Board ID marketing overview Renesas Interactive Training March

Board ID marketing overview Renesas Interactive Training March 11, 2010 Security Products Marketing

* Under development Renesas in the Secure MCU market General Promotion Selected OEM support only RS 4 Series RS 4 X Series* AE 56 U AE 5 Series NFC Series* N Series • Embedded interface (I 2 C) • Small package AE 4 Series AE 41 R M to M Authentication Contact Smart Card Contactless Smart Card USB Secure Token Embedded Banking, ID card Banking card Enterprise NFC Mobile Phone

Renesas in the Secure IC market 3 B milestone Renesas History of Security IC M to M Authentication Contactless Card SIM ETC SAM GSM, 3 G SIM Card Banking Card (Visa, Master. Card, Debit card) 1980 1990 2009 2010 ETC SAM : Electric Toll Collection Secure Authentication Module M to M : Machine to Machine

Embedded Systems are everywhere! street lights get smart Smart Grid home energy management intelligent signs solar power smart Gym intelligent communications precision farming programmable robots media devices

From simple ID to strong authentication Small Groups Larger Society Networked Society User Huge Opportunity for RTA Name + ID Authentication Now and Future Strong user authentication M 2 M Strong M 2 M authentication

Hackers can affect almost any product r ume ons Publ c tech High ic inf rastr uctu re Designs without strong security are at high risk ial ec igh t H h r dust in . com www. Hack. ADay

The Big Bad Wolf Business risks: n Liability n Service Level Agreement n Revenue loss n Unfair competition n Increased costs of operations n License and brand protection n Credibility with partners and customers n Security breaches n Device effectiveness

Web authentication – 1 (users) med perfor tion entica ce, or online th PKI au commer bled re E re ena es a befo servic g bankin Private Key + Certificate Public Key Certificate (Authenticator) (Remote service provider) Proven with Billions of Users Secure, Trusted Authentication Method Conforms to IT, Internet and Enterprise Authentication standards

Web authentication – 2 (users) Public Key Certificate (Authenticator)

PKI authentication – 3 (users) Robust PKI authentication protect a majority of the 1. 7 B web users

PKI authentication – 4 (users and machines) Robust PKI authentication for 1. 7 B web users Remote medical device sending data or receiving updates 15 B ‘machines’ with weak authentication?

Levels of security Software security BAD Memory chip security Almost as BAD Keys NOT protected CPU intensive (can be OK for PKI comp. by the host) (encryption alone is NOT security) Outdated key lengths (like a ‘ 2 digit’ PIN code) We bring proven Web user authentication technology to Embedded Systems Board ID SECURE Strong crypto Tamper proof PKI for Embedded Systems Avnet VAS

The Solution

PKI authentication – 5 (users and machines) Robust PKI authentication for 1. 7 B web users Remote medical device sending data or receiving updates 15 B ‘machines’ with weak authentication?

Board ID use examples

Renesas Board ID chip Renesas Board ID Security Firmware Avnet Security Programming (PKI) and Logistics Services We offer a Complete Solution

Board ID 1. 0 Specs summary Hardware Specification Operating Voltage 1. 8 V - 3. 3 V Clock Speed 6 MHz with internal oscillator Communication interface I 2 C (100 k. Hz) Operating Temperature - 20°C to +75°C WTR option (please consult with us) Package QFN 20 (4. 2 mm x 4. 2 mm) Software Specification Authentication Algorithm PKI (RSA 1024 / 2048 bits) Anti-Cloning PKI (Certificate and signature verification) Usage Control Limit counter (1 to 4, 294, 967, 295 times) Secure Tracking 4 bytes (32 bits) of condition value IP Protection 4 bytes (32 bits) of condition value Secure Storage 64 bytes X 8 pages (512 bytes total)

Configuration of Board ID product Anti Cloning Generic Security Board ID hardware (chip) application and user keys BOS Provided by Renesas Usage Control Secure Tracking IP Protection User Keys Authentication R 5 H 30211 Board ID Firmware (BOS) with crypto and communication libraries

Avnet Value Added Services (VAS) Avnet provides a One-Stop-Shop for Board ID Product and Services

Board ID pricing model Conventional MCU VAS ith ti w Dis AS V Traditional price model: Board ID price model: Chip + Distribution margin + VAS (programming) Fina l (with quote V be p AS) to rov by A ided vnet

Response What does Avnet provide to Board ID customers? Avnet VAS: Logistics support as a Franchised distributor of the product and the Board ID demo kit PKI programming services including key/cert generation Technical assistance to: 1 - define the programming scheme, and 2 - to help authentication code porting (MCU code)

Board ID Strengths 1 - Unmatched web user like authentication 2 - Built with proven PKI technology and standards 3 - Strong authentication solution ideal for a high growth market: devices connected to the internet 4 - COMPLETE, UNIQUE SOLUTION DEPLOYABLE NOW. Avnet will: - Provide full quotation including VAS - Handle NDA, Educate, and Support customer - Provide a unique product and logistics service (One stop shop) 5 - Top companies have selected Board ID as the authentication solution in their system. Current shipment: several M units / month (same prod. family as Board ID)

What is available? -- Board ID product -Series name: N series, N 211 Version: Board ID 1. 0 Type number: R 5 H 30211 NB 03 NQ 03 (Production parts) Availability: ES: Now MP: Now Ava ila Now ble !

What is available? -- Board ID Demo Kit -- ! Now il. Ava Type number: YBIDKITSV 2 Target product: Board ID 1. 0 Purpose: Initial Board ID evaluation Reference design for customer’s prototype Contents: SH 7285 MCU board Board ID mini-module Application and documents on CD USB cable Price: MSRP $149 Availability: ES: Now MP: available, in stock

e e Board ID section of RTA site entirely updated t t http: //america. renesas. com/boardid/ u u t t o o r r e i i ow liv N a a l l s s a a r r e e d d e e s s

More tutorials rs pe t a P ne ite Av s) h om e , W fr vic es ent Ser as m g c c in se a do amm U u r , rs ding prog lye lu t F (inc bou a als ty uri c ri uto T Se re) hip t (c shee wa hard Data http: //america. renesas. com/fmwk. jsp? cnt=docs_child. htm&fp=/products/security/boardid/child_folder/&title=Tutorials%20 and%20 Documents

Video tutorials toria deo Tu i V ls http: //america. renesas. com/fmwk. jsp? cnt=docs_child. htm&fp=/products/security/boardid/child_folder/&title=Tutorials%20 and%20 Documents

Updated FAQ d Update http: //america. renesas. com/fmwk. jsp? cnt=faq_child. htm&fp=/products/security/boardid/child_folder/&title=FAQ

Link to Avnet site d an s tic ices is v og er L S et ng vn mi A to ram s g nk Pro Li http: //america. renesas. com/fmwk. jsp? cnt=service_partner_landing. jsp&fp=/products/security/boardid/service_partner/&title=Service%20 Partner

New Board ID demo kit ble aila ! Av ow N : YBIDKITSV 2 Authenticator (SH 7285) Board ID Device (R 5 H 30211) 1. Capable to show authentication demo for each use cases (Anti-Cloning, Usage Control, Secure Tracking and IP Protection ) 2. Authentication is done between authenticator (SH 7285 MCU) and Board ID device (R 5 H 30211 with firmware version 1. 0) 3. Authenticator software is provided as Board ID Security Stack (BSS) for easier porting by customers into their target MCU/MPU. 4. Low cost, MSRP: $149, MP available, in stock

Demo Kit Overview – Software 1. Board ID Security Stack (BSS) handles text strings from PC and issue commands to use the authentication applets in the Board ID device 2. Provide reference Main Program, BSS code and I 2 C driver in C source code 3. Provide Crypto library object code for SH 7285 MCU (SH 7285) Main Program USB Crypto Function BSS (Board ID Security Stack) Low-Level I 2 C Driver Board ID with fixed applets Use PC as Hyper Terminal to send command and/or to monitor operation sequence

