DESIGN TOOLS

products

Nonvolatile memory security

Security features for flash memory

Manufacturers around the world must protect their intellectual property (IP) in everything from consumer electronics to wired and wireless communications equipment. Protecting systems from unintentional overwrites, malicious attacks and cloning is essential, so Micron delivers innovative flash memory security solutions to meet this growing challenge.

Our expansive portfolio of security solutions for our Flash products like NAND flash and NOR flashe.MMC, and SSDs enable system manufacturers to protect data from accidental or intentional corruption, as well as unauthorized IP copying or cloning. Hardware, software and combination solutions deliver the flexibility designers need to protect data or IP stored in flash, software and firmware.

Female project leader standing with tablet computer, checking work data

Hardware security features

Hardware write protect

Protects against accidental or malicious programming or erasing through the hardware pins by enabling:

 - Blocks to be modified only when a valid voltage is present

- Blocks to be programmed or erased only when the device is grounded

BGA package

Protects the device from probing because balls are on the bottom of the device and soldered to a PCB board.

LOCK pin (NAND only)

Protects the entire device or certain ranges of blocks from being programmed and erased; LOCK pin can be enabled/disabled at power-on.

- If LOCK is LOW at power-on, all BLOCK LOCK commands are disabled.

- If LOCK is HIGH at power-on, BLOCK LOCK commands are enabled.

LOCK pin features (NAND only)

Protects the entire device or certain ranges of blocks from being programmed and erased; LOCK pin can be enabled/disabled at power-on.

- Unlock: Unlocks a specific range of blocks for program and erase.

- Lock:  Locks the whole device for program and erase.

- Lock tight:  Freezes the block lock/unlock scheme.

- Protect:  Permanently protects blocks 0H to 47H.

Software security features

Volatile block locking

Prevents unexpected program or erase of the flash array from poorly written software or during device power-up — without wearing out arrays — by treating areas with temporary write protection as read-only.

Nonvolatile block locking

Prevents unexpected program or erase of the flash array from poorly written software or during device power-up — without wearing out arrays — by treating areas with temporary write protection as read-only.

Password protect block locking

Protects blocks from being modified — even when power is removed or the device is reset — by requiring a 64- or 128-bit password.

ATA password (SSDs only)

Prevents access to an SSD during power-up by requiring a password; the ATA password is hidden in an area of the drive (not software) that is inaccessible to users.

Unique ID cannot be replaced or modified

A 32- or 64-bit serial number programmed into Micron’s NAND and NOR flash devices that cannot be replaced or modified. Provides a fixed value stored in the memory device, enabling component authentication techniques to reduce component swapping and creating a relationship between the processor and memory to prevent cloning.

AES256 encryption (SSDs only)

Encrypts data in flight and data at rest using a symmetrical encryption algorithm that is a standard in the U.S. and Canada; if correctly implemented, AES256 is impossible to break within a lifetime without extraordinary (and highly unlikely) processing power.

Sanitize and secure removal

Protects deleted data and previous versions of data by physically erasing the data and reprograming “dummy” data on top of it to ensure that the data is not recoverable.

Advanced security features

One-time programming (OTP)

Permanently locks flash blocks so they can no longer be erased or written to; OTP is commonly used to protect initialization or boot code in a system, helping to prevent corruption.

OTP space

Enables a small amount of information or code to be embedded in an additional space in the memory that cannot be erased or written to.

Replay-protected monotonic counter (Serial NOR only)

Adds secure incremental monotonic counting to code and data storage in boot memory, preserving uniqueness and helping to make systems more resistant to rollback and replay attacks.

Replay-protected memory block (e.MMC only)

Enables a secure memory block for storing small amounts of sensitive information, preserving uniqueness and helping to make systems more resistant to rollback and replay attacks; RPMB enables a secure relationship between the host controller and the memory device.

*No hardware, software or system can provide absolute security under all conditions. Micron assumes no liability for lost, stolen or corrupted data arising from the use of any Micron products, including those products that incorporate any of the above security features.