ba470 - esecure v2.0 w - silex insight€¦ · the esecure ip is a complete standalone module that...
TRANSCRIPT
SILEXI N S I G H T
SINGLE MODULE FOR SoC SECURITY
www.silexinsight.com
eSecure
The eSecure IP is a single subsystem for SoC/ASIC/FPGA to address
key security challenges, playing the role of Root-of-Trust. The
module is highly flexible and fits all applications of the
heterogeneous Internet-of-Things ecosystem, from the
ultra-low power sensor to the connected car.
ANSWER ALL YOUR SECURITY NEEDS
www.silexinsight.com
Best-in-class Security• No external devices & no additional components - Easier to interfere a communication between 2 components if physical access to the device
• Keeps the typical “secure key storage” - Even without embedded Flash
Broad Range of High Performance Cryptos• Ideal for network packet encryption or crypto offloading
• Includes a AXI DMA interface to the Host memory space - Keeping the key hidden from the host CPU
Cost Effec�ve• Lower product cost, replacing many discrete components with one chip
• Less components = reduced inventory cost
Easy integra�on • No security chip needed on the board so straightforward implementation
Scalable & Flexible• Customizable - No fixed configurations & performances
• Supports a very broad and recent crypto functions - It can also be configured to have the appropriate trade-off between resources and performances for specific customer applications
Secure OTA Updates• Lifecycle management
• The eSecure IP can be updated using secure SW update Over-the-air (OTA) without reloading new keys
• New features/updates/removal can quickly be implemented
Small Footprint• Reduced board area, board layers
• Less complexity at the PCB level
Time-to-market Accelera�on• Smooth integration of the eSecure IP
• No need for a new chip for new features/updates/removal - OTA available
Secure Debugging• Authenticate and protect in-the-field
• Perform secure failure analysis/RMA - Certificate based - Set permissions levels - Public key cryptography
Secure Boot• Execute authenticated and trusted software
• Prevent malicious code execution
SECURE ANY APPLICATION
PAYMENT INDUSTRIAL
AUTOMOTIVE
WEARABLESEMBEDDEDNETWORKHEALTHCARE
CONNECTEDHOME
SMART CITY CLOUD
SMART METERING
DEFENCE
The eSecure IP is a very efficient solution to enable any secure application on chip. The hardware module shielded from the main proces-
sor brings a high level of security. Also the hardware offloading of the cryptographic operations from the main processor to the eSecure
module guarantees a low power operation. The eSecure module is tuned to the target application in terms of feature and performance.
BUILT FOR YOUR SPECIFIC NEEDS
CONFIGURABLEInclude features as needed
SCALABLEDefine performance and footprintdepending on your requirements
CUSTOMIZABLEAdapt to your specific needs
The eSecure IP is a complete standalone module that enables security applications by shielding the secret information from the
non-secure application running on the main processor. The firewall prevents any unauthorized access to the secret data. The secure
controller embedded in the eSecure module keeps full control of the execution of the security functions. In some designs, the secure
controller can be optionally virtualized in the host processor.
SoCIntegration
Mai
lbox
(es)
Secure KeyStorage
Side-ChannelAttack Protections
Secure DebugInt/protocol
PUF Anti-tampering
Tap Controller
DMA
Secure Storage, Other Peripherals...
Peripherals
RAM
RAM
Host CPUs
eSecure Library
PSA functional
API
eSecure
Secure Boot
PrivateInterfaces
SILEXI N S I G H T=
Crypto Cores (wide range)+ PQ Crypto
Secure CPU
AUTOSARCrypto Driver
API
eSECURE IP MODULE
WE'VE GOT YOUR SECURITY COVERED!
Global sales offices
Worldwide customer base
Founded in 1991
Silex Insight = Silicon experts with know-how
Expertise on PCB design, FPGA and ASIC
Design Services to fully develop to your needs
Tel: +32 10 45 49 04E-mail: [email protected]
Web: www.silexinsight.com
Silex Insight Rue Emile Francqui 11, 1435 Mont-Saint-Guibert, Belgium
www.silexinsight.com
SILEXI N S I G H T
Product sheetBA470 - eSecure module for SoC security
V2.1
Secured System-on-Chips (SoC)Proven Root-of-Trust for use in ASICs
• Execute authenticated and trusted software• Prevent malicious code execution
Authen�cate your code at run-�meSecure so�ware update (Field upgradable)An�-rollback protec�on
Secure boot
• Achieved with strong cryptographic algorithmsConfiden�ality & authen�city
Secure key provisioning• Key revocation
Secure Storage of Secret Informa�onConfidentiality and authenticity is guaranteed
• In protected and unprotected storageStore secret assets
Side-channel A�ack Protec�onProtect against external physical attacks
• Public Key Accelerator • SM4Unique efficiency DPA countermeasures
• Multiple tamper detection mechanisms• Configurable depending on threat model• Digital sensors
An�-tampering
Secure Communica�onOnly using the most secure and latest algorithms
TLS/DTLS (TLS/SSL 1.2/1.3)
IPsec and MACsec
Thread networking, Apple HomeKit,Bluetooth, Zigbee and more
• Certificate based• Set permissions levels• Public key cryptography
Secure DebuggingAuthenticate and protect in-the-field
Perform secure failure analysis/RMA
Device rights managementA�esta�onDevice decommissioning
Device Unique Iden�tyPrevents counterfeiting and cloning
• Uniquely identify each manufactured part• Authenticate your device
Iden�fy and trust your devices
• AES
Part
No: M
KTSI
0011
-EN
V2.1
San Jose, CA, US
London, UKBRUSSELS, BELGIUM
Tokyo, Japan
Taipei, Taiwan
Shanghai, China
Seoul, South KoreaHQ
Tel-Aviv, Israel
SILEX INSIGHT Sales Offices