Security for Edge Compute Applications

Threats to Low-Power Edge Compute Applications

The burgeoning 5G networks will engender a new generation of interconnectivity with the Internet of Things (IoT). The communication between numerous devices and machines makes them accessible to vulnerabilities from external influences, invasions or unknown bugs. Remote operations also pose physical security issues.

Modern vehicles are feature rich with automated software that devises uninterrupted connectivity for drivers. These vehicles use various wireless technologies to communicate, making them susceptible to malicious attacks. An Electronic Control Unit (ECU) also needs to be cryptographically armed in hardware and software to provide a chain of trust for secure authorization.

Similarly, intelligent industrial networks, control systems, automation networks, processes and factories consist of connected machines and systems, exposing them to the risk of several internal and external threats.

In the FPGA context, the supply chain and equipment also pose potential threats such as trojan horses embedded in the IC or hard IP, remarked packages, refurbished parts, incorrect configurations, overbuilt equipment, side-channel analysis and tampering.

Three Pillars of Security

Essentially a more infallible security system must offer three core components:

1. Trust: guarantee that your data source is dependable, authorized and authenticated.
2. Tamper protection: affirmation that your device has not been interfered with.
3. Information assurance: the data in your systems is used, processed and transmitted securely.

FPGA Security

Microchip FPGAs provide a solid foundation for building your security applications.

Security in hardware begins with a cryptographically controlled manufacturing process that embeds device integrity checks, allowing a customer to ensure that their devices are untampered. Manufactured securely, Microchip’s FPGAs provide a secure programmable hardware platform encompassing NIST-certified cryptographic accelerators, patent-protected DPA resistance and a secured supply chain. 

Design security protects Intellectual Property (IP) and other sensitive information such as cryptographic keys. Design IP includes logic design, firmware code and security settings loaded on the device. By using secure bit streams, tamper detection and active mesh while eliminating copying, cloning or reverse engineering, a developer can create a more secure system. Microchip’s secure design FPGAs comes with all these capabilities and helps ensure that a design remains secure and operates as intended for the lifetime of a product.

Our FPGAs offer information assurance with advanced secure data privileges. These include safeguarding application data (stored, communicated or computed at run time) from duplication, modification or corruption. PolarFire®  and PolarFire SoC families of data security FPGAs contain an Athena F5200B side channel-resistant cryptoprocessor. The F5200B is software programmable and supports popular industry-standard asymmetric, symmetric and hashtag functions.

The PolarFire SoC FPGA family (a RISC-V®-based FPGA family) inherits all advanced security features from the PolarFire FPGA, such as DPA-resistant bitstream programming​, anti-tamper​, cryptographically-bound supply chain assurance​, Physically Unclonable Function (PUF)​, true random number generator​ and side-channel resistant crypto-coprocessor. In addition, it offers the following:

1. Secure boot options that suppors factory default and user-defined options.
2. Physical Memory Protection (PMP) units for each CPU (compliant with the RISC-V Instruction Set Manual); the PMP unit can set memory access privileges (read, write, execute) for specified memory regions. The PMP units can restrict access to memory and isolate processes from each other to enable secure execution of application code by limiting the physical addresses accessible by the software running on a Hardware Thread (Hart).
3. Spectre and meltdown immunity: unique security vulnerabilities which rely on hardware design flaws in modern CPUs.

To help designers get familiar with our security features and quickly develop secure applications, we offer documentation, videos, webinars and hardware platforms.

For more information, visit our programmable security for low-power edge compute applications page. Build your confidence in implementing security solutions with our SHIELDS UP! webinar series.