Electronic Design
  • Resources
  • Directory
  • Webinars
  • CAD Models
  • Video
  • Blogs
  • More Publications
  • Advertise
    • Search
  • Top Stories
  • Tech Topics
  • Analog
  • Power
  • Embedded
  • Test
  • AI / ML
  • Automotive
  • Data Sheets
  • Topics
    - TechXchange Topics --- Markets --AutomotiveAutomation-- Technologies --AnalogPowerTest & MeasurementEmbedded
    Resources
    Electronic Design ResourcesTop Stories of the WeekNew ProductsKit Close-UpElectronic Design LibrarySearch Data SheetsCompany DirectoryBlogsContribute
    Members
    ContentBenefitsSubscribeDigital editions
    Advertise
    https://www.facebook.com/ElectronicDesign
    https://www.linkedin.com/groups/4210549/
    https://twitter.com/ElectronicDesgn
    https://www.youtube.com/channel/UCXKEiQ9dob20rIqTA7ONfJg
    Electronicdesign 6958 103491promo
    1. Technologies
    2. Embedded
    3. Software

    Putting Trust In An FPGA

    Feb. 20, 2014
    Microsemi is putting its SmartFusion 2 in between the boot ROM (usually a serial flash device) and the host processor to provide a more robust, secure boot environment.
    William G. Wong

    Microsemi is putting its SmartFusion 2 (see Secure Gen 2 Cortex-M3 Flash FPGA Prevents Counterfeiting) in between the boot ROM (usually an SPI flash device) and the host processor to provide a more robust, secure boot environment (Fig. 1). The flash memory contains encrypted code that the SmartFusion system can verify and decode. The host runs a boot program that verifies system operation and then continues the boot process.

    Electronicdesign Com Sites Electronicdesign com Files Uploads 2014 02 103491 Fig1sm
    Figure 1. SmartFusion 2 sits between an SPI flash with encrypted code and the host processor.

    The SmartFusion platform is a flash-based FPGA built around an ARM Cortex-M3 microprocessor (see FPGA Combines Hard-Core Cortex-M3 And Analog Peripherals). The SmartFusion 2 (Fig. 2) concentrates on the digital side and drops the analog engine found still available in the first version.

    Electronicdesign Com Sites Electronicdesign com Files Uploads 2014 02 103491 Fig2sm Smart Fusion
    Figure 2. SmartFusion 2 incorporates a secure, ARM Cortex-M3 to complement the FPGA fabric.

    Related Articles

    • Secure Gen 2 Cortex-M3 Flash FPGA Prevents Counterfeiting
    • FPGA Combines Hard-Core Cortex-M3 And Analog Peripherals
    • Innovative Integration Mixes Micros WIth FPGAs
    • Climb On Board Next-Generation FPGAs

    The SmartFusion 2's secure boot support does not require the FPGA support allowing designers to provide additional functionality

    The full boot process (Fig. 3) is rather extensive and it verifies all aspects of the system from the SmartFusion chip itself to the boot code and the host. The end result of a successful boot is a host running a secure kernel that can then load an operating system and applications that have also been verified. The secure host boot application will have the keys necessary to do this.

    Electronicdesign Com Sites Electronicdesign com Files Uploads 2014 02 103491 Fig3sm
    Figure 3. The complete boot process incorporates a range of keys, encrypted and decrypted code and handshaking between the host and the SmartFusion system.

    The multistep process is necessary to address the various areas of attack. The chip itself is tamper-resistant and it has the secure keys to get everything started. The conventional SPI flash contains encrypted code that cannot be subverted. The host will eventually be running verified code that can then determine whether the subsequent operating system is authentic before running it. A secure operating system can then verify and load applications in a similar fashion. This might even make use of secure, encrypted disk storage.

    Without the root trust, there is no way to protect the system. SmartFusion 2 uses differential power analysis (DPA) resistant anti-tamper measures licensed from Cryptography Research Incorporated (CRI).

    There is a new SmartFusion 2 reference design that secures each stage of the boot process. It works with Microsemi's WhiteboxCRYPTO security product. This enables transport of symmetric encryption key in a plain text environment through complex algebraic decomposition of the crypto key and strong obfuscation. Microsemi also provides a graphical user interface for encrypting the developer's application code for subsequent programming of the SPI flash as well as the decryption in the host processor.

    Continue Reading

    Processor Boot Solution Addresses High-Rel Edge Space Systems

    Arm Unveils Its Most Compact AI-Capable Cortex-M CPU

    Sponsored Recommendations

    CoolSiC™ Products

    Nov. 17, 2023

    Modular systems with high performance and high application efficiency

    Nov. 17, 2023

    The Infineon Podcast4Engineers

    Nov. 17, 2023

    Depth Sensors Visualize Volumes

    Nov. 1, 2023

    Comments

    To join the conversation, and become an exclusive member of Electronic Design, create an account today!

    I already have an account

    New

    Arm Unveils Its Most Compact AI-Capable Cortex-M CPU

    Welcome to GoPro Warfare

    Lead-Free Quantum Dots Bring SWIR Closer to Consumers

    Most Read

    Maximizing Power from Solar Panels

    Achieving Functional-Safety Compliance for Motor-Control Systems

    SiC E-Fuse Demonstrator Speeds Evaluation for EV Apps


    Sponsored

    AM2634-Q1

    STM32WBA - 2.4GHz wireless microcontroller with SESIP Level 3 security

    The IoT Trusted Zone

    Electronic Design
    https://www.facebook.com/ElectronicDesign
    https://www.linkedin.com/groups/4210549/
    https://twitter.com/ElectronicDesgn
    https://www.youtube.com/channel/UCXKEiQ9dob20rIqTA7ONfJg
    • About Us
    • Contact Us
    • Advertise
    • Do Not Sell or Share
    • Privacy & Cookie Policy
    • Terms of Service
    © 2023 Endeavor Business Media, LLC. All rights reserved.
    Endeavor Business Media Logo