Client & Product
Winbond is a Memory Integrated Circuit company engaged in design, manufacturing and sales to provide its global customers with top quality memory products. Winbond has developed a new type of secure flash memory device for mobile devices called TrustME™
is a secure flash memory device dedicated to the protection of non-volatile information in terms of confidentiality and integrity. It is a stand-alone solution that can complement the main two options to guarantee security in mobile applications: the Secure Element (SE)
and the Trusted Execution Environment (TEE)
Acting as external memory for the SE, TrustME™ brings in data transfer speed and storage capacity (4Mb) for mobile applications that need a higher level of assurance, like payments.
As part of a TEE implementation, it can solve the problem of secure storage of key data for mobile applications such as corporate identification, premium content, automotive and internet of things (IoT).
Winbond wanted to be the first company to bring a flash memory device to the market that had a Common Criteria1 certificate with a security assurance level comparable to those of secure chips used in smartcards and uSims. To do so, Winbond needed a security laboratory with:
- Proven experience in Common Criteria evaluations with high-level assurance
- The expertise to overcome the technical difficulties of evaluating new kinds of products without a pre-existing evaluation process (AVA and PenTests)
- The capacity to speed up the evaluation while maintaining high quality standards.
Winbond trusted Applus+ Laboratories to conduct an EAL 5+ Common Criteria Security Evaluation
of TrustME™. As a lab, Applus+ is accredited by the CCN (Spanish National Cryptographic Body) to conduct Common Criteria evaluations (up to EAL 5+) with SOGIS recognition. Applus+ Laboratories is also an active member of JHAS, the working group that discusses new attacks applicable to smart card and similar devices products.
Thanks to its previous experience in security evaluations of similar technologies like secure chips, Applus+ was able to undertake the main technical challenges of the evaluation:
- Understand the security architecture of this new kind of product, analyze its vulnerabilities and develop a test plan to attack them.
- Develop a new test environment: in order to conduct the devised functional and penetration test plans, a new test environment was required. Applus+ validated and adapted Winbond’s test environment, and developed additional test tools and scripts in order to conduct new kind of attacks.
Applus+ Laboratories conducted a security evaluation of this secure memory device after only 6 months, while evaluation times offered in the market for products with an existing protection profile are up to a year. The main key factors to speed up the evaluation process included:
- The coordination and full commitment of all three parties involved: The developer (Winbond), the laboratory (Applus+) and the Certification body (CCN)
- Applus+ involved a multidisciplinary team lead by a project manager to address and speed up the Vulnerability Analysis and the PenTest campaign: crypto, hardware, etc.
- Applus+ identified non-core evaluation phases that could turn into project delays and conduct preliminary actions to identify possible risks, so Winbond to apply corrective actions in advance;
- Preliminary review of the documentation to check that EAL 5+ requirements were met in order to avoid paperwork problems, particularly on the most critical parts (ADV, ATE and ALC).
- Pre-audits of all the manufacturing sites to ensure they comply with Minimum Site Security Requirements (MSSR) before the final audit with the Certification Body.
Rachel Menda-Shabat, Winbond, Director of Security Certification
“Applus+ has been able to successfully conduct a high-quality and strict evaluation while meeting the ambitious schedule proposed in the project kick-off. An Applus+ focal point has led the project coordinating all the parts involved, in order to agree on the evaluation approach and the resolution of possible inconsistencies as soon as they were detected. We received intermediate results and constant feedback at every stage of the evaluation, reducing unnecessary iterations and reducing response times that typically delay security evaluations”.
1 Common Criteria (CC) is a versatile, internationally-recognized and very strong security standard applicable to all kinds of IT products. CC certification is based on seven evaluation assurance levels (EAL).