A secure root-of-trust is critical in connected applications such as the Internet of Things (IoT) and industrial IoT. Lattice Semiconductor’s latest MachX03D FPGA incorporates hardware features that provides such capabilities. It means the FPGA can be secured without the need for external security chips, thereby delivering an even more secure platform since everything is on a single chip.
The MachX03D retains the flash-based FPGA functionality of the family. These have up to 9400 lookup tables (LUTs) and over 380 I/O pins. The latter are configurable and support LVCMOS 3.3 to 1.0. They also support hot-socketing, default pull-down, input hysteresis, and programmable slew rate. Flash-based FPGAs don’t require external configuration storage and can start up immediately. The chips have on-board voltage regulators, so they need only a single 3.3-V power supply. The chips can contain up to 2700 kb of user flash memory and up to 430 kb of embedded block RAM, called sysMEM.
The MachXO3D can be secured without needing any external security chips.
The security features are built around the Embedded Secure Configuration Engine that provides a secure root-of-trust in addition to guaranteeing that only trusted FPGA configuration code is programmed into the chip. There are dual flash-memory blocks to handle device configuration, thereby offering failsafe programming support. The Embedded Security Block has pre-verified hardware support for cryptographic functions such as ECC, AES, SHA, and PKC. The chips are compliant with the NIST’s Platform Firmware Resilience specification.
Lattice Semiconductor has designed the security support for the MachX03D to address manufacturing and programming by third parties, as well addressing other supply-chain security issues through decommissioning of a device.
The FPGA chips are available in compact WLCSP packages as well as BGA packages with a 0.50-mm and 0.80-mm ball pitch. MachO3 development boards come with Raspberry Pi and Arduino interface expansion headers.