Global Sources
EE Times-India
EE Times-India > EDA/IP

Secure boot sol'n aimed at aerospace, defence apps

Posted: 11 Dec 2015     Print Version  Bookmark and Share

Keywords:Microsemi  secure boot solution  Intrinsic-ID  FPGA  microprocessor 

Microsemi Corp. and Intrinsic-ID, a provider of cyber physical security solutions based on physically unclonable functions (PUFs), have collaborated to develop what they describe is a secure boot solution for mission critical electronic systems. The company claimed to offer a novel approach to building a complete secure boot process, from silicon to the system level.

The solution provides users unprecedented control and security over the provisioning at each start-up of sensitive boot code into programmable components such as field programmable gate arrays (FPGAs) and SoCs from vendors such as Altera and Xilinx. These components are often used for mission critical applications in military and aerospace, as well as in data centres and cloud computing, requiring the highest level of security.

Securing a system consisting of multiple components such as FPGAs and microprocessors poses a very complex challenge. In particular, the protection of software against tampering by attackers is critical. For systems that are being used in the most demanding environments to carry out the most critical operations, the best security technology must be used.

Microsemi Secure Boot solution

Microsemi Secure Boot solution

The combination of Microsemi FPGAs and secure authentication protocols using PUFs provides complete system integrity and confidentiality protection for securely booting a complex electronic system.

Microsemi has designed a unique secure boot protocol for protecting third-party FPGA logic from being cloned, reverse engineered or tampered with. The company has introduced the power-efficient, small-footprint flash-based SmartFusion2 SoC FPGA to act as a secure boot manager. SmartFusion2 first performs its own built-in secure boot and then, acting as a root-of-trust, manages the additional large FPGAs and SoCs within the system with their secure boot. Sensitive encrypted bitstream or object code is sent via the SmartFusion2 FPGA to the target FPGAs or SoCs only after successful identification of the target device and authentication of its initial boot code using the Intrinsic-ID PUF. The sensitive code is authenticated and decrypted on the target device.

What makes this approach truly unique is that all devices' identities and secret keys are bound to the unique semiconductor physics of the device through the use of PUFs. All devices have a unique key that is generated on the device from uncontrollable, and thus unclonable, silicon nanoscale physical properties. This PUF secret key is bound to the device's hardware and never leaves the device. As the PUF key is not stored in memory when the device is powered off, the key is simply not there, making extraction by an attacker much more difficult.

1 • 2 Next Page Last Page

Comment on "Secure boot sol'n aimed at aerospace..."
*  You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.


Go to top             Connect on Facebook      Follow us on Twitter      Follow us on Orkut

Back to Top