Introduction#

As embedded devices are increasingly used in critical applications such as healthcare devices, industrial controls, and IoT devices, security of these devices is paramount. Embedded devices in these systems often perform essential functions or contain sensitive data, making them targets for attacks. Silicon Labs introduced the Secure Engine as part of the new Series 2 portfolio, which introduced many new security features into the device offerings. Series 3 devices expand upon those offerings by including and improving previous security features, and introducing new security features, such as Authenticated eXecute in Place (AXiP) and Encrypted eXecute in Place (EXiP). These features help to provide protection for code placed in flash memory.

Three of the main principles of security are ensuring confidentiality, integrity, and authenticity. Confidentiality guarantees data cannot be accessed by unauthorized parties. Integrity guarantees data has not been tampered with or modified. Authenticity guarantees data is received from an authorized source. AXiP uses AES-GCM encryption, which helps to ensure integrity, confidentiality, and authenticity of code placed in external memory through encrypting the data, which ensures confidentiality, and including an authentication tag, to en- sure the data placed in memory is from an authorized source, and has not been modified. EXiP uses AES-CTR, which helps to ensure confidentiality only, as only encryption is applied to data in flash memory.

While Silicon Labs will always recommend implementing the highest level of security available on Series 3 devices, it is ultimately up to end-device manufacturers to make their own risk analysis to determine the level of security to implement in their devices. As with any engineering solution, there will be tradeoffs that should be analyzed when implementing these features. For example, AXiP, the highest security option adds a 4-byte MAC to each 32-bytes of ciphertext, which will in turn, consume more memory. EXiP, will result in the same data size between plaintext and ciphertext, however, it will not come with the additional benefit of ensuring authenticity and integ- rity.

The following sections will continue to go further in depth on the AXiP and EXiP features of Series 3, including details on the functions of and how to implement each feature.