EXPERTS IN RF CIRCUIT MINIATURIZATION,
SYSTEM-IN-PACKAGE AND
ANTENNA-IN-PACKAGE
IT'S ALL IN THE PACKAGE !

SHORT RANGE MODULES

SHORT RANGE MODULES

Bluetooth Low Energy (BLE) solutions from Insight SIP are perfectly suited for devices requiring low cost and low power wireless connectivity.
WIDE AREA MODULES

WIDE AREA MODULES

Insight SIP provides low power built-in antennas combo modules with long distance LoRa / NB-IoT connectivity together with short range BLE.
POSITIONING MODULES

POSITIONING MODULES

Insight SiP offers low power built-in antennas modules for various positioning application based on BLE or UWB technologies.
CUSTOM MODULES

CUSTOM MODULES

Insight SiP provides creative packaging solutions to customers who need high integration to meet wireless and portable devices space requirements.

Latest News

Bluetooth Low Energy, LoRa, UWB, Thread, Zigbee, ANT+, NB-IoT & Custom Modules

Insight SIP offers a range of module which are the smallest on the market, allowing our customers to add wireless technologies in the smallest spaces together with a tradeoff of price/performance that suits their needs. This has been achieved using our unique System-in-Package and Antenna-in-Package Technology. Our Module Product range with MCU and Antenna offers the best solution for high volume production with ultra-low power.

Explore our perfect solutions for Internet-of-Things (IoT) smart objects for domotic, fitness, healthcare, industrial, sport, wearable devices ...

WHO WE ARE

WHO WE ARE

Corporate presentation
Who are we ? What do we do ?
MODULE GENERALITIES

MODULE GENERALITIES

BLE, LoRA and UWB
Technologies & Expertise
PRODUCT & ROADMAP

PRODUCT & ROADMAP

Product range & future development
APPLICATION EXAMPLES

APPLICATION EXAMPLES

Some of our customer applications

Ready-to-use Bluetooth Low Energy (BLE), ANT+, Thread, Zigbee, LoRa
and UWB modules

Combo modules combining multiple standards

 Advanced embedded OEM modules: 3G/4G/LTE, Bluetooth, GPS/Glonass, Transfer/Jet, UWB, WiFi, proprietary radio standards, Milimeter-Waves, etc.

 Off-the-shelf modules or customized board designs

 Custom Modules to fit your applications demands

 Fully tested, licensed, qualified and guaranteed

Already designed and approved in more than 1000 products

Connect low power applications to smartphones and tablets

Extremely low-power consumption

Easy to design with

Enable the smallest & the thinnest products

System-in-package approach

Complete wireless engineering service on demand

Security in Short Range Wireless Solutions and Mesh network

Security in Short Range Wireless Solutions and Mesh Networks

There has been an explosion in the use of Short Range Wireless Solutions in recent years, driven principally by the arrival and development of the Bluetooth Low Energy (BLE) standard. Whilst plenty of short range wireless solutions existed previously, their uptake was limited. This was either because they focussed on narrow niches such as Zigbee or ANT or were ill-suited to battery powered or intermittent use such as Bluetooth “classic”. BLE fulfilled the original general “cable replacement” objectives of the original Bluetooth standard. With BLE quickly becoming natively available on phones, laptops and tablets, there was a ready-made market of devices to connect to.

Whilst wireless connectivity brings many advantages, security is one where wireless brings additional weaknesses. A wired connection can be probed or diverted, but it requires physical access and quite visible interference. Wireless connectivity, by contrast, makes it possible to spy on data transfer or inject malicious content remotely and unseen. This article discusses how security in short range wireless is evolving as the solutions – and attacks - become increasingly sophisticated.

BLE security

Most of the early BLE solutions were quite simple point to point connections between one device and another. A BLE connection has two main levels of security - a “pairing process” whereby a secure link is established between two devices and then data encryption for actual data transmission.

