comment on this article

Lattice looks to improve server security with Sentry 2.0

Lattice Semiconductor has announced the latest version of its solutions stack for secure system control, Lattice Sentry 2.0

The solutions stack enables next-generation hardware Root-of-Trust (HRoT) solutions compliant with NIST Platform Firmware Resiliency (PFR) Guidelines (NIST SP-800-193) and supports 384-bit encryption.

This version of Lattice Sentry addresses the evolving security requirements of current and emerging server platforms by providing developers with an efficient and secure way to quickly implement enhanced system and cryptographic applications. The stack supports firmware security for the communications, computing, industrial, automotive, and smart consumer markets.

"Firmware represents a significant threat vector for computer systems, appliances, and associated infrastructure. If the first code that executes on a device when it powers on were to become compromised, then the entire system can and should no longer be trusted as secure. Firmware can be compromised through malicious attacks or unintentionally," according to the Cloud Security Industry Summit (CSIS), a group of cloud service providers working towards industry alignment on best-of-breed security solutions.

“Staying on top of evolving cybersecurity threats is a constant struggle for most organisations. To help them keep pace, Lattice is committed to the ongoing improvement of the security, performance, and ease-of-use capabilities of our Sentry stack,” said Eric Sivertson, Vice President of Security Business, Lattice Semiconductor. “With the Sentry stack, developers can easily add support for strong firmware security to system control applications based on Lattice secure control PLDs, creating a platform to establish a HRoT to validate the legitimacy of all firmware instances in a system.”

Key features for Sentry 2.0 include:

Heightened security – The Sentry solutions stack supports the Lattice Mach-NX secure control FPGA and a secure enclave IP block that enable 384-bit cryptography (ECC-256/384 and HMAC-SHA-384) to secure Sentry-protected firmware against unauthorised access. Support for 384-bit crypto is a requirement for many next-generation server platforms.

4x faster pre-boot authentication – Sentry 2.0 supports faster ECDSA (40 ms), SHA (up to 70 Mbps), and QSPI performance (64 MHz). These features enable Sentry 2.0 to deliver faster boot times that help minimise system down time and reduce exposure to attempted attacks on firmware during the boot process.

Ability to monitor up to five firmware images in real-time – To further extend the PFR-compliant HRoT enabled by Lattice Sentry, the stack is capable of real-time monitoring of up to five mainboard components in a system at boot and during ongoing operation. Competing MCU-based security solutions, as an example, lack the processing performance to properly monitor that many components in real-time.

Neil Tyler

Comment on this article

This material is protected by MA Business copyright See Terms and Conditions. One-off usage is permitted but bulk copying is not. For multiple copies contact the sales team.

What you think about this article:

Add your comments


Your comments/feedback may be edited prior to publishing. Not all entries will be published.
Please view our Terms and Conditions before leaving a comment.

Related Articles

Get to market faster

A quick look at using Vicor's PFM and AIM in VIA packaging for your AC to Point ...

Digital consciousness

​Would you consider uploading your brain to the cloud if it meant you could ...

Building resilience

James Woodhead talks to New Electronics about the need to build greater ...