Winbond’s W77Q TrustME® Secure Flash memory provides a secure storage solution for systems with limited space, pins, and power, that meets Common Criteria EAL 2+ Security Certification requirements.
SEARCH FOR THE PRODUCT SPEC
W25Q NOR Flash Drop-in Replacement with Advanced Security
The W77Q Secure Flash memory is a W25Q NOR Flash drop-in replacement, offering advanced security, flexibility, high reliability, and performance well beyond ordinary NOR Flash devices. The W77Q series provides substantial levels of security as defined by various Cybersecurity regulations, which are optimized for consumer IoT, Industrial IoT, critical infrastructure equipment, MFP, Industrial PC, and server applications.
PQC Support and Secure Supply Chain Management
The W77Q series in densities of 256Mb, 512Mb, and 1Gb are the cutting-edge technology, supporting asymmetric key cryptography algorithm and enabling devices to facilitate both Secure OTA with asymmetric PQC signatures and Secure Supply chain via LMS-OTS (NIST 800-208). Winbond is proud to be the first memory vendor to integrate PQC, meeting the requirements of the emerging regulations and setting a new standard in the industry. These devices are optimally designed for applications in Industrial IoT, networking, servers, and critical infrastructure applications.
These W77Q devices support high-performance Quad-SPI at 166MHz2), extended Replay Protected Monotonic Counters (RPMC) with 8 counters for PC-based implementation. The 512Mb and 1Gb devices enable simultaneous read and write options enhancing operational efficiency for software OTA operation.
Main Features and Security Level
Winbond’s W77Q series supports Single, Dual, and Quad SPI as well as QPI modes of operation, running at up to 133 MHz3). Dual Transfer Rate (DTR) is supported at rates up to 66 MHz3). The W77Q series is Serial SPI NOR Flash based on the popular W25Q family and 100% drop-in replacement for SPI Flash. The advanced security features include:
- Root of trust and secure boot
- Code and Data Protection
- These devices offer robust protection for both code and data, making it exceedingly difficult for hackers to tamper with critical information.
- Authentication
- Winbond Secure Flash devices employ stringent authentication protocols, ensuring that only authorized actors and software layers gain access.
- Secure Software Updates with Rollback Protection
- The devices facilitate remote secure software updates while safeguarding against roll-back attacks, ensuring that only legitimate updates are executed, leveraging Post-Quantum Cryptography, LMS2) (NIST800-208)
- Platform Firmware Resiliency
- Unauthorized code changes are automatically detected, enabling the system to recover to a secure state and disturbing potential cyber threats. Platform Resiliency of Winbond Secure Flash follows NIST 800-193 recommendations.
- Secure Supply Chain Based
- Winbond's Secure Flash devices guarantee the origin and integrity of flash content throughout the supply chain. This prevents content tampering and misconfiguration during platform assembly, transportation, and configuration, safeguarding against cyber adversaries.
- Secure Supply Chain based on LM-OTS2)
- Extended RPMC2)
- Certified secure memory providing Trusted and Proven Solution
- ISO 15408 Common Criteria EAL 2+
- SESIP Level 2 (with IEC 62443 and NIST 8259A Ready).
- FIPS 140-3 CMVP1) and CAVP
- ISO 26262 Functional Safety ASIL-C Ready3)
- ISO21434 Automotive Cybersecurity3)
Remark:
- Security and Safety assessment by independent laboratories
- 1) In progress 2) 256Mb-1Gb densities only 3) 16-128Mb densities only