All IPs > Security IP > Security Subsystems
In the world of integrated circuits, Security Subsystems Semiconductor IPs play a vital role in ensuring the confidentiality, integrity, and authenticity of data. These subsystems are meticulously designed to be incorporated into larger systems, providing robust security features crucial for combating the ever-evolving cyber threats. They are essential for a wide array of applications, including IoT devices, automotive systems, and consumer electronics, which demand stringent security measures.
Security subsystems often include components such as encryption and decryption engines, secure boot mechanisms, key management systems, and hardware-based random number generators. These components work in harmony to secure data transactions and storage within an electronic device. By integrating such advanced security features directly into the silicon, device manufacturers can significantly enhance the overall security posture of their products.
Furthermore, these security IPs are not only about protecting sensitive data but also about ensuring device integrity. Features such as tamper detection, secure firmware update, and access control play critical roles in preventing unauthorized access and modifications. This is particularly important in sectors like automotive, where safety and privacy are paramount, and IoT, where devices are often part of a broader network and are susceptible to remote attacks.
Products in the Security Subsystems category offer versatile and scalable solutions that cater to varying security requirements. They are designed to address specific needs, whether it's for securing a smartphone, enabling safe digital payment services, or protecting a vehicle's communication protocols. By choosing the right security subsystem semiconductor IP, developers can build products that not only perform efficiently but also comply with the highest security standards in today's connected world.
SphinX offers high-performance and low-latency encryption/decryption through AES-XTS, an industry-standard for data protection. Its independent and non-blocking encryption and decryption channels make it particularly valuable for enhancing data security in high-throughput environments. This technology is crucial for organizations that prioritize data integrity and confidentiality alongside operational efficiency. The SphinX solution ensures that sensitive data is safeguarded without compromising on speed or reliability, making it ideal for applications where both security and performance are critical. Its design allows for seamless integration into existing systems, minimizing the resource drain on processing power while offering robust security features. By focusing on ultra-low latency, SphinX is apt for use in fast-paced environments such as financial services, healthcare, and other sectors dealing with sensitive information. This highlights ZeroPoint Technologies’ commitment to providing cutting-edge solutions that navigate the complexities of modern data security demands, catering to both integrity and speed requirements.
PUFrt serves as a foundational hardware root of trust, featuring advanced key generation and storage capabilities inherent to the chip. It integrates a true random number generator (TRNG) and hardcore anti-tamper protections. With a built-in secure OTP, PUFrt provides unrivaled security for sensitive data, ensuring encryption and decryption processes are secured at the hardware level. This IP is adept at securing the semiconductor supply chain, countering the risks of reverse engineering and ensuring device authenticity through its robust identification systems. PUFrt features extensive customization options and interfaces for integration across diverse architectures, aiming to minimize user effort in embedding security functions within complex systems.
Secure OTP is designed to offer superior data protection through anti-fuse OTP technology. This IP provides comprehensive security for embedded non-volatile memory, suitable for CMOS technologies with robust anti-tamper features. Secure OTP simplifies integration for use across multiple IC markets, offering the ability to secure keys and boot code in major applications like SSDs and smart TVs. The IP leverages a 1024-bit PUF for superior data scrambling and secure memory access, thereby safeguarding critical information present in semiconductor devices. Secure OTP is built to address increasing IoT security concerns and stands out for its versatile application across ASIC and SoC platforms.
PUFcc is an advanced crypto coprocessor that combines a hardware root of trust with a full spectrum of cryptographic algorithms. Equipped with the latest security engines, PUFcc is ideal for integrating complex security protocols across various architectures, including IoT and fintech applications. Its design supports TLS communication protocols and features upgraded algorithms for robust performance and augmented security. PUFcc's architecture includes multiple subprocessors and memory access controls, making it a go-to solution for ensuring secure boot and data protection. As a drop-in security IP, it simplifies SoC design processes, ensuring comprehensive, integrated security from the chip to software layers.
FortiCrypt is FortifyIQ's premier product focused on providing ultra-high-level security with unprecedented efficiency. It encompasses a suite of AES solutions that protect against side-channel and fault injection attacks, including SIFA, without compromising on speed, performance, or physical dimensions. The technology harnesses finite field arithmetic for masking methods, safeguarding against attacks while maintaining low latency and high performance, evidenced by its ability to perform at hundreds of Gbps rates. This IP core supports a wide array of configurations, including ultra-low power and ultra-compact modes, making it versatile for battery-powered and space-constrained applications. Tested rigorously using the TVLA methodology, FortiCrypt ensures robust protection across diverse environments, from IoT devices to critical infrastructure.
