RP2350 A4, RP2354, and a new Hacking Challenge
RP2350, our second-generation microcontroller, is very nearly a year old. Since August last year, we’ve sold over half a million Pico 2 and Pico 2 W boards, and RP2350 itself has found its way into countless third-party products, from secure displays to development boards to synthesisers.
Like any silicon device, RP2350 wasn’t perfect on day one. The launch stepping, designated A2, is affected by a number of errata, including an error in the GPIO pad design which prevents pads from properly going into a high-impedance state (Erratum 9), and a number of security issues identified by participants in our RP2350 Hacking Challenge. Today, we’re happy to announce the immediate availability of a new A4 stepping, which addresses the vast majority of these issues.
To coincide with the availability of the A4 stepping, we’re also launching RP2354: pin-compatible variants of the 60-pin RP2350A and 80-pin RP2350B parts with 2MB of flash memory in-package. Each RP2354 part costs just 20 cents more than the equivalent RP2350 part.
And finally, we have another RP2350 Hacking Challenge, offering a $20,000 prize for a practical side-channel attack on the power-hardened AES library that underpins our decrypting bootloader.
What is fixed in A4?
Firstly, and most importantly for general users, we’ve fixed Erratum 9. A small tweak was applied to the pad macro to eliminate the undesirable leakage in the high side of the pad; this leakage gives rise to the large negative-going excursion in the current-against-voltage trace for A2 below. As a result, external resistors are no longer required to pull inputs low, though they may safely be retained in existing designs.
Errata 20, 21 and 24 are boot ROM security vulnerabilities discovered in the course of the RP2350 Hacking Challenge. These have been fixed in the A4 boot ROM, which, in addition, implements a variety of new defensive strategies to reduce the likelihood of future exploits. We have also taken this opportunity to fix a number of minor functional errata in the boot ROM.
Erratum 16 is a security vulnerability, again discovered in the course of the RP2350 Hacking Challenge, which relates to the behaviour of the OTP when power is removed during a read operation. This has been fixed through changes to the wrapper circuitry surrounding the OTP macro.
Erratum 3, which relates to the behaviour of the GPIO_NSMASK registers on 60-pin RP235x parts, has also been fixed.
What isn’t fixed in A4?
One of the winners of the Hacking Challenge exposed a vulnerability in the OTP bit array itself. Using a technique called Passive Voltage Contrast, they were able to painstakingly, and at significant expense, read out the bitwise OR of pairs of adjacent bits stored in the OTP; in principle it may be possible to extend this attack to retrieve the complete contents of the OTP.
This vulnerability is not fixed in the A4 stepping. An upcoming application note will describe how to store secrets in OTP so as to mitigate both the current vulnerability and a hypothetical future attack which can achieve complete readback.
We have not fixed a number of other non-security errata, for which workarounds exist, and where a fix would require complete reimplementation of the design.
Anatomy of a metal spin
The A4 stepping is what we call a metal spin: the functional changes, including the updated boot ROM, are implemented by modifying some of the layers of wiring that connect the gates in the design. This visualisation shows all the locations in which A4 differs from A2; the dense block of changes at the bottom of the die implements the updated boot ROM.
Zooming in, here is the implementation of an individual fix (in this case, part of the OTP security hardening required to address Erratum 16).
Frequently asked questions
How do I know whether I have an A2 or an A4?
The stepping identifier can be found on the top of the package, as shown below.
Is A4 software-compatible with A2?
Yes. We have made a few minor changes to version 2.2.0 of the Pico SDK and to Picotool to support the A4 stepping.
Will you EOL the A2 stepping?
We have already ceased production of A2, moved all production to A4, and withdrawn the remaining inventory of A2 from channel. A4 is a drop-in replacement for A2, and customers should not experience any issues migrating to A4.
What happened to A3?
A3 was an intermediate stepping used to qualify a subset of the fixes present in the A4 stepping.
Will there be a PCN in PIP?
You can find the product change notice for the A2 to A4 transition here.
Will Pico 2 products switch to A4?
Eventually all Pico 2 products will use the A4 stepping. While the A3 stepping will not be made available to silicon customers, approximately 30,000 units of A3 inventory will be used to build Pico 2 and Pico 2 W products.
Did you change the pinout or package design with A4?
No: the A4 stepping is only an update to the metal layers of the RP2350 die.
Do I still need to use the Abracon polarised inductor and Abracon crystal with A4?
Yes: please keep following our hardware design guide and reference BOM/layout.
Will there be an A5?
We have no current plans for an A5 stepping. Over time, it is possible that more security vulnerabilities or functional issues will be found, at which point we will react appropriately.
RP2354: stacked flash for smaller-footprint applications
Our microcontrollers have always relied on external flash memory, connected over a QSPI bus, for non-volatile storage. While using an external package maximises capacity and vendor flexibility for our customers, that flexibility comes at a cost in sourcing effort and PCB area. RP2354 stacks a Winbond 16Mbit (2MB) flash die in-package, providing a simple solution for customers who require a modest amount of storage at an incremental cost of $0.20 per unit.
The complete price structure for our microcontroller products is summarised in the table below. 7-inch reels of each product contain 500 units; 13-inch reels contain either 3,400 units (RP2040, RP235xA) or 2,500 units (RP235xB).
| Single unit | 7-inch reel | 13-inch reel | |
| RP2040 | $1.00 | $0.80 | $0.70 |
| RP2350A | $1.10 | $0.90 | $0.80 |
| RP2350B | $1.20 | $1.00 | $0.90 |
| RP2354A | $1.30 | $1.10 | $1.00 |
| RP2354B | $1.40 | $1.20 | $1.10 |
RP2350 Hacking Challenge redux
Last year’s RP2350 Hacking Challenge was so much fun that we thought we should celebrate the launch of A4 with another one. This time we’re challenging you to find a practical side-channel attack on our hardened implementation of the AES cipher, which is used to decrypt firmware images into internal SRAM at boot time.
Once again, we’ve teamed up with Thomas “stacksmashing” Roth and the Hextree.io team to set the rules of the contest.
One more thing
Those of you interfacing RP2350 to retro computer hardware will be pleased to hear that, after an extensive qualification campaign, RP2350 is now officially 5V tolerant!
Just make sure to keep VDDIO powered when 5V is applied to any GPIO pad, otherwise the pad will be damaged. And be sure to read the relevant sections in the updated datasheet.
The post RP2350 A4, RP2354, and a new Hacking Challenge appeared first on Raspberry Pi.
from News - Raspberry Pi https://ift.tt/vPfwB3S
Comments
Post a Comment