logo-micron

Add Bookmark(s)


To:

Email


Bookmark(s) shared successfully!

Please provide at least one email address.

Nonvolatile Memory Security*

Security Features for Flash Memory

Manufacturers around the world must protect their intellectual property (IP) in everything from consumer electronics to wired and wireless communications equipment. Protecting systems from unintentional overwrites, malicious attacks and cloning is essential, so Micron delivers innovative flash memory security solutions to meet this growing challenge. Our expansive portfolio of security solutions for our Flash products like NAND and NOR Flash, e.MMC, and SSDs enable system manufacturers to protect data from accidental or intentional corruption, as well as unauthorized IP copying or cloning. Hardware, software and combination solutions deliver the flexibility designers need to protect data or IP stored in flash, software and firmware. Learn about some of the specific features offered in Micron’s Flash memory products below:

Micron Product Security Offerings

 

Security Features   NOR Flash NAND Flash e.MMC SSD
Hardware          
  BGA Package    
  Hardware Write Protect      
  Lock Pin        
Software Protect          
  Volatile Block Locking      
  Non-Volatile Block Locking    
  Unique ID  
  Password Protect Block Locking      
  ATA Security Feature Command Set        
  ATA Standard Password Login        
  Advanced Encryption Standard (AES256)        
  Sanitize and Secure Removal      
Advanced Security Features          
  One-Time Programming    
  OTP Space      
  Replay Protected Memory Block (RPMB)        
  Replay Protected Monotonic Counter (RPMC)        
  Password Access        

Hardware Security Features

BGA Package

Protects the device from probing because balls are on the bottom of the device and soldered to a PCB board.

Hardware Write Protect

Protects against accidental or malicious programming or erasing through the hardware pins by enabling:

  • Blocks to be modified only when a valid voltage is present
  • Blocks to be programmed or erased only when the device is grounded

LOCK Pin (NAND Only)

Protects the entire device or certain ranges of blocks from being programmed and erased; LOCK pin can be enabled/disabled at power-on.

  • If LOCK is LOW at power-on, all BLOCK LOCK commands are disabled.
  • If LOCK is HIGH at power-on, BLOCK LOCK commands are enabled.
  • Features:
    • Unlock: Unlocks a specific range of blocks for program and erase.
    • Lock:  Locks the whole device for program and erase.
    • Lock tight:  Freezes the block lock/unlock scheme.
    • Protect:  Permanently protects blocks 0H to 47H.

Software Security Features

Volatile Block Locking

Prevents unexpected program or erase of the flash array from poorly written software or during device power-up — without wearing out arrays — by treating areas with temporary write protection as read-only.

Nonvolatile Block Locking

Protects against accidental or malicious programming or erasing, with functionality dependent on the memory family; the PROTECT command can be used to permanently protect blocks from programming and erasing.

Unique ID – A 32- or 64-bit serial number programmed into Micron’s NAND and NOR Flash devices that cannot be replaced or modified

Provides a fixed value stored in the memory device, enabling component authentication techniques to reduce component swapping and creating a relationship between the processor and memory to prevent cloning.

Password Protect Block Locking

Protects blocks from being modified — even when power is removed or the device is reset — by requiring a 64- or 128-bit password.

ATA Password (SSDs Only)

Prevents access to an SSD during power-up by requiring a password; the ATA password is hidden in an area of the drive (not software) that is inaccessible to users.

AES256 Encryption (SSDs Only)

Encrypts data in flight and data at rest using a symmetrical encryption algorithm that is a standard in the U.S. and Canada; if correctly implemented, AES256 is impossible to break within a lifetime without extraordinary (and highly unlikely) processing power.

Sanitize and Secure Removal

Protects deleted data and previous versions of data by physically erasing the data and reprograming “dummy” data on top of it to ensure that the data is not recoverable.

Advanced Security Features

One-Time Programming (OTP)

Permanently locks flash blocks so they can no longer be erased or written to; OTP is commonly used to protect initialization or boot code in a system, helping to prevent corruption.

OTP Space

Enables a small amount of information or code to be embedded in an additional space in the memory that cannot be erased or written to.

Replay-Protected Memory Block (RPMB) (e.MMC Only)

Enables a secure memory block for storing small amounts of sensitive information, preserving uniqueness and helping to make systems more resistant to rollback and replay attacks; RPMB enables a secure relationship between the host controller and the memory device.

Replay-Protected Monotonic Counter (RPMC) (Serial NOR Only)

Adds secure incremental monotonic counting to code and data storage in boot memory, preserving uniqueness and helping to make systems more resistant to rollback and replay attacks.

Password Access (Parallel NOR Only)

Protects intellectual property and boot code stored in the main array memory blocks by preventing reads or modifications until a valid 64-bit password is entered; password access has three protection modes:

  • Read Access Protection – Prevents data or code from being read from a block in the flash memory array prior to a valid password being entered.
  • Modify Access Protection – Prevents a block from being programmed or erased in the flash memory array prior to a valid password being entered.
  • Permanent Modify Protection – Prevents a block from being programmed or erased in the flash memory array even if a valid password has been entered.

_____________________________________________________________
*No hardware, software or system can provide absolute security under all conditions. Micron assumes no liability for lost, stolen or corrupted data arising from the use of any Micron products, including those products that incorporate any of the above security features.