SILEXI N S I G H T

SINGLE MODULE FOR SoC SECURITY

www.silexinsight.com

eSecure

The eSecure IP is a single subsystem for SoC/ASIC/FPGA to address

key security challenges, playing the role of Root-of-Trust. The

module is highly flexible and fits all applications of the

heterogeneous Internet-of-Things ecosystem, from the

ultra-low power sensor to the connected car.

ANSWER ALL YOUR SECURITY NEEDS

www.silexinsight.com

Best-in-class Security• No external devices & no additional components - Easier to interfere a communication between 2 components if physical access to the device

• Keeps the typical “secure key storage” - Even without embedded Flash

Broad Range of High Performance Cryptos• Ideal for network packet encryption or crypto offloading

• Includes a AXI DMA interface to the Host memory space - Keeping the key hidden from the host CPU

Cost Effec�ve• Lower product cost, replacing many discrete components with one chip

• Less components = reduced inventory cost

Easy integra�on • No security chip needed on the board so straightforward implementation

Scalable & Flexible• Customizable - No fixed configurations & performances

• Supports a very broad and recent crypto functions - It can also be configured to have the appropriate trade-off between resources and performances for specific customer applications

Secure OTA Updates• Lifecycle management

• The eSecure IP can be updated using secure SW update Over-the-air (OTA) without reloading new keys

• New features/updates/removal can quickly be implemented

Small Footprint• Reduced board area, board layers

• Less complexity at the PCB level

Time-to-market Accelera�on• Smooth integration of the eSecure IP

• No need for a new chip for new features/updates/removal - OTA available

Secure Debugging• Authenticate and protect in-the-field

• Perform secure failure analysis/RMA - Certificate based - Set permissions levels - Public key cryptography

Secure Boot• Execute authenticated and trusted software

• Prevent malicious code execution

SECURE ANY APPLICATION

PAYMENT INDUSTRIAL

AUTOMOTIVE

WEARABLESEMBEDDEDNETWORKHEALTHCARE

CONNECTEDHOME

SMART CITY CLOUD

SMART METERING

DEFENCE

The eSecure IP is a very efficient solution to enable any secure application on chip. The hardware module shielded from the main proces-

sor brings a high level of security. Also the hardware offloading of the cryptographic operations from the main processor to the eSecure

module guarantees a low power operation. The eSecure module is tuned to the target application in terms of feature and performance.

BUILT FOR YOUR SPECIFIC NEEDS

CONFIGURABLEInclude features as needed

SCALABLEDefine performance and footprintdepending on your requirements

CUSTOMIZABLEAdapt to your specific needs

The eSecure IP is a complete standalone module that enables security applications by shielding the secret information from the

non-secure application running on the main processor. The firewall prevents any unauthorized access to the secret data. The secure

controller embedded in the eSecure module keeps full control of the execution of the security functions. In some designs, the secure

controller can be optionally virtualized in the host processor.

SoCIntegration

Mai

lbox

(es)

Secure KeyStorage

Side-ChannelAttack Protections

Secure DebugInt/protocol

PUF Anti-tampering

Tap Controller

DMA

Secure Storage, Other Peripherals...

Peripherals

RAM

RAM

Host CPUs

eSecure Library

PSA functional

API

eSecure

Secure Boot

PrivateInterfaces

SILEXI N S I G H T=

Crypto Cores (wide range)+ PQ Crypto

Secure CPU

AUTOSARCrypto Driver

API

eSECURE IP MODULE

WE'VE GOT YOUR SECURITY COVERED!

Global sales offices

Worldwide customer base

Founded in 1991

Silex Insight = Silicon experts with know-how

Expertise on PCB design, FPGA and ASIC

Design Services to fully develop to your needs

Tel: +32 10 45 49 04E-mail: contact@silexinsight.com

Web: www.silexinsight.com

Silex Insight Rue Emile Francqui 11, 1435 Mont-Saint-Guibert, Belgium

www.silexinsight.com

SILEXI N S I G H T

Product sheetBA470 - eSecure module for SoC security

V2.1

Secured System-on-Chips (SoC)Proven Root-of-Trust for use in ASICs

• Execute authenticated and trusted software• Prevent malicious code execution

Authen�cate your code at run-�meSecure so�ware update (Field upgradable)An�-rollback protec�on

Secure boot

• Achieved with strong cryptographic algorithmsConfiden�ality & authen�city

Secure key provisioning• Key revocation

Secure Storage of Secret Informa�onConfidentiality and authenticity is guaranteed

• In protected and unprotected storageStore secret assets

Side-channel A�ack Protec�onProtect against external physical attacks

• Public Key Accelerator • SM4Unique efficiency DPA countermeasures

• Multiple tamper detection mechanisms• Configurable depending on threat model• Digital sensors

An�-tampering

Secure Communica�onOnly using the most secure and latest algorithms

TLS/DTLS (TLS/SSL 1.2/1.3)

IPsec and MACsec

Thread networking, Apple HomeKit,Bluetooth, Zigbee and more

• Certificate based• Set permissions levels• Public key cryptography

Secure DebuggingAuthenticate and protect in-the-field

Perform secure failure analysis/RMA

Device rights managementA�esta�onDevice decommissioning

Device Unique Iden�tyPrevents counterfeiting and cloning

• Uniquely identify each manufactured part• Authenticate your device

Iden�fy and trust your devices

• AES

Part

No: M

KTSI

0011

-EN

V2.1

San Jose, CA, US

London, UKBRUSSELS, BELGIUM

Tokyo, Japan

Taipei, Taiwan

Shanghai, China

Seoul, South KoreaHQ

Tel-Aviv, Israel

SILEX INSIGHT Sales Offices