ArrayNav represents a significant leap forward in navigation technology through the implementation of multiple antennas which greatly enhances GNSS performance. With its capability to recognize and eliminate multipath signals or those intended for jamming or spoofing, ArrayNav ensures a high degree of accuracy and reliability in diverse environments. Utilizing four antennas along with specialized firmware, ArrayNav can place null signals in the direction of unwanted interference, thus preserving the integrity of GNSS operations. This setup not only delivers a commendable 6-18dB gain in sensitivity but also ensures sub-meter accuracy and faster acquisition times when acquiring satellite data. ArrayNav is ideal for urban canyons and complex terrains where signal integrity is often compromised by reflections and multipath. As a patented solution from EtherWhere, it efficiently remedies poor GNSS performance issues associated with interference, making it an invaluable asset in high-reliability navigation systems. Moreover, the system provides substantial improvements in sensitivity, allowing for robust navigation not just in clear open skies but also in challenging urban landscapes. Through this additive capability, ArrayNav promotes enhanced vehicular ADAS applications, boosting overall system performance and achieving higher safety standards.
Sofics' TakeCharge Electrostatic Discharge (ESD) Solutions are designed to protect delicate semiconductor components from potentially damaging electrostatic discharges. These solutions are applicable across various technology nodes, including the most advanced ones like TSMC's 3nm FinFET processes. Sofics employs innovative design techniques to ensure these ESD protections are both area-efficient and performance-optimized, making them integral to semiconductor products aimed at high-speed, high-performance applications. Sofics' TakeCharge IP is not only aimed at protecting high-speed interfaces such as SerDes but also at enhancing the robustness of die-to-die connections, ensuring secure operation without compromising on speed or functionality. Furthermore, TakeCharge addresses challenges inherent in narrow ESD design windows of FinFET technologies, which are traditionally difficult to manage with conventional approaches. By leveraging proprietary technologies like Silicon Control Rectifiers (SCRs), Sofics' ESD solutions enable more reliable and compact protection strategies, further bolstering their suitability for complex electronics design challenges. Their offerings also extend robustness in applications varying from automotive to data center communications, illustrating a versatile applicability and ensuring consistent device reliability across different industrial sectors. Through its affiliation with various IP alliances and its collaborative approach, Sofics ensures that its ESD solutions are well-integrated into different foundry processes, including those of Intel and TSMC, reflecting its commitment to maintaining a high standard of integration and performance efficiency across diverse fabrication environments.
The eSi-Crypto suite from EnSilica encompasses a comprehensive range of cryptographic IPs targeted for ASIC and FPGA designs. This suite features low resource consumption and high throughput, crucial for secure and efficient cryptographic solutions. A key component is a robust True Random Number Generator (TRNG) compliant with NIST 800-22, available only as a hard macro. This IP provides essential cryptographic functions such as encryption, decryption, and authentication using algorithms like AES, RSA, ECC/ECDSA, and many more. Designed to cater to the evolving threat of quantum computing, this IP supports post-quantum cryptographic algorithms to future-proof data security. These cryptographic tools are integrated as standalone IPs or come with AMBA AHB/AXI bus interfaces, enabling seamless incorporation into a wide range of customized or standardized security applications across industries.
The Post-Quantum Cryptography (PQC) IP from Secure-IC offers solutions resilient against quantum computing threats. The PQC IP includes a hybrid hardware-software model that enables scalable security across various applications. It forms part of Secure-IC's forward-looking approach to cybersecurity that emphasizes both hardware accelerators and software libraries, which execute key generation and encapsulation with protection against side-channel attacks. This kind of versatility in cryptography makes it an excellent choice for next-generation secure communication platforms.
The Cramium Personal Hardware Security Module (PHSM) from Crossbar is an advanced security solution designed to safeguard digital assets with unparalleled protection. With a unique architecture that combines high-security with ease of use, this module is an integrated single-chip platform capable of executing complex cryptographic computations while ensuring the utmost security of sensitive data like private keys. The PHSM is engineered to perform Multi-Party Computation (MPC) within its secure element, thereby avoiding exposure of key shares, and supports Zero-Knowledge Proof (ZKP) to enhance data protection without unnecessary compromise. Designed to fit into various usage scenarios, from institutional cryptocurrency management to personal security devices, the Cramium PