Wireless sensor network applications range from industrial automation and control, agricultural and environmental protection, to surveillance and medicine. In most applications, data are highly sensitive and must be protected from any type of attack and abuse. Security challenges in wireless sensor networks are mainly defined by the power and computing resources of sensor devices, memory size, quality of radio channels and susceptibility to physical capture. In this article, an embedded sensor node microcontroller designed to support sensor network applications with severe security demands is presented.
It features a low power 16-bitprocessor core supported by a number of hardware accelerators designed to perform complex operations required by advanced crypto algorithms. The microcontroller integrates an embedded Flash and an 8-channel 12-bit analog-to-digital converter making it a good solution for low-power sensor nodes. The article discusses the most important security topics in wireless sensor networks and presents the architecture of the proposed hardware solution. Furthermore, it gives details on the chip implementation, verification and hardware evaluation. Finally, the chip power dissipation and performance figures are estimated and analyzed.
HARDWARE ACCELERATED CRYPTO-ALGORITHMS
Most security attacks can be prevented with cryptography-based security measures. There are two commonly used cryptosystems: symmetric (shared-key) and asymmetric (public-key) cryptography. Symmetric crypto-algorithms employ a shared secret key. Two communicating parties use the same key to encrypt and decrypt the data.
Compared to public key cryptography, symmetric cryptographic algorithms are faster and computationally less demanding, which makes them the preferable solution in wireless sensor networks. In combination with cryptographic hash functions, symmetric algorithms can be used to generate “fingerprints”, which can guarantee data integrity. However, the problem of the shared key deployment restricts the usage of symmetric crypto algorithms in wireless sensor networks since no central distribution site exists.
TNODE5 includes the on-chip peripherals such as standard serial interfaces (UART and SPI) a 16-bit and a 32-bit timer, digital IO ports, communication and crypto accelerators as well as controllers for the integrated ADC and Flash memory. The chip was designed to fit into a 64-pin package, where all the peripheral pins, except ADC ports, are shared with the general-purpose IO pins. A smaller footprint of the chip provides better integration capabilities and helps reducing the overall size of an assembled sensor node. The architecture of TNODE5 is shown in Figure 2.
IMPLEMENTATION AND VERIFICATION
The difference between the estimated and the final chip size is mainly reasoned by the additional area required by IO pads, the power supply network and the routing constraints. The photo of the TNODE5 layout is given in Figure 4. The TNODE5 has only 64 IO pads (39 digital, 13 analog, and 12 power/ground), which makes it possible to package the chip in a small 64-pin quad-flat-no-leads package (QFN). Furthermore, a very small ball grid array (BGA) package can be used as well.
To answer the security challenges in wireless sensor networks, the TNODE design, a sensor node microcontroller that combines a general-purpose processor with hardware support for both public-key and shared-key cryptography, was integrated on a single chip. The implemented cryptographic techniques provide a high level of security at a minimum cost of additional silicon area and increased static power dissipation. The TNODE5 chip was fabricated in IHP’s 250 nm BiCMOS technology and successfully tested. The measurements confirmed the outstanding performance of the TNODE design in comparison to the existing solutions based on software implementation of cryptographic standards.
Future improvements of the proposed solution should include the design of more complex clock control logic and the implementation of power gating. Also, more robust encryption standards such as AES-256 and SHA-3 are to be implemented. Furthermore, the flip chip technology can be used to minimize the physical size of the sensor node microcontroller to increase its robustness against malicious tampering. Finally, the ECC is to be enhanced with the features preventing advanced side channel attacks.
Authors: Goran Panic | Oliver Stecklina | Zoran Stamenkovic