Security Solutions

rx security image

In response to growing threats to IoT devices, RX provides security solutions that will protect against threats throughout the lifecycle of IoT devices, from autonomous security and the design phase to end-of-life.

feature button solution button dlm button partner button certification button

This is a test image Features

Autonomous security for IoT endpoint devices is provided by Renesas' proprietary hardware secure IP (Trusted Secure IP

IoT devices that are located in a network environment are constantly exposed to a variety of threats. However, if the IoT endpoint device itself is secure, it can protect itself from threats and prevent malicious and unauthorized behavior, even in an unsafe network environment. RX has strong security technology using Renesas' proprietary hardware secure IP (Trusted Secure IP) and provides autonomous security for IoT endpoint devices.

rx feature protection

This is a test image RX Security Solutions

This is a test image

1. Hardware: RX microcontroller with security hardware IP to protect against threats

RX is equipped with "Trusted Secure IP," which cannot be accessed externally. Key data and cryptographic engine in Trusted Secure IP are strongly protected. Also, it combines area protection features and RX-specific features to protect authentication programs from tampering threats. With this, you can build a system with Root of Trust that provides self-sustaining security and provides easy and robust protection from a variety of threats.

merit trusted secure ip embedded

Microcontrollers with Trusted Secure IP

On-board IP function comparison Trusted Secure IP-Lite Trusted Secure IP
Supported RX MCU RX200 RX231
RX23W
-
RX600 RX66T RX65N/RX651
RX700 RX72T RX72M
Basic functions Common key encryption AES (128/256): ECB/CBC/GCM AES (128/256): ECB/CBC/GCM
- TDES (56/56x2/56x3): ECB/CBC
Public key encryption - RSA (1024/2048):
Encryption / decryption
Signature generation / signature verification
Key generation (1024/2048)
ECC (p-192/224/256):
Encryption / decryption
Signature generation / signature verification
Key generation (192/224/256)
Hash - SHA-1, SHA-256, MD5
Message authentication CMAC (AES), GMAC CMAC (AES), GMAC
Random number generator Random number generator (SP800-90 compliant) Random number generator (SP800-90 compliant)
Key update function AES key update Key update for AES, TDES, RSA
SSL/TLS integration function - SSL/TLS support function (TLS1.2 compliant)

2. Software

We provide you with the drivers that make Trusted Secure IP work, as well as secure update and secure boot sample programs to use the RX-specific features so you can deploy security quickly and easily.

Software components Description
Trusted Secure IP Driver Write keys and firmware to a dedicated driver that runs Trusted Secure IP for the microcontroller
Secure Updating A sample program that provides tamper detection/prevention by authentication when updating a program
Secure Boot A sample program that prevents hijacking by detecting tampering during program execution (stops execution)

*It is not possible to openly provide the above software to the public on the web since it is a product subject to Export Administration Regulations.
To request the above software, please contact us via your Renesas sales representative or through a technical inquiry.

3. We securely encrypt your keys with our "Key Wrap Service"

Securely encrypt keys on the dedicated Renesas webpage

rx key wrap service

  • Keys are delivered using secure PGP*
  • Instantly generate and provide encrypted keys with auto attendants
  • This is immediately available after initial user registration

To request this service, please contact us via your Renesas sales representative or through a technical inquiry.

4. Evaluation kits: Trusted Secure IP ready evaluation kits

Renesas offers evaluation kits that allow you to evaluate robust security immediately, contributing to reducing the TAT for development of security-enabled devices. An NDA is not required for the manual and driver for Trusted Secure IP.

Trusted Secure IP ready evaluation kits

  Renesas Starter Kits GR-ROSE (Optional)
Wireless LAN Board
External appearance RX Starter Kit GR ROSE board pkg ja
Supported MCU RX231
RX66T
RX72T
RX65T
RX72M
RX65N RX231
RX65N
Features Renesas evaluation kits that enable you to evaluate the full functionality of the MCU Small evaluation kit for Wi-Fi-equipped IoT devices Can connect to a Renesas Starter Kit so you can immediately evaluate Wi-Fi
How to purchase
Please contact Renesas* Akizuki Denshi Tsusho
Chip One Stop, Inc.
Marutsu
Please contact Renesas*

*Please contact your Renesas Electronics sales representative or sales office.

dlm con Achieving DLM with RX Security Solutions

There are various threats during the lifecycle of a user's product. You need not only security features for the device, but also secure operations throughout the lifecycle to respond to these threats. This way of thinking is called Device Lifecycle Management (DLM). RX security solutions support DLM and also make robust and advanced security management from the product lifecycle operation aspect possible.

dlm life cycle img

partner icon Partners

Build a secure design development environment

iar logo

Provides Trusted Secure IP enabled SSL/TLS

wolfssl logo

certification icon Certification: General-purpose MCUs that comply with international security standards

Some RX MCUs with Trusted Secure IP *1 comply with CAVP of the US National Institute of Standards and Technology (NIST), FIPS 140-2 *2 so you can use the cryptographic algorithm with confidence.

*1. RX65N and RX231. *2. CAVP (Cryptographic Algorithm Validation Program): A cryptographic module certification program. Certifies that cryptographic algorithms have been implemented correctly.