Secure SOC for Security Aware Applications
By Rajesh Gupta, Green IP Core
Security is a two-way sword, increasing the security makes user difficult to access the chip and increasing user access increases chances for the chip to be hacked.
With the increase of need to make application secure and provide security to the content inside the chip from the external world and provide robust security from user to user ranging from developers at different stages to the user using the applications and hackers attacking the chips in different ways to gain access to internal secrets and firmware to duplicate the device or disturb the device functions.
The Solution for a secure system need to be complete in a way that it can provide easy ways for users to access the chip and ease to develop solutions and on the other side it need to be designed in a way that it hides secrets inside chip in a way that none of the user paths can access in any stage or the device be it at deployment stage to all the way to access stage to validate users, packets, signature or decrypt or encrypt the messages rolling around.
If the Secret key is rolling around, it can be accessed easily by implanting a bug in firmware or extracted out when it is being travelling on the internal bus system.
Access to enable debug is also gained by using Different attacks methods. Even if gained, it should have multi level security to block access to internal secrets.
A bug in the system software to enable any of such hack can be easily implanted by getting it through the user firmware update or installation path complied on same development environment which is provided by chipmaker or by just gaining access by enforcing bundles of request to block up the internal Security IPs sitting on the same backbone interfaces.
The SOC infrastructure we provide is one of its kind which isolates user access paths from the secure infrastructure implanted inside the chips be it from internal flash path or the external memory storing the encrypted secrets. Without putting a separate bus system. This also give options for Multilevel Security and Multilevel Access.
This infrastructure also blocks DPA and SPA analysis of Data. It is also resistant for Fault attacks and EMP Attacks.
It can detect event of Fault Attacks, EMP Attacks, Clock Glitch and Variations in Temperature and Voltage using Digital Methods and Enforce Security. Also, can Flag to system to take Immediate actions to enforce security.
The keys can be programmed once before the Boot using Secure Key Transfer Methods or Puff based Implementations. The Infrastructure is advance enough to understand a Hacking event verses a User Access Event. And can successfully block a hacker event even if accessed by a valid key.
These IP Blocks can be used to enable Hardware Security Level Isolations within a SOC without creating Separate Secure Infrastructure inside SOC.
One can use them to enable region based security by configuring these blocks with Master IDs, Session IDs, Region Access permissions over the secured channel.
These IPs are built with Resistance to tackle Harsh Hacking Environments and Take appropriate action to secure internal property of the device and the users.
For More Information, please contact us with your requirement at start@greenipcore.com
If you wish to download a copy of this white paper, click here
|
Green IP Core Hot IP
- Security Gasket to hide transaction to range of addresses for SPA and DPA and se ...
- Security Gasket to hide transaction to range of addresses for SPA and DPA and se ...
- FIFO capable of working in Highly Noisy environment, giving silicon ultimate sta ...
- I3C Master and Slave Dual Role Controller
- This is a Generic fifo with configurable Depth, Configurable Width and Different ...
Related Articles
- Why network-on-chip IP in SoC must be physically aware
- Add Security And Supply Chain Trust To Your ASIC Or SoC With eFPGAs
- Building security into an AI SoC using CPU features with extensions
- Setting up secure VPN connections with cryptography offloaded to your Altera SoC FPGA
- Secure Mobile Payments - Protecting display data in TrustZone-enabled SoCs with the Evatronix PANTA Family of Display Processors
New Articles
- Quantum Readiness Considerations for Suppliers and Manufacturers
- A Rad Hard ASIC Design Approach: Triple Modular Redundancy (TMR)
- Early Interactive Short Isolation for Faster SoC Verification
- The Ideal Crypto Coprocessor with Root of Trust to Support Customer Complete Full Chip Evaluation: PUFcc gained SESIP and PSA Certified™ Level 3 RoT Component Certification
- Advanced Packaging and Chiplets Can Be for Everyone
Most Popular
- System Verilog Assertions Simplified
- System Verilog Macro: A Powerful Feature for Design Verification Projects
- UPF Constraint coding for SoC - A Case Study
- Dynamic Memory Allocation and Fragmentation in C and C++
- Enhancing VLSI Design Efficiency: Tackling Congestion and Shorts with Practical Approaches and PnR Tool (ICC2)
E-mail This Article | Printer-Friendly Page |