Winbond Electronics has extended its family of certified TrustME Secure Flash memory chips by introducing the W77Q series for IoT and smart connected consumer and industrial devices.

The W77Q provides hardware root-of-trust and secure, encrypted data-storage and data-transfer capabilities. By ensuring robust, end-to-end security in IoT devices it enables:

  • Secure code updates, including over-the-air updates, via an end-to-end secure channel between an update authority and the W77Q even when the host processor or SoC has been compromised.
  • Secure boot and root-of-trust
  • Authenticated and encrypted data transfer between the Flash device and the host
  • Secure Execute-in-Place (XiP) of boot and application code
  • System resilience, supporting the key security functions of protection, detection and recovery

The W77Q series products are supplied in industry-standard packages and pin-outs, and feature a standard single/dual/quad/QPI serial peripheral interface (SPI). This means that they can be used as a simple drop-in replacement for non-secure SPI NOR Flash devices.

The W77Q and W75F are designed to cover the whole range of assurance levels mandated by the European Cybersecurity Act and other regulations. The W77Q is intended for use in consumer and industrial devices which need the security functions required for compliance with the Substantial and Basic assurance levels specified in the Act. The W77Q supports conformance to the Common Criteria EAL2, SESIP and Arm® Platform Security Architecture (PSA) security specifications.

The W75F is certified for Common Criteria EAL5+, which means it is suitable for use in payment and communications devices, and in applications requiring the High assurance levels specified in the Cybersecurity Act.

Comprehensive security functionality

The W77Q offers the secure storage and data-transfer capabilities needed to protect IoT devices and user data. Its main security features include:

  • Hardware-based Root-of-Trust engine
  • TCG DICE-like device attestation
  • Cryptographically secured Write protection
  • Secure code updates with roll-back protection
  • Secure boot from Flash
  • Authenticated watchdog timer

Secure interface:

  • End-to-end encrypted and authenticated data transfer
  • Replay Protection Monotonic Counter (RPMC)

Incremental Security

  • Fail-safe (in-field) configuration updates
  • Secure symmetric key management

Secure unique device ID

The W77Q also provides the high speed, long data retention and strong data integrity of Winbond’s standard SPI Flash memory ICs. Its specifications include:

  • 66MHz operating frequency at Double Transfer Rate/133MHz at Single Transfer Rate
  • 20 years’ data retention
  • 100,000 Program/Erase cycles
  • Wide operating temperature range of -40°C to 105°C