This example uses an OPTIGA™ Trust M V3 security solution along with a PSoC™ 6 MCU to execute example code to demonstrate the power management routines of the secure element. This example outputs the result and the time taken to perform the operations in a UART terminal.

In a nutshell, the hibernation feature on the OPTIGA™ Trust M means that a host MCU can power down the security solution by removing the power from it, but under certain conditions, the latter can hold all internal temporarily allocated information despite being disconnected from the power line.

The interconnection setup looks like the following:

Figure 1. Connection between PSoC™ 6 host MCU and OPTIGA™ Trust M

View this README on GitHub.

Provide feedback on this code example.

• ModusToolbox™ software v3.1 or later (tested with v3.1)
• Board support package (BSP) minimum required version: 4.0.0
• Programming language: C
• Associated parts:
  • All PSoC™ 6 MCU parts
  • OPTIGA™ Trust M V3

• GNU Arm® embedded compiler v11.3.1 (GCC_ARM) - Default value of TOOLCHAIN
• Arm® compiler v6.16 (ARM)
• IAR C/C++ compiler v9.30.1 (IAR)

• PSoC™ 62S2 evaluation kit (CY8CEVAL-062S2, CY8CEVAL-062S2-LAI-43439M2, CY8CEVAL-062S2-LAI-4373M2, CY8CEVAL-062S2-MUR-43439M2, CY8CEVAL-062S2-MUR-4373EM2)

This example uses the board's default configuration. See the kit user guide to ensure that the board is configured correctly.

Create the project and open it using one of the following:

project-creator-cli --board-id CY8CEVAL-062S2 --app-id mtb-example-optiga-power-management --user-app-name OptigaCrypto --target-dir "C:/mtb_projects"

1. Connect the board to your PC using the provided USB cable through the KitProg3 USB connector.

2. Open a terminal program and select the KitProg3 COM port. Set the serial port parameters to 8N1 and 115200 baud.

3. Program the board using one of the following:

   Using Eclipse IDE for ModusToolbox™ software

   1. Select the application project in the Project Explorer.

   2. In the Quick Panel, scroll down, and click <Application Name> Program (KitProg3_MiniProg4).

   Using CLI

   From the terminal, execute the make program command to build and program the application using the default toolchain to the default target. The default toolchain is specified in the application's Makefile but you can override this value manually:

   make program TOOLCHAIN=<toolchain>
   

   Example:

   make program TOOLCHAIN=GCC_ARM
   

4. After programming, the application starts automatically. Confirm that the following text is displayed on the UART terminal.

   Figure 2. Terminal output on program startup

   

You can debug the example to step through the code. In the IDE, use the <Application name> Debug (KitProg3_MiniProg4) configuration in the Quick Panel. For more details, see the "Program and debug" section in the Eclipse IDE for ModusToolbox™ software user guide.

Note: (Only while debugging) On the CM4 CPU, some code in main() may execute before the debugger halts at the beginning of main(). This means that some code executes twice - once before the debugger stops execution, and again after the debugger resets the program counter to the beginning of main(). See KBA231071 to learn about this and for the workaround.

The code example demonstrates one of scenarios to prepare and make use of the hibernation feature of the OPTIGA™ Trust M security solution. In a nutshell, the host MCU can control the enablement of the hibernation feature on the OPTIGA™ device by sending a corresponding command to the chip over the I2C channel.

Important: To use all features provided by this example, your board should be able to control the power switch of the OPTIGA™ Trust M device. See Resources and settings.

Do the following:

1. Open the application on the security solution as usual.

2. Generate an ECC key pair and store the result in a session object.

   The session object is located in a volatile memory and thus is erased each time the chip is powered off.

3. To enter hibernate mode, the security monitor counter should be 0. Note that the previous step performed a crypto operation that caused the security monitor counter to increment to 1.

   Note: To learn more about the security monitor and its operation, see this Wiki page.

4. Enter hibernate mode and save the communication context on both sides (host MCU and security solution) by closing the application with the hibernate flag set to '1'.

5. Open the application once again with the hibernate flag set to '1'. This restores the old communication context and all temporally stored data on the security solution.

6. Generate an ECDSA signature using the private key from the session object. In normal conditions with no hibernate option used, that would be not possible, because the session object would be empty.

7. Verify the signature using the public key saved in Step 2.

8. Close the application without transitioning to hibernate mode.

Hibernate mode plays a very important role if a shielded communication is used (protected I2C connection). Both the host MCU and the security solution maintain a session context that contains several aspects of the communication. This information is temporally stored on the security solution (the host side can theoretically store it) and is by default erased after every power cycle.

If the hibernate feature is not used, that session context must be established every single time. This leads to a platform-binding secret usage, thus triggering a SEC counter (security monitor counter). If this is triggered too often, eventually every system power-up routine will take a lot of time. The latter would be required because to use the OPTIGA™ Trust M device, the host MCU must wait until the SEC counter reaches a value when a new security relevant operation can be performed.

OPTIGA™ Trust M automatically enters a low-power mode after a configurable delay. This isn't hibernation mode, which can be entered only on demand by sending a corresponding command from the host MCU to the security solution. Once it has entered sleep mode, the OPTIGA™ solution resumes the normal operation as soon as its address is detected on the I2C bus. If no command is sent to the chip, it behaves as show in Figure 3.

