Security IP block for SmartFusion2 and IGLOO2 FPGAs
Microsemi introduces an advanced security IP block which provides additional layers of user-configurable tamper protection and responses to Microsemi's SmartFusion2 SoC FPGAs and IGLOO2 FPGAs. The EnforcIT Security Monitor enables users to easily configure SmartFusion2 and IGLOO2 devices to interface with hardware security mechanisms built into the silicon of these FPGAs.
EnforcIT Security Monitor is capable of reporting multiple internal security flags and system conditions to the FPGA, when configured for reporting. EnforcIT Security Monitor can also be configured to act autonomously. In this state it will respond to malicious FPGA threats and take action in order to mitigate further attack by protecting or destroying critical data and design.
Michael Mehlberg, vice president of product management and sales at Microsemi, commented: "Our EnforcIT Security Monitor will allow our customers to easily strike a balance between these important [security, reliability and performance] considerations while providing advanced monitoring, reporting and response against sophisticated FPGA attacks."
A single low-resource soft IP bloc, the EnforcIT Security Monitor can monitor and respond to multiple internal security flags and system conditions. Taking full advantage of the tamper detectors and responses built into the FPGA silicon, it can be configured to report threats or act autonomously. Another option would be to configure the EnforcIT Security Monitor to act on a combination of the two, allowing the user to find the right balance between security, performance and safety. Microsemi's EnforcIT Security Monitor can also be used as part of the layered solution in NSAs Commercial Solutions for Classified Program.
Key features of the EnforcIT Security Monitor include: seamless interfacing with Microsemi SmartFusion2 SoC FPGAs and IGLOO2 FPGAs; configurable alarm actions including zeroize, lockdown, chip reset and more; safety controls permit the user to delay or cancel automatic responses; customizable clock, JTAG and timeout monitoring; logic integrity and fault detection; and runtime IP version reporting.