Security of Motorola Droid-family phones based on two important technologies:
- eFuse cells for one-time blowing to increment counter for security purposes
- M-Shield protection, solution from Texas Instruments special for cellular networks (similar as SecureShield from Quallcomm)
- L3 firewall protection for managing mandatory access for devices in OMAP SoC
This is an extended implementation of MTM (Mobile Trusted Module) of Trusted Computing Group, based on reference design of MTM, and embedded into OMAP chip. Also it support TrustZone ARM technology. It's located on it's own ROM/RAM and in M-Shield only software emulation - see TrustZone specification. Both, Secure and Insecure world are running on one core. From insecure world it's called by the SMC ARM instruction. Here all info about SMC module: Secure Monitor
|Normal World||Secure World|
|32Kb on-chip ROM||64Kb on-chip Secure ROM|
|32Kb on-chip SRAM||32Kb on-chip Secure SRAM|
OMAP3430 have various number of secure services
See Trust Zone page for details
Other Staff (needed to be cleared)
Work history Motorola June 2005 to the present Senior Software Engineer
tags: c • stracore • tms320c55x+ How would you describe your time at Motorola?
1. Implementation of Alternate Linear Output Equalizer (ALOE) for GSM handsets. Tools: Code Composer Studio (CCS), Freescale code warrior simulation tool. Language: TMS320C55x+ Algebraic Assembly, STARCORE ASSEMBLY Description: The ALOE algorithm is aimed at improving co-channel performance of the handset over the conventional GSM equalizers. The new algorithm gives 13 dB improvements over the conventional MLSE method. The implementation of this algorithm involved the coding in TMS320C55x+ Algebraic Assembly using CCS tool. And implementation is targeted to have lesser MIPS and better precision results. The algorithm testing is done with legacy starcore reference code.
2. Implementation of G728 speech codec with FIXED POINT, 32/16 bit data paths. Tools: Freescale code warrior simulation tool. Language: C, STARCORE ASSEMBLY Description: The G728 speech codec adhering to the ITUT standards is implemented using fixed point 16 bit and 32 bit data paths. The 16 bit fixed point data path is bit complaint with ITUT standard provided testvectors.The work involved is implementation, integration and Testing of entire G728 codec of 32 bit and 16 bit precisions and analysis with fixed point arithmetic using C language. And then porting the C code to the STARCORE architecture and also porting to starcore assembly to meet the MIPS criterion. The code is implemented in C and then star core assembly coded to meet MIPS criterion.
3. Development and Testing of Sync Detection, AFC, and sensitivity improvement algorithms. Tools: Matlab Freescale code warrior simulation tool. Language: C, STARCORE ASSEMBLY Description: The IDEN (similar to GSM) system has RF modem part which has Transmitter and Receiver. The Receiver is to demodulate the received Quad QAM data into in-Phase and Quadrature symbols, by applying sub channel demodulation, time synchronization, automatic frequency control, pilot interpolation and data decoding algorithms. The work involved implementation of AFC using the 1st order loop and synchronization using WLS algorithm and sensitivity improvement algorithm using 4-F Doppler mutipath fading modeling .The implementation of all these algorithms are on C, and STARCORE ASSEMBLY using the freescale code warrior tools....
RNG, DES/3DESx2, SHA1/MD5x2, AESx2, Fast PKA (Safenet EIP-29), e-fuse
On-Chip Memory: 96 Kbytes ROM, 64 Kbytes SRAM
M-Shield Hardware Security Technology
Integrated into TI's OMAP and OMAP-Vox platforms, M-Shield hardware security technology is a complete infrastructure for mobile platform robustness that includes:
* Hardware cryptographic accelerators and randon number generator * Public key infrastructure with secure on-chip keys (e-fuse) * Secure booting and flashing * Secure access/restriction to all chip peripherals and memories * Secure DMA transfers * Hardware-based countermeasures against software attacks and cloning * Secure protection of debug, trace, and test capabilities * Hardware-reinforced secure execution and storage environment (Secure Environment) embedding: o A Secure State Machine o Secure RAM for sensitive authorized application execution and secure data storage o Secure ROM with 100+ accessible by authorized applications (Protected Applications) o Secure storage mechanism
M-Shield hardware security technology is operating system-independent and not sensitive to software attacks. And once it is available, ARM® TrustZone™ hardware extensions will be incorporated and strengthened. M-Shield Software Security Technology
M-shield software security technology is the key software-based security element of OMAP Platforms and OMAP-Vox devices, built on top of and strengthened by M-Shield Hardware technology. This software security encompasses:
* Secure signing and flashing tools * IMEI and SIMlock protection software on OMAP-Vox devices * Toolkits for development and signature of protected applications running in a secure environment * Security Middleware Component with associated Protected Applications and SDKs * Security packs to strengthen HLOS security
Additionally, the M-shield Security Middleware Component (SMC) provides sets of standard APIs that solve the problems of de-fragmentation and porting complexity:
* Software reuse across platform generations as APIs on current platforms can continue to be utilized * SMC APIs are compatible with ARM® TrustZone™ software APIs o Applications can call specific secure services ported on SMC using ARM TrustZone API o Applications can use secure storage and standard PKCS#11 APIs for cryptography o Native secure services can use standard PKCS#11 APIs o Interpreted secure services can use GlobalPlatform GPD/STIP mobile profile standard APIs * Applications developed on TI's M-shield mobile security technology today will run binary compatible on devices incorporating an ARM core with TrustZone hardware extensions * Services developed today using ARM TrustZone software API will run on TI devices with M-Shield mobile security technology
Some info about eFuse in OMAP - http://elinux.org/OMAP_Power_Management/SmartReflex
All Secure ROM soultion based on Synopsys products http://www.synopsys.com/Tools/SLD/CapsuleModule/vp_ti_ss.pdf