itself, or the access the device provides as a backdoor to the connected networks. Security is a critical feature that needs to be designed into every IoT edge device from the start – it should not be bolted into the system late in the design cycle. Otherwise, the device will be very vulnerable to attacks.
Every IoT edge device has several security areas that need to be considered, such as device identification, device configuration, and software/firmware updates. Figure 1 shows a list of common concerns and how these concerns translate into a device security requirement. Each security requirement has an associated technology that is often used to meet that requirement and thwart potential attackers.
|
Figure 1: There are many security issues, requirements, and associated technology that designers of edge IoT applications must consider. (Image source: Silicon Labs)
A big problem with many of the embedded teams developing IoT edge applications is that they don't have in-house security expertise. The result is that they must do as much as possible internally to learn and apply security or turn to an external source. In either case, the cost and time can be extraordinary.
There is an alternative: the development team can select an MCU that is designed with security in mind and offers out-of-the-box security solutions that require minor configuration adjustments for the application in question.
Introduction to Silicon Labs PG23 Series MCU Devices
Silicon Labs' EFM32PG23 series of microcontrollers is an interesting choice for IoT edge device applications for several reasons. First, the PG23 MCU can run Silicon Labs' Secure Vault IoT security solution. Secure Vault is a platform for protecting and future-proofing IoT devices that recently became the first IoT security solution to reach the PSA certification level 3. Some of the features that Secure Vault brings to PG23 MCUs are secure device identity, secure key storage and management, and advanced tamper detection.
Secure Vault takes advantage of a unique fingerprint generated by a physically uncloneable function (PUF). A PUF can be used to create an AES symmetric key that physically disappears when the system is powered down. The AES symmetric key doesn't even exist when the chip is turned off, so it's impossible to remove it from the device. A PUF is an effective solution to the key management challenge faced by many IoT edge applications. In fact, the PUF can scale to support as many keys as are needed to support an application. Secure Vault also includes a tamper detection system that makes the key non-rebuildable once the device is powered off after a tamper event. The main security features can be summarized in:
- secure certification
- Secure key management
- secure key storage
- anti-sabotage
Another reason why PG23 MCUs are well-suited for IoT edge applications is that they are designed for low-power applications. The active current draw of the PG23 is 21 microamps per megahertz (µA/MHz). Current consumption is 1,03 µA with 16 kilobytes (Kbytes) of RAM active in EM2 mode, or 0.7 µA with Real Time Clock (RTC) enabled in EM4 mode. Such low power consumption levels help developers design an energy efficient device, whether it is plugged into the wall or running on battery power.
The last feature of the PG23 to be examined here is the MCU capability. The PG23 has an Arm® Cortex®-M33 processor with a frequency of up to 80 MHz. The processor can operate in the range of 1.71 to 3.8 volts using a single power supply. For developers working on sensor applications, there is a Low Power Sensor Interface (LESENSE). The MCU comes in either a 40-pin QFN package measuring 5x5 millimeters (mm) or a 48-pin QFN package measuring 6x6mm. Figure 2 shows a block diagram of the PG23. The MCU also has five power states: EM0 for run mode, EM1 for sleep, EM2 for deep sleep, EM3 for stop, and finally EM4 for shutdown.
Figure 2: The PG23 MCU has a wide range of peripherals, memory and power saving modes. (Image source: Silicon Labs)
Introduction to PG23-PK2504A development board
The best way to get started with the PG23 is to use the PG23-PK2504A development board. The board has an EFM32PG23B310F512 processor that is supported by its own 512 Kbytes of flash and 64 Kbytes of RAM. The development board includes a wide range of onboard sensors, interfaces, and a 4×10 segment LCD display (Figure 3).
Figure 3: The PG23-2504A development board includes an EFM32PG23 MCU, as well as a 4×10 segment LCD display, temperature and humidity sensors, a voltage reference, and expansion interfaces. (Image source: Silicon Labs)
With board in hand, developers can download and install Simplicity Studio (in the "Getting Started" tab). Simplicity Studio is a launch pad for everything you need to test, configure, and develop with EFM32 microcontrollers. The software includes getting started materials, documentation, supported tools, and resources.
When a developer opens Simplicity Studio and plugs in a development board, the software identifies the board and offers recommendations for example projects, documentation, and demos (Figure 4). The developer can then choose the best way to go and start experimenting with the PG23.
Figure 4: Silicon Labs Simplicity Studio detects the board and offers personalized recommendations for getting started, documentation, sample projects, etc. (Image source: Silicon Labs)
One feature worth noting on the PG23-PK2504A development board is the switch that decides how the development board is powered. There are two options: AEM or BAT (Figure 5). In AEM mode, there is a current sense resistor in series with the LDO power supply and the PG23. The benefit of this mode is that developers can measure processor current draw to help optimize power. Once the application is optimized, developers can switch to BAT mode to make the development board work with a button cell.
Figure 5 - The PG23-PK2504A offers the option to power the board over USB-C in its AEM mode, allowing processor current to be measured. Alternatively, the processor can be powered by a CR2032 button cell. (Image source: Silicon Labs)
Tips and tricks to minimize power usage in an IoT application
Minimizing power consumption is critical to all IoT edge designs, whether they are battery-powered or not. Optimizing a design for power usage can be time consuming if developers are not careful. Here are several "tips and tricks" developers should keep in mind that can help quickly optimize an IoT application for low power consumption:
- Use an event-based software architecture. When the system is not processing an event, put it in a low power state.
- Profiles the system's battery consumption over various charge/discharge cycles. Record current consumption and operating voltage and plot them over time.
- Take advantage of low power modes to automatically turn off clocks, peripherals, and the CPU.
- In simple applications, explore using the Arm Cortex-M "sleep on exit" feature to minimize the overhead of interrupts when waking up the system.
- If you are using an RTOS, take advantage of its tickless mode to prevent the RTOS from inadvertently waking up the system.
- If you optimize in iterations, you have to track the energy savings of each change. At a certain point, developers discover a "knee" where time spent optimizing has a low return on investment in terms of energy savings. It's time to stop optimizing and move on to the next stage.
Developers who follow these “tips and tricks” will save themselves a lot of time and hassle when starting their next secure and energy efficient IoT design.
Conclusion:
The need for low power and secure MCUs is increasing for IoT edge applications. Along with strong security support, factors designers must consider to meet the needs of edge-based designs include processor core performance, efficiency, peripheral and I/O support, factor in a general way and the support of the ecosystem.
As demonstrated, Silicon Labs' EFM32PG23 MCU can help developers solve various problems related to low-power design and device security. Its associated development board provides all the necessary tools to get started, and by following a few important "tips and tricks", a low-power design can be quickly implemented.