Issues to consider - Business (1) How to protect your business from security risk? (a) Highlight risks, explain benefits: Hardware and/or software IP cloning Usage control, License control Protect Business model (b) Questions to higher management level ex. Engineering VP (c) Tool: Video Tutorial on Web Risk

Issues to consider - Technical (2) What security technology is implemented in your system? (a) Emphasize on technical risks Authentication by software on MCU/MPU? ID number stored on EEPROM? Crypto memory? Out-dated algorithm such as SHA-1? None? (b) Questions to engineering manager level Security Technology System Process Asset

Why select Board ID ? (3) Renesas’ Board ID solution strengths are: (a) Strong data (Key) protection by H/W against attacks (including physical attack) (b) Strong crypto technology such as RSA algorithms for PKI (c) (meet industry standards) (c) Built in firmware & authentication application in Board ID chip can minimize customer’s development time and cost (d) Key generation and insertion and secure logistics services by a partner distributor, Avnet

Conventional MCU or memory chip vs. Board ID chip (1) Software Encryption Crypto Memory Board ID With Conventional MCU/MPU Storage of private / secret key Not protected or limited protection Not tamper proof protection Highly protected Secure crypto processing Can be attacked by hackers Limited protection Highly protected Asymmetric (PKI) authentication by RSA algorithm Possible but need powerful CPU for reasonable processing time Not possible Yes Authentication software development Need to develop crypto firmware minimizing security holes. Need to develop host crypto software minimizing security holes. Secure crypto firmware and Authentication application software built in Need to develop authentication application software Need to develop host authentication application software Host reference software available Fast processing time by on chip crypto co-processor

Conventional MCU or memory chip vs. Board ID chip (2) These are only few examples: many more advanced security features are implemented in the Board ID chip Conventional MCU or memory chip Board ID Current consumption is scrambled by internal noise generator Attacker can read data by monitoring current consumption data cannot be extracted by current monitoring Chip is protected with: Attacker can capture data by probing metal patterns “active” metal shield to prevent data capture randomized layout Chip spec Frequency Attacker can read data under abnormal operating conditions Boundary of normal operation Voltage Boundary of normal operation On chip detectors works Chip spec Frequency On chip detectors force to stop operation under abnormal conditions

Response Software Security Solution vs. Board ID solution Software: CPU intensive, key NOT protected, (can be OK to compute PKI on the host side) Board ID: complete authentication, external to MCU, key totally protected, Strong crypto

Response Crypto memory Solution vs. Board ID solution Crypto memory: inexpensive, NOT protected, weak (out dated) key length Board ID: complete authentication, highly protected, Strong standard based PKI crypto, smart card / Secure IC technology

Question on NDA, Export Control NDA: Avnet must provide an NDA to the end customer before Kit and other detailed documents are sent. Export Control: The Board ID product is designed to meet applicable EC rules and regulations. The product can be exported to foreign countries in accordance with applicable US laws. The end customer must ensure compliance with these laws.

Key Takeaways - 1 What is available? Board ID 1. 0, PN R 5 H 30211 NB 03 NQ 03 (Avnet – available) Board ID demo kit PN YBIDKITSV 2 (Avnet– Now) Brochures, documents, flyers, data sheet (RTA site – Now) QSG, User Manuals, Demo software provided with the kit under NDA (Avnet / RTA) Avnet programming services (Avnet – available)

Key Takeaways - 2 How to sell? Emphasize on business risk/liability with no or poor security (Management) Leverage the examples of leading RTA customers (Management) Describe technical benefits and strengths of Board ID (Engineering) strong key protection, strong crypto, complete auth. Firmware, Avnet VAS Understand explain the use cases to customers (Eng + Mgt) Avnet to explain and sell their VAS (Engineering)

Thank you!