Pairing

Pairing is in many ways the weak point of point-to-point connection security and can be open to “man in the middle” attacks, whereby a third-party device connects to the two legitimate devices, and places itself between them, allowing it to spy on or manipulate data. This risk can be reduced via an “out of band” exchange of data for pairing i.e., either manually entering a passcode or exchanging keys via a different channel such as NFC. The downside is increased complexity for the user, and cost of devices. This highlights a key issue when considering security – there is rarely a “right” answer. The challenge is to find the right trade-off between security, useability and cost.

Data encryption

Once a connection is established, then data is encrypted via AES-CCM 128-bit symmetric key cryptography which is generally considered secure. However, this is only true provided the key remains secret. One issue with many simple BLE devices is that they have limited integrated microprocessors with no secure memory storage. Therefore, it is possible for an attacker to temporarily gain access to a device and steal the key for future spying purposes.

Beyond point-to-point connection

Even if we assume that the link is secure, this only establishes a secure point-to-point connection. Newer applications are increasingly more widely connected, and data is ultimately transferred far beyond a simple point-to-point link – perhaps from a device to a cell phone, then up to the cloud, and then onto a further proprietary system. This introduces a vastly enlarged “attack surface” for those of malicious intent.

In such an environment, link level security may no longer be enough. An end-to-end security layer could be required to ensure safe operation. If one considers the example of a medical related wearable, erroneous data could, in extremis, be life threatening. 

End-to-end security considerations

For an end-to-end secure system, there are two major considerations. Encryption is one – that data can pass from one end to the other, but not be readable by anyone even if they had full control of an intermediate relay point. The second is authentication – that data apparently coming from an end device really is indeed coming from that device, and not being injected by a malicious actor, or the reverse.

Encryption & authentication

Encryption is often seen as the principal issue in security, but authentication is often the most crucial step. To illustrate, you might not want people spying on your financial transactions when you use a credit/bank card, but you would probably be far more concerned if someone could easily pretend to be you and access your bank account.

Public/Private Key encryption methods provide the means to both authenticate and secure a transaction. Encryption with the public key of the receiver means only they can decode it. Encryption with the private key of the sender means anyone can validate the sender’s identity.

Unfortunately, in the security realm, solving one problem often leads directly to simply creating another. In this case, the immediate issue that arises is how you exchange and store keys securely. 

Secure element

The ultimate solution for key storage is to use a hardware “secure element” that is programmed in a secure factory by a trusted partner. This approach has been applied successfully in smartcards to protect bank cards and in SIM cards to limit access to the cellular networks.

Block diagram of “a secure processor”

 

Unfortunately, this solution is only applicable directly to systems that are produced in extremely large quantities by a small number of multi-national digital security companies. Clearly, transposing this to the world of short-range communication poses several issues related to the fragmentation of the market, with many products and industry players.

TrustZone

Whilst the older generation of wireless devices were typically entirely open, newer generations of product integrate additional security features into the system. Amongst other things, ARM’s “TrustZone” includes a secure key unit. Here, a key storage unit and cryptographic services are held in a secure part of the processor. In practice, this means keys can be put in, but once inside cannot be read out, and cryptographic operations are carried out inside the secure part. 

 

Block diagram of a BLE + secure element. “BLE module with integrated secure element. Interface with the secure element is only via predefined functions/operations”

 

The “trust zone” can be considered the first step in improving security from zero towards the ultimate “smartcard” level. Nevertheless, it suffers from being implemented in standard silicon without specific hardware protection against key reading through side channels, such as power fluctuations. It is also arguably too flexible, meaning inexperienced designers may leave security flaws through mistakes.

Security next steps

The next step towards security is to add a hardware secure element that would act much in the same way as the secure element in a smartcard. Here the issue is to manage the provisioning of keys in such a way as to be relatively secure without the high overhead of the secure “Fort Knox” trusted factory.

Future chipsets and modules will certainly have a higher level of security than is currently the norm. Key storage solutions will be included that are based on embedded zones in the communication SoC or on a companion hardware secure element. Provisioning of keys will also evolve to satisfy the needs of different levels of security whilst avoiding the cost and complexity of the approach used in the smartcard industry.

