Implementation of security for IoT edge devices accelerated
Synopsys and Intrinsic-ID have announced the integration of Intrinsic-ID's PUF technology with Synopsys' DesignWare ARC EM Processors with SecureShield technology to enable efficient implementation of security functions such as authentication and device cloning prevention for low-power IoT edge devices.
Intrinsic ID's Quiddikey product is a secure key management solution based on their PUF technology that dynamically reconstructs on-chip secret keys without ever storing them, while Synopsys SecureShield technology provides a secure environment isolated from user code to protect the unclonable key. This combined solution enables SoC developers to support security-sensitive transactions, such as smart payment and secure cloud storage, found in applications including wearables and smart home appliances, without the cost or power consumption of a separate security processor core. SoC developers can add a complete security stack to low-power microprocessors and sensors without modifying any hardware.
"The rapid proliferation of connected devices and the new business models built on them have made secure user, device authentication and the management of valuable data critical," said Pim Tuyls, CEO, Intrinsic-ID. "With the combination of Synopsys and Intrinsic-ID IP, designers can deploy a firmware-only implementation of our unique PUF technology in a trusted execution environment by leveraging Synopsys' ARC EM processors with SecureShield. This solution enables the creation of highly secure, low-power SoCs that deliver superior anti-tamper and anti-cloning features for a wide range of IoT applications."
Intrinsic-ID's PUF security technology, called Hardware Intrinsic Security (HIS), uses a device-unique authentication process to extract security keys and unique identifiers from the innate characteristics of the SRAM. This extraction is done with Intrinsic-ID's Quiddikey product. Quiddikey guarantees the entropy of the key as well as a correct and secure key reconstruction under all circumstances. The PUF key is extracted from the chip and not externally programmed or stored; it is linked to the chip's unique physical characteristics and inherently protected against cloning and tampering.
DesignWare ARC EM Processors are based on the scalable, 32-bit ARCv2 instruction set architecture (ISA) and are optimised for area and power efficiency, making them ideally suited for IoT edge devices. Synopsys' Enhanced Security Package with SecureShield technology provides the ability to encrypt instructions and data, enabling designers to create a tamper-resistant, secure environment that protects their systems and software from evolving security threats such as IP theft and remote attacks. Intrinsic-ID's PUF solution can be implemented in firmware leveraging a trusted execution environment provided by Synopsys' SecureShield, isolating critical security functions from the application software running on the ARC EM processor.
The DesignWare CryptoPack option provides the ability to speed up software encryption implementations by adding custom instructions and registers to the ARC EM processors. This further accelerates the PUF and associated security algorithms to maximise performance and minimise power consumption when executing data authentication and encryption.
"As more personal data is being transmitted in connected systems and devices, consumers are becoming increasingly concerned about the privacy and security of their information," said John Koeter, Vice President of Marketing for IP and prototyping, Synopsys. "Our collaboration with Intrinsic-ID provides designers with an advanced security solution that enables them to combine Intrinsic ID's PUF solution and Synopsys' ARC EM Processors with SecureShield technology for a faster, easier path to securing their IoT devices with strong authentication and the prevention of copying, cloning and other malicious attacks."