Secure IP hardware enclaves give semiconductor manufacturers robust cryptographic capabilities when integrated into their system on chip (SoC) products. They also benefit from a rich array of security services, which are more powerful integrated in hardware than software, while also enabling compliance with most common industry security standards including NIST, FIPS, PSA and SESIP Level 3 or higher.
“Silicon hardware-based security offers better protection from manipulation and interference than its software-based counterpart because it’s more difficult to alter or attack the physical device or data entry points,” explained Michela Menting, Digital Security Research Director at ABI Research.
Kudelski IoT Secure IP is a hardware security enclave that gives SoCs key features like a high-quality and robust true random number generator, secure key storage, robust cryptographic algorithms and countermeasures against side channel attacks (SCA, DPA) and fault attacks (DFA).
Secure IP also gives SoC manufacturers, device manufacturers and end users access to services and features that ensure the longevity and profitability of devices and solutions. These features include remote feature authorisation, secure firmware over the air updates, advanced data encryption to ensure privacy, and zero-touch or in-field provisioning to ensure secure and scalable operations.
“We see increasing regulation and demand for security in almost every IoT market, ranging from consumer IoT, automotive, industrial, telco, medical, and asset tracking,” said Frédéric Thomas, CTO of Kudelski IoT. “We foresee that regulation will require hardware IP in most SoC designs going forward, and through this launch we are giving silicon manufacturers a head start on preparing for the coming wave of demand.”
Kudelski IoT has established itself as a leader in this emerging space with over 30 years of expertise in hardware security, with a portfolio that includes IP covering everything from cellular devices needing the highest levels of security to IP for size/cost constrained devices requiring PSA or SESIP Level 3 certification. Kudelski IoT enables semiconductor manufacturers to integrate its Secure IP blocks with SoC lifecycle support such as JTAG and Secure Debug capabilities, and support for Secure Boot using only a very small footprint.
Through Kudelski Lab IoT Center of Excellence services, the company also provides additional tools and services for SoC and device manufacturers to manage the lifecycle of the SoC and devices, including Threat Analysis and Risk Assessments (TARA), security and architecture design review, SoC and device evaluation for certification pre-evaluation (SESIP Level 3, CSPN).
Secure IP can be used in combination with Kudelski IoT keySTREAM to manage the device lifecycle and provide a fully secure chip-to-cloud experience for customers. This includes personalisation, key provisioning in the factory as well as in the field, secure firmware updates, and attestation, from design of the IoT solution to refurbishment.