1. As soon as the OPTIGA™ device is idle, it starts to count down a "delay to sleep" time (t_sdy).

2. When this time elapses, the device enters a "go to sleep" procedure.

3. The "go to sleep" procedure waits until all idle tasks are completed (e.g., counting down the SEC counter). If all idle tasks are completed and no command is pending, the OPTIGA™ device enters sleep mode.

Figure 3. Go-to-sleep diagram

Infineon provides a wealth of data at www.infineon.com to help you select the right device, and quickly and effectively integrate it into your design.

For PSoC™ 6 MCU devices, see How to design with PSoC™ 6 MCU - KBA223067 in the Infineon Developer Community.

Document title: CE233734 – OPTIGA™ Trust M: Power management

All other trademarks or registered trademarks referenced herein are the property of their respective owners.

© Cypress Semiconductor Corporation, 2023. This document is the property of Cypress Semiconductor Corporation, an Infineon Technologies company, and its affiliates ("Cypress"). This document, including any software or firmware included or referenced in this document ("Software"), is owned by Cypress under the intellectual property laws and treaties of the United States and other countries worldwide. Cypress reserves all rights under such laws and treaties and does not, except as specifically stated in this paragraph, grant any license under its patents, copyrights, trademarks, or other intellectual property rights. If the Software is not accompanied by a license agreement and you do not otherwise have a written agreement with Cypress governing the use of the Software, then Cypress hereby grants you a personal, non-exclusive, nontransferable license (without the right to sublicense) (1) under its copyright rights in the Software (a) for Software provided in source code form, to modify and reproduce the Software solely for use with Cypress hardware products, only internally within your organization, and (b) to distribute the Software in binary code form externally to end users (either directly or indirectly through resellers and distributors), solely for use on Cypress hardware product units, and (2) under those claims of Cypress’s patents that are infringed by the Software (as provided by Cypress, unmodified) to make, use, distribute, and import the Software solely for use with Cypress hardware products. Any other use, reproduction, modification, translation, or compilation of the Software is prohibited.
TO THE EXTENT PERMITTED BY APPLICABLE LAW, CYPRESS MAKES NO WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, WITH REGARD TO THIS DOCUMENT OR ANY SOFTWARE OR ACCOMPANYING HARDWARE, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. No computing device can be absolutely secure. Therefore, despite security measures implemented in Cypress hardware or software products, Cypress shall have no liability arising out of any security breach, such as unauthorized access to or use of a Cypress product. CYPRESS DOES NOT REPRESENT, WARRANT, OR GUARANTEE THAT CYPRESS PRODUCTS, OR SYSTEMS CREATED USING CYPRESS PRODUCTS, WILL BE FREE FROM CORRUPTION, ATTACK, VIRUSES, INTERFERENCE, HACKING, DATA LOSS OR THEFT, OR OTHER SECURITY INTRUSION (collectively, "Security Breach"). Cypress disclaims any liability relating to any Security Breach, and you shall and hereby do release Cypress from any claim, damage, or other liability arising from any Security Breach. In addition, the products described in these materials may contain design defects or errors known as errata which may cause the product to deviate from published specifications. To the extent permitted by applicable law, Cypress reserves the right to make changes to this document without further notice. Cypress does not assume any liability arising out of the application or use of any product or circuit described in this document. Any information provided in this document, including any sample design information or programming code, is provided only for reference purposes. It is the responsibility of the user of this document to properly design, program, and test the functionality and safety of any application made of this information and any resulting product. "High-Risk Device" means any device or system whose failure could cause personal injury, death, or property damage. Examples of High-Risk Devices are weapons, nuclear installations, surgical implants, and other medical devices. "Critical Component" means any component of a High-Risk Device whose failure to perform can be reasonably expected to cause, directly or indirectly, the failure of the High-Risk Device, or to affect its safety or effectiveness. Cypress is not liable, in whole or in part, and you shall and hereby do release Cypress from any claim, damage, or other liability arising from any use of a Cypress product as a Critical Component in a High-Risk Device. You shall indemnify and hold Cypress, its directors, officers, employees, agents, affiliates, distributors, and assigns harmless from and against all claims, costs, damages, and expenses, arising out of any claim, including claims for product liability, personal injury or death, or property damage arising from any use of a Cypress product as a Critical Component in a High-Risk Device. Cypress products are not intended or authorized for use as a Critical Component in any High-Risk Device except to the limited extent that (i) Cypress's published data sheet for the product explicitly states Cypress has qualified the product for use in a specific High-Risk Device, or (ii) Cypress has given you advance written authorization to use the product as a Critical Component in the specific High-Risk Device and you have signed a separate indemnification agreement.
Cypress, the Cypress logo, Spansion, the Spansion logo, and combinations thereof, WICED, PSoC, CapSense, EZ-USB, F-RAM, and Traveo are trademarks or registered trademarks of Cypress in the United States and other countries. For a more complete list of Cypress trademarks, visit cypress.com. Other names and brands may be claimed as property of their respective owners.