Mesh network security challenges

Mesh networks provide additional challenges for security architecture because, by design, their aim is to make it easy to add devices to networks including “SmartHome” networks. The risk is that a malicious hacker could find a way to join a device to the network, then cause damage, gain entry, or adopt devices for a denial-of-service attack.

Mesh networks can be particularly vulnerable because they can have universal network keys. So if this key is obtained, free access is available. In such a system, key storage becomes critical because even if an intruder has temporary access to a device, the keys remain hidden.

Secure Boot process

Over-the-air updates are a common feature of the latest generation of wireless devices, offering another line of attack for hackers. This is protected against by a Secure Boot process which verifies firstly, that on startup, the code to be loaded has not been changed since the last Boot, and secondly, that any update package contains the correct digital signature to authenticate the origin of the code. Many newer generation devices integrate Secure Boot processes into the hardware.

Integrating security into wireless devices

Ultimately, security is always a trade-off. Adding security features will variously add cost, design complexity, degrade performance characteristics including throughput, power consumption and useability. This is especially pertinent for small wireless devices, which often aim to be low cost, and are part of devices with simple, limited interfaces. Nevertheless, as the sophistication and connectivity of wireless devices grow, so does the interest of malicious hackers. It is an ongoing challenge for wireless designers to respond.  

 By: Nick Wood, Sales & Marketing Director, Insight SiP

   

 

ISP4580 Lora & BLE Multi Sensor

Long Range LPWAN and BT5 Wireless Accelerometer, Humidity, Temperature, Barometer and Light Sensor

  • Based on Insight SiP 4520 Module
  • LoRa and BT v5.0 tranceivers
  • 32bit ARM Cortex M4F CPU with 512KB Flash and 128KB RAM
  • Fully integrated RF matching and Antennas
  • Integrated 32 MHz and 32.768 kHz Clocks
  • Low Power 3-Axis Accelerometer Detection
  • Low Power Temperature/Humidity Detection
  • Low Power Barometer Detection
  • Low Power Light Detection
  • Programmable controlled mini LEDs
  • USB port interface
  • Power supply on coin cell battery CR2032 or with USB interface
  • Temperature -25 to 85 °C

ISP4580
       43.5 x 30 mm²

Sensor Variants

ISP4580 is an autonomous low-power device for wireless acceleration, temperature, humidity, barometer and light detection and transmission. Overall size of the device is 43.5 x 30 mm² (74.8 x 55.3 mm² if using extended ground plane).

The host processor that handles the autonomous sensor application, the BLE protocol stack, the LoRa drivers and the communication with the sensors is a low power 32-bit MCU (ARM Cortex-M4F based), integrating 512 KB Flash memory and 128 KB RAM.

The complete device makes use of Insight SiP ISP4520 BLE & LoRa module together with low power 3-axis Accelerometer, Temperature / Humidity and Barometer and Light sensors connected to a primary button cell battery CR2032.The ST Micro LSM9DS1 3-axis linear accelerometer / magnetometer is used to detect acceleration and is combined with the ST Micro LPS22HB Barometer, the LITEON LTR-303ALS Light sensor and the SHTC3 Sensirion Humidity / Temperature sensors. 3 mini-LEDs are also part of the board and are available to be controlled by software.

ISP4580-EU

 

Europe Variant
863-870 MHz
14 dBm

ISP4580-US

 

USA Variant
902-928 MHz
22 dBm

ISP4580-JP

 

Japan Variant
920-923 MHz
14 dBm

Development Tools

In order to assist clients in developing their LoRa + BLE Smart solutions based on the ISP4520, Insight SIP offers Test Boards, proposed as stand alone PCBs, or included in Evaluation Boards which provide full hardware and software development environment. Used as stand alone solution, Test Boards also offer test points for all IOs and can be used in conjunction with Nordic Development kits and external J-Link programmers.

Development Kit

Europe
ISP4520-EU-DK
USA
ISP4520-US-DK
Japan
ISP4520-JP-DK

Tx Test Board - Mote

Europe
ISP4520-EU-TB
USA
ISP4520-US-TB
Japan
ISP4520-JP-TB

Rx Board - Gateway

Europe
ISP4520-EU-GW
USA
ISP4520-US-GW
Japan
ISP4520-JP-GW

Contents
  • One Interface Board with integrated J-Link OB JTAG/SWD Emulator
  • One Tx Test Board / Mote
  • One Rx Test Board / Gateway
  • Cables
  • Firmware codes for both Mote & Gateway - Mote is sending temperature sensor data - Gateway is receiving data and is transferring through USB port com
  • Including LoRaWAN stack ported on nRF52 platform
Contents
  • The Tx Test Board / Mote consists of a module mounted on a PCB for prototyping and testing purpose
  • It includes a connection to the Insight SiP Interface Board provided in ISP1807 Evaluation Boards
  • It also offers test points for all IOs and can be used in conjunction with a Nordic Development kit through the “Debug” connector or an external J-Link programmer
Contents
  • The Rx Test Board / Gateway consist of a PCB integrating an ISP4520 module and a USB plug for connection to a PC port com
  • It enable to communicate with a Tx Test Board / Mote in a point to point connectivity mode through LoRa standards

Documentation

DATA SHEET - Sensor Board ISP4580
DATA SHEET - Module ISP4520
APPLICATION NOTE - Sensor Board ISP4580

Certifications

Most of certification are pending ...

Design Information

LIBRARY - Source Code ISP4580 Sensor Demo
LIBRARY - Source Code ISP4520 Examples
SCHEMATIC - Sensor Board ISP4580

Related Information & Products

WHO WE ARE

WHO WE ARE

Corporate presentation
Who are we ? What do we do ?
MODULE GENERALITIES

MODULE GENERALITIES

BLE, LoRA and UWB
Technologies & Expertise
PRODUCT & ROADMAP

PRODUCT & ROADMAP

Product range & future development
APPLICATION EXAMPLES

APPLICATION EXAMPLES

Some of our customer applications

SHORT RANGE MODULES

SHORT RANGE MODULES

Bluetooth Low Energy
LPWAN MODULES

LPWAN MODULES

LoRa & NB-IoT
POSITIONING MODULES

POSITIONING MODULES

UWB & BT5.1
CUSTOM MODULES

CUSTOM MODULES

Design & Production Service

Technology Partners

Insight SiP optimizes the technology choices to meet customer requirements in terms of size, cost and time-to-market. The design & manufacturing of highly integrated RF systems and sub-systems proposed by Insight SiP is based on:

  • System in package approach
  • Ability to integrate any technology: PCB, LTCC, Thin film, Thick film…
  • Major semiconductor manufacturers

Insight SiP has access to world leaders design rules for each SiP manufacturing technology and packaging, allowing us to select the most effective combination of process and production partner for each project we are working on:

  • Assembly
  • Laminate
  • IPD
  • LTCC
  • Design Houses

More about
Amkor
. . .
More about
AT&S
. . .
More about
Beckermus
. . .
More about
DT Microcircuits
. . .
More about
EnSilica
. . .
More about
E-tec
. . .

More about
Ipdia
. . .
More about
Infineon
. . .
More about
Kinsus
. . .
More about
Kyocera
. . .
More about
Spil
. . .
More about
ST Microelectronics
. . .

More about
Subtron
. . .
More about
Teledyne e2v
. . .
More about
Tong Hsing
. . .
More about
Unimicron
. . .
More about
Unisem
. . .

  • 1
  • 2
  • 3
  • 4
  • CONTACT US

    Insight SiP
    GreenSide, Bat.7, Entree2,
    400 Avenue Roumanille, BP 309
    F-06906 Sophia–Antipolis FRANCE

    Phone: +33 (0) 493 008 880

    Privacy Policy :: Legal Notice

    OFFICE

    NEWSLETTER

    Please enable the javascript to submit this form