The Renesas Security Mission

Renesas establishes and maintains dependable security foundations, building long-term trust in our products and our customer's solutions.

图像
Dependable Secrurity Foundations Diagram

 

The Renesas Security Commitment

Renesas Electronics has been designing and producing microcomputers for secure MCUs for over ten years. With our commitment to continued investment in the expertise and equipment necessary for leading-edge new product development, Renesas is well-positioned to address the heightened need for security in today’s connected products.

Renesas secure MCUs have tamper-resistant designs, including features such as metal shields, irregular alignment and multi-layered wiring, security detectors, cryptographic coprocessors, and on-chip security logic. In order to help deal with a wide range of security threats, Renesas smartcard microcomputers include various advanced countermeasures against current analysis, physical analysis, failure analysis, and fault attacks.

For these reasons, our products have been adopted globally in various fields such as finance and mobile communications. This allows us to transfer advanced security techniques into the domains of automotive, industrial, and consumer electronics.

Security Technology Leader

With advanced and proven security technologies, including physical security in microcontrollers that are widely used in the smart card and embedded-security markets, Renesas has over a decade of experience in developing security-certified products and production infrastructure adhering to industry standards such as Common Criteria (ISO 15408) and NIST CMVP.

Security Standards and Corroborative Initiatives

Renesas contributes to shaping national and international security standards and serves on various industrial and academic security initiatives.

Automotive Cyber-Security :

  • ISO/SAE 21434 JWG
  • Collaborative work with JASPAR and JSAE
  • SAE J3101 Requirements for Hardware-Protected Security for Ground Vehicle Applications

Industrial Control System Security :

  • Contributing member of DKE for IEC 62443
  • Civil Infrastructure Platform™ (CIP) Initiatives aiming to comply with security standards like IEC 62443

Government Programs and Academic Initiatives :

  • NEDO, Japan governmental organization Strategic Innovation Promotion Program
  • Development of Secure Cryptographic Unit (SCU) for IoT System collaborates with ECSEC(Electric Commerce Security Technology Research Association)
  • Joint R&D with Yokohama National University, developing the next generation of hardware security technology to enable innovative security solutions and products 
图像
JasPar logo
图像
JSAE Logo

Automotive Cyber-Security

图像
DKE Logo
图像
CIVIL Infrastructure Platform logo

Industrial Control System Security

图像
ESEC Logo
图像
YNU logo

Government Programs and Academic Initiatives

Secure OTA for MIRACLE Secure OTA IoT

Secure OTA for MIRACLE Secure OTA IoT

Miracle Linux Corporation

MIRACLE Secure OTA is a cloud system that realizes secure data deployment and updates that can be used by RZ/G. The premise is that the IoT device will be connected to the internet, and because a lot of people will be able to access it network-wise and physically, it will be exposed to various threats that were not there before. Here, in order to avoid unauthorized operation, it is important to update as a countermeasure once a weakness is spotted, and to control unexpected behavior by preventing such as unauthorized logins and software intrusion.

MIRACLE Secure OTA uses various certification and performs mutual authentication of the developer and the device, preventing unauthorized software to enter the IoT device. The developer will be given a developer certificate and authenticated in order for them to use the MIRACLE Secure OTA. Once the developer uploads an update file, it will be signed at the MIRACLE Secure OTA cloud. The MIRACLE Secure OTA cloud checks the product certificate of the destination device, and verifies if it is a regulated device. In RZ/G’s case, the product certificate is stored in the security region TSIP. Because the certificate cannot be controlled from the outside, the certificate’s safety can also be secured. When the distribution is performed, the update file will be downloaded only for the device that has a certificate. The electric signature and the product certificate will be compared, and only the correct software will be applied. By using this system, you will be able to prevent the application of unauthorized software and tampering of content by rogue developers, and protect the correct operation of IoT devices. As the distributable data ranges from a few bytes up to several gigabytes, it can widely support from the modification of minute contents to the major version upgrade of firmware and OS level.