Securing the entire supply chain with Lattice stacks and services

With the Sentry stack and SupplyGuard service, Lattice offers a complete supply chain security solution with nanosecond response times.

21
latex

Lattice Semiconductor launched the Sentry solution stack and SupplyGuard supply chain protection service in the summer. Sentry is a dynamic, real-time, NIST-compliant, RISC-V-based PFR software solution stack that reduces time-to-market from months to weeks, while SupplyGuard is a service that protects supply chains from counterfeiting, overbuilding and Trojans.

"Sentry's solutions empower customers to easily deploy a Root-of-Trust (RoT)-based PFR solution that complies with NIST SP-800-193 guidelines," explains Deepak Boppana, Senior Director of Segment and Solutions Marketing at Lattice. "With Sentry's validated IP cores, pre-verified reference designs and hardware demos, developers can quickly customize the PFR solution by modifying the C code provided with the RISC-V and Propel design environment to reduce time-to-market from ten months to just six weeks."

The Sentry stack is a combination of customizable embedded software, reference designs, IP cores, and development tools designed to accelerate the deployment of secure systems that meet the National Institute of Standards Technology (NIST) PFR guidelines. National Institute of Standards and Technology Platform Firmware Resiliency (PFR) Guidelines (NIST SP-800-193), while the SupplyGuard service extends the system protection provided by the stack to the entire supply chain with factory "armored" devices to be protected against attacks such as cloning and malware introduction.

How security requirements are changing

Hardware security solutions are increasingly important for a wide range of applications: telecommunications, data center, industrial, automotive, aerospace and client computing.

Patrick Moorhead, founder and president of Moor Insights & Strategy, explains, "5G, edge computing and IoT technologies are accelerating the pace at which devices are being connected and OEMs are facing increased security concerns. Developers need to be confident that their hardware platforms are safe from cyber attacks and IP-core theft. They need solutions that offer comprehensive protection throughout the operational life of a product in the field, and therefore can dynamically adapt to a range of evolving threats.

Firmware is an increasingly common attack vector, and protecting it requires real-time hardware platform security for all connected devices: you need to make component firmware inaccessible and ensure that the system is automatically protected, instantly detecting any attacks and recovering without any delay.

Hardware security solutions based on microcontrollers (MCUs) and Trusted Platform Modules (TPMs) use bulk processing techniques and cannot offer the real-time performance that can be achieved with Lattice FPGAs, which use parallel processing.

"To enable developers to operate with peace of mind in the increasingly risky and ever-changing supply chain industry, Lattice created the SupplyGuard service to help customers securely deliver their products while reducing overall costs," adds Eric Sivertson, Vice President Security Business at Lattice. "With Sentry and SupplyGuard, Lattice offers a comprehensive, next-generation security solution with nanosecond response times and true parallel processing capabilities to enable dynamic trust for customers and users of their products."

The main features of the Sentry stack 

  • Hardware Security Features - Sentry enables a NIST-compliant, pre-verified PFR implementation that applies strict real-time access controls to the entire system's firmware both during and after boot. If corrupted firmware is detected, Sentry can restore it to an undamaged previous version so that safe system operation can continue without interruption.
  • Compliant with the latest version of the NIST SP-800-193 standard and CAVP certifications - the stack enables the implementation of a hardware RoT through support for Lattice's MachXO3D™ family of FPGAs protected with advanced encryption.
  • Ease of use - once Sentry's validated IP cores are selected, developers can drag and drop them, and edit the included RISC-V C reference code, into Lattice's Propel design environment even without any previous FPGA experience.
  • Short time-to-market - the Sentry stack provides pre-verified and proven development boards, reference designs and demos that can cut PFR application development time from ten months to as little as six weeks.
  • Platform independent, flexible security solution - Sentry offers full real-time PFR support for both firmware and programmable peripheral devices. It can operate as a RoT in a system and/or complement any existing BMC/MCU/TPM-based architecture for full NIST SP-800-193 compliance.

Key features of the SupplyGuard service 

  • Reliable security for the entire device lifecycle (only authorized manufacturers can implement an OEM design, regardless of their location; OEMs have a secure key infrastructure to prevent their IP cores from being activated on unauthorized components to stop cloning and overbuilding of the product; devices are protected against download and installation of Trojans, malware or other unauthorized software).
  • Flexible, cost-effective implementation.

 

Previous ArticleMaxim Integrated Sensors Measure Accurately and Protect Products
Next articleIfa Berlin 2020: signs of life from the consumer market

LEAVE A COMMENT

Please enter your comment!
Please enter your name here