New SoC Security Platform Announced by CAST and Beyond Semiconductor
February 25, 2019
The GEON Security Platform
There is a growing awareness of threats posed by devices that were traditionally not considered security critical. With rising connectivity, versatility and programmability built into modern chips, many end up in a position where they can be used to facilitate the extraction of valuable data or influence operation of a critical system.
The growing impact and costs of security breaches are shifting the industry towards a future where sound security architectures and approaches must be employed to ensure device compliance with emerging standards and regulation. The lack of appropriate security functionality is quickly becoming the biggest threat to device longevity.
Introducing an IP Solution:
the GEON Security Platform
The GEON™ Security Platform, the essential suite of hardware security IP, is the natural response to support design teams across a wide spectrum of chip designs and industries. Since there is no “one-size-fits-all” solution in secure chip design, the GEON Platform includes all the common and usual security functions necessary to secure a modern SoC.The GEON Platform consists of the following modules:
- GEON Secure Boot provides a hardware root of trust and ensures that only authentic, vendor-issued software is allowed to run on a device.
- GEON Firmware Encryption protects the confidentiality and integrity of firmware or of software and related data.
- GEON Secure Debug provides public key infrastructure (PKI) authentication of a debug user and the device, enabling secure JTAG access and secure failure analysis.
- GEON HSM implements a hardware security module on a chip, enabling cryptographic operations while protecting (not exposing) secret key material.
The GEON Platform is configurable so that only those functions needed to address the threat assessment of the design team need be selected. This allows a team to minimize area requirements while optimizing the performance of the security subsystem being deployed. The platform is also processor agnostic and works with all modern architectures including ARM, MIPS, RISC-V, and the entire BA2x processor family from Beyond Semiconductor.
Achieving SoC Protection with the GEON Security Platform
It is well known that the starting point for any secure design is a complete assessment of what assets need to be protected from which threats. From this comes a definition of an appropriate security architecture.
In almost every case, the architecture starts with a GEON Secure Boot function, which establishes a hardware root of trust and without which most other security measures fall short. Since a secure key storage mechanism is always a requirement, the platform provides a Secure OTP controller interface. In cases where maximum security is a necessity an optional GEON HSM is available to manage keys, authentication and signing as well encrypting and decrypting essential data.
Once a secure boot process is established, Firmware Encryption come into play. The GEON Platform is underpinned by a complete line of basic security cores such as AES-GCM, SHA-3, RSA, and a variety of other silicon-proven functions. The needs of each individual application dictate the choice and final setup.
An often-overlooked part of the total security package is the need for a secure debug function. Often the approach is to simply remove access to the debug chain after manufacturing test, but this leaves no way for future failure analysis which is essential in industries such as healthcare and automotive. The GEON Secure Debug function provides a complete solution to the problem.
SoC Security with Silicon Efficiency
All the security functions in the GEON platform share common hardware logic and accelerators wherever possible. This way, adding additional security functions will have only negligible impact on power and gate count.
For example, cryptographic hardware accelerators, secret (key) storage, protection mechanisms, random number generation, and other common functions are shared among all instantiated GEON security functions.
Let Us Help Solve Your SoC Security Challenges
Building a secure SoC is a complex task. We understand this complexity and recognize that there are trade offs that must be analyzed throughout the design process. The GEON Security Platform is supported by our team of security experts to help customers achieve an optimum solution.
For more information, please submit the Request Info form on this page, email email@example.com directly, or call +1 202.391.8300.