Security capabilities helping customers comply with Cyber Resilience Act (CRA) requirements
The Nuvoton Secure Bootloader is a bootable code pre-written in the MCU/MPU Mask ROM. It is tamper-proof due to the Read-Only feature of Mask ROM. It an immutable ROM code that executes unconditionally after power on or reset. The secure bootloader verifies the firmware's digital signature to ensure its integrity and the authenticity of the signer.
ECDSA-P256/P521/ Ed25519/ RSA-2048/ RSA-3072(depends on different platform)
Only the matching public key can verify the signature
The CRA requires devices to ensure software integrity, prevent unauthorized access, and support secure updates throughout the product lifecycle. Nuvoton’s secure boot meets these requirements by establishing a hardware root of trust, verifying all firmware using cryptographic signatures.
Arm® TrustZone creates a secure and non-secure world within a single microcontroller. TrustZone uses memory addresses to divide flash, SRAM, and peripherals into secure and non-secure regions. Allows critical code and data to run isolated from the rest of the system, enhancing overall device security. Nuvoton provides comprehensive examples and application notes to help users get started quickly, understand how to properly configure TrustZone, and perform debugging.
The CRA requires devices to ensure protection against unauthorized access, protecting sensitive data, and minimize attack surfaces through secure design. Nuvoton’s M23/M33/M55/MA35 platforms leverage Arm TrustZone to meet these requirements by providing hardware-based isolation between secure and non-secure domains. This ensures critical assets such as keys and security functions are protected from unauthorized access, supporting CRA Annex I requirements for integrity, confidentiality, and attack surface reduction.
The MCU platforms have internal Flash memory typically includes APROM, optional Data Flash, LDROM and optional OTP. Protecting embedded Flash memory is essential to secure firmware, sensitive data, and system integrity.
When the lock configuration is enabled, debugging interface reads will return 0xFFFFFFFF, and writes are ignored
Two Level Locks
1. Secure Region Lock (SCRLOCK):
When active, SCRLOCK blocks debug access to secure data while allowing access to non-secure data.
2. All Region Lock (ARLOCK):
When ARLOCK is activated, no Flash regions can be accessed via the debug interface.
a secure zone of the APROM/LDROM used to save secure application instructions.
Flash memory—including APROM, Data Flash, and LDROM—is divided into n equal-sized blocks, with write protection configurable for each block independently.
The CRA requires products to prevent unauthorized access, protect software and data integrity, and reduce the risk of tampering. Nuvoton’s Flash Lock, XOM, and Write Protection features help meet these requirements by restricting unauthorized read, execution, or modification of firmware stored in flash memory.
Physical attacks are a kind of attacks on microcontroller (MCU) application system, which locks in chip-level vulnerabilities rather than hardware-design-level or software-level weaknesses.
To protect internal secrets, the Tamper Controller monitors intrusion events on IO pins, external clocks (LXT) and voltage sources (VDD and LDO_CAP), reporting event status and initiates event response. In short, tamper detection strengthens device resilience and attack resistance, helping customers build systems that are more robust against physical and fault-based attacks under CRA requirements.
1. I/O Pin: unexpected changed status
2. Clock: out of range
3. Voltage: glitch, over/under voltage
4. Temperature: out of range
The DPM controls debug interface(SWD) access based on current debug state and supports password-based debug authentication.
| Debug state | Descriptions |
|---|---|
| Default | Debug is enabled |
| Locked | Debug is permanently disabled |
| Close | Debug is temporarily disabled |
| Open | Debug is temporarily enabled |
The PLM defines four forward-only stages: Vendor, OEM, Deployed, and RMA. Each PLM stage impacts the use of specific hardware resources. The table below illustrates the effects of each stage
The counter value must always increase, starting from the initial value and progressing to the maximum value which means cannot decrease or reset to initial value. Using FVC to record the version is important and It is helpful to prevent rollback attacks.
The CRA requires products to enforce access control and maintain security throughout the device lifecycle.
Nuvoton secure by default through its DPM, PLM, and FVC features. DPM restricts unauthorized access via debug interfaces, preventing firmware extraction or tampering. PLM defines security states across development, production, and deployment stages, ensuring appropriate protection at each phase. FVC enforces firmware version tracking to prevent rollback attacks by blocking installation of outdated or insecure firmware.
Hardware crypto accelerators securely perform encryption, digital signing, true/pseudo-random number generation, and hashing, improving performance while helping meet security requirements. The M2354 series also provides side-channel attack protection for commonly used cryptographic algorithms, including AES, ECC, and RSA. This protection significantly reduces information leakage from power and ground terminals during cryptographic operations, helping prevent attackers from analyzing leaked physical information to recover secret keys.
In certain MCUs, Crypto is paired with a Key Store (KS) for key management and retrieval, offering side-channel protection capabilities. The Key Store manages cryptographic keys stored in secure storage. Before shipment, relevant keys can be securely provisioned into the Key Store. During operation, the crypto engine can directly access and use these keys from the Key Store, reducing the risk of key exposure during CPU read/write operations.
Nuvoton’s hardware crypto accelerators help customers implement strong security functions such as encryption, hashing, digital signature verification, secure boot, and secure firmware updates with better performance and lower software exposure risk. The Key Store securely protects cryptographic keys and allows the crypto engine to use them directly, reducing the chance of key leakage during CPU access or memory handling. Together, these features help customers meet CRA requirements for data confidentiality, integrity protection, authentication, secure updates, and protection of critical assets.
The CRA requires products to protect data confidentiality, integrity, authenticity, and support secure communication/update mechanisms throughout the lifecycle. Nuvoton BSP integrates MbedTLS, which provides cryptographic primitives, X.509 certificate handling, TLS/DTLS protocols, and is suitable for embedded systems due to its small footprint. In addition, Nuvoton provides Crypto Accelerator integration for MbedTLS, including AES, CCM/GCM, RSA, ECDSA/ECDH, SHA-256, and TRNG-related modules. Therefore, developers can more easily build CRA-aligned security functions such as encrypted communication, secure firmware verification, digital signature validation, key exchange, random number generation, and data integrity checking. This helps products meet CRA expectations for secure-by-design implementation, protected communications, trusted updates, and protection of sensitive data.
Nuvoton MCUs integrate the MCUboot architecture to meet these requirements by enabling cryptographically verified firmware updates and a secure boot process. MCUboot ensures that only authenticated images are executed, while supporting features such as image signing, version control, rollback protection, and dual-image (A/B) update schemes. These capabilities align with CRA Annex I requirements for secure update mechanisms, integrity protection, and system recovery, helping developers build secure and resilient embedded systems.
TSI stands for Trusted Secure Island and is part of the MA35D1 SoC. Its purpose is to provide secure encryption and key storage services. In the MA35D1, the TSI operates as an independent subsystem and runs separately from the Cortex®-A35 main system. By enforcing strict isolation, secure key usage, and trusted execution of security functions, TSI helps meet CRA requirements for protection against unauthorized access
Microcontrollers
Secure Boot |
TrustZone |
Flash Protection | Crypto Accelerators | PRNG |
TRNG |
Key Store |
Tamper Controller | DPM |
PLM |
FVC |
|||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
XOM |
Write Protection |
Two level Locks |
Secure Conceal |
DES/3DES |
AES |
SHA |
HMAC |
ECC |
RSA |
Tamper Pin |
Vol. Sensor |
Clk. Monitor |
|||||||||
| M2351 | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | |||||||||
| ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ||||
| M3331 | ● | ● | ● | ● | ● | ||||||||||||||||
| M55M1 | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ||||
| M261 | ● | ● | ● | ● | ● | ● | ● | ● | ● | ||||||||||||
| M262 | ● | ● | ● | ● | ● | ● | ● | ● | ● | ||||||||||||
| M263 | ● | ● | ● | ● | ● | ● | ● | ● | ● | ||||||||||||
| M2L31 | ● | ● | ● | ● | ● | ● | ● | ● | ● | ||||||||||||
| M463 | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | |||||||||
| M467 | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | |||||||||
Microprocessors
TSI |
Secure Boot |
TrustZone |
Crypto Accelerators | PRNG |
TRNG |
Key Store |
Tamper Controller | DPM |
PLM |
FVC |
||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
DES/3DES |
AES |
SHA |
HMAC |
ECC |
RSA |
Tamper Pin |
Vol. Sensor |
Clk. Monitor |
||||||||||
| MA35D1 | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | |||
| MA35D0 | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ||||
| MA35H0 | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ● | ||||
| NUC990 | ● | ● | ● | ● | ● | ● | ● | ● | ● | |||||||||
