New Product Introduction

STMicroelectronics ST33GTPMISPI

ST33GTPMISPI - Industrial TPM 2.0 device with an SPI interface

Front and back side of the ST's WLCSP11 package

The ST33GTPMISPI is a cost-effective and high-performance trusted platform module (TPM) targeting industrial embedded systems.

The product implements the functions defined by the Trusted Computing Group (www.trustedcomputinggroup.org) in the TCG Trusted Platform Module Library Specifications version 2.0 Level 0 Revision 138 and errata version 1.4. It is also based on the TCG PC client-specific TPM Platform specifications rev1.03. The applicable protection profile is TCG Protection Profile for PC Client Specific TPM 2.0.

The product also supports the ability to upgrade the TPM firmware thanks to a persistent Flash memory loader application to support new standard evolutions.

 

Features

  • TPM features
    • Flash-memory-based Trusted Platform Module (TPM)
    • TPM 2.0 compliant with Trusted Computing Group (TCG) Trusted Platform Module (TPM) Library specifications 2.0, Level 0, Revision 138 and TCG PC Client Specific TPM Platform Specifications 1.03
    • Fault-tolerant firmware loader that keeps the TPM fully functional when the loading process is interrupted (self-recovery)
    • SP800-193 compliant for protection, detection and recovery requirements
    • Targeted certifications:
      • CC according to TPM 2.0 PP at EAL4+
      • FIPS 140-2 level 2 (physical security level 3)
    • SPI support at up to 18 MHz
    • Support for hardware physical presence
  • Hardware features
    • Arm® SecurCore® SC300™ 32-bit RISC core
    • Highly reliable Flash memory technology:
      • 500 000 cycles on the full temperature range
      • Data retention: 17 years at 85 °C and 10 years at 105 °C
    • ESD (electrostatic discharge) protection against voltages greater than 4 kV (HBM)
    • 1.8 V, 3.3 V or 5 V supply voltage range
    • Industrial qualification (JEDEC)
    • Wafer-level chip-scale package (WLCSP) JEDEC J-STD-020D-compliant MSL1 package
  • Security features
    • Active shield and environmental sensors
    • Monitoring of environmental parameters (power and clock)
    • Hardware and software protection against fault injection
    • SP800-90A-compliant deterministic random bit generator (DRBG) built with an AIS-31 class PTG2-compliant true random generator (TRNG)
    • Cryptographic algorithms:
      • RSA key generation (1024 or 2048 bits)
      • RSA signature (RSASSA-PSS, RSASSA-PKCS1v1_5)
      • RSA encryption (RSAES-OAEP, RSAESPKCS1-v1_5)
      • SHA-1, SHA-2 (256 and 384 bits), SHA-3 (256 and 384 bits)
      • HMAC SHA-1, SHA-2 and SHA-3
      • AES-128,192 and 256 bits
      • TDES 192 bits
      • ECC (NIST P-256, P-384 curves): key generation, ECDH and ECDSA, ECSchnorr
      • ECDAA (BN-256 curve)
      • Device provided with 3 endorsement keys (EK) and EK certificates (RSA2048, ECC NIST P_256 and ECC NIST P_384)
      • Device provisioned with 3 RSA key pairs to reduce the TPM provisioning time
  • Product compliance
    • Compliant with TCG test suite for TPM 2.0
    • Common Criteria certifications:
      • EAL 4+ on TCG TPM2.0 protection profile
      • EAL 5+ on hardware
    • Targets FIPS 140-2 level 2 certification (physical security level 3)

 

Related Documents


Have a question? Contact us

Email:
For general questions:
yourmessage@avnet.eu

Local Avnet Silica offices:
Click here to find contact information for your local Avnet Silica team.