Secure Gen 2 Cortex-M3 Flash FPGA Prevents Counterfeiting

Oct. 9, 2012
Microsemi's SmartFusion 2 FPGA incorporates a hard core Arm Cortex-M3 along with extensive security features that prevent tampering and counterfeiting while providing a secure runtime environment.

Microsemi's SmartFusion 2 expands on the original SmartFusion platform that combines Arm's Cortex-M3 with flash-based FPGA technology (see FPGA Hosts Hard Cortex-M3 And Analog Peripherals). SmartFusion 2 (Fig. 1) retains the hard core Cortex-M3 processor but foregoes the intelligent analog peripheral controller while incorporating high speed serial interfaces such as PCI Express and XAUI.

Figure 1. SmartFusion 2 is built around a 166 MHz Cortex-M3 processor, an FPGA fabric and high speed serial interfaces.

The 166 MHz Arm Cortex-M3 processor is fast even for a standalone Cortex-M3 microcontroller. It has its own flash, up to 512 Kbytes, and up to 64 Kbytes of SRAM. Both have correcting and, simultaneously, double error detecting (SECDED) support. The core has access to an addition 80 Kbytes of non-SECDED SRAM.

Basic parity is often used in high reliability applications but then single event upset (SEU) faults can only be detected. SECDED allows processing to continue if a single bit error is detected. Double bit errors are less common but SECDED allows these to be detected.

This attention to reliability exists throughout the system design. Flash-based FPGAs are already less susceptible to alpha/neutron particles compared to RAM-based FPGAs. The latter can cause reconfiguration errors that are hard to detect.

SEU immune implementations are employed for major peripherals including the DDR bridges, instruction caches and serial interfaces. The system has a built-in self test (BIST) with on-demand BIST for all non-volatile memories. The Arm core has ETM (embedded trace module) support.

Security is complementary but related to reliablity because it has to be inherent to the system design. SmartFusion 2 is hardened against differential power attacks (DPA) technology from Cryptographic Research. It has an integrated hardware security module (HSM) making SmartFusion 2 the only FPGA with non-volatile encrypted storage. This allows secure boot support preventing inadvertent use of bad code.

The processor has access to an array of cryptographic services including AES-256, SHA-256, and HMAC support. There is a 384 bit Elliptical Curve Cryptographic (ECC) engine built-in. The random number generators uses a non-deterministic random bit generator with DPA countermeasures. Hardware firewalls available within the ARM AHB bus matrix.

These chips will be very hard to hack. Microsemi has also implemented a secure manufacturing process. They employ Intrinsic-ID’s physically unclonable function (PUF) technology.

The FPGA fabric has seen enhancements as well. The fabric tops out with 120K LUTs, 5 Mbits of SRAM, and 4 Mbits of flash memory. SmartFusion 2 now incorporates high speed DSP blocks. There is a DDR2/3 controller plus sixteen 5 Gbit/s SERDES. These can provide support for x4 PCI Express, XAUI and Ethernet.

The fast and secure design can also be low power as well. The chip uses as little as 1 mW in standby mode. This is complemented with Microsemi's Flash*Freeze mode that allows The processor and FPGA fabric are actually independent power areas allowing for more selective use of power modes. The FPGA use 10 mW of power when in static, standby mode. This is done using clock gating partitioning within fabric.

Microsemi's Libero IDE provides Microfusion 2 development support. The new System Builder tool (Fig. 2) simplifies configuration and allows developers to easily add soft peripherals to the FPGA fabric. This approach lets developers complement the hard core peripherals as needed. Third party IP support will be added in the future allowing developers to select from an even wider list of FPGA-based peripherals.

Figure 2. The SmartFusion 2 System Builder lets developers select peripherals from a menu and incorporates them into the FPGA fabric linking them to the Cortex-M3 processor.

Microsemi's flash-based, hard core SmartFusion 2 stands alone with its Flash*Freeze and high security approach. RAM-based FPGAs like Xilinx's Zynq-7000 EPP (see FPGA Packs In Dual Cortex-A9 Micro) with its dual core Cortex-A9 processors target higher end applications. There may be some overlap in the mid-range but they tend to target their own market.

Fast start up times and secure boot will be critical for SmartFusion 2 in high reliability environments such as military, avionics and medical. Likewise, these application areas will benefit from Microsemi's secure manufacturing support. This, along with the security support, is designed to prevent counterfeiting, tampering, cloning, and reverse engineering of the chip.

Sponsored Recommendations


To join the conversation, and become an exclusive member of Electronic Design, create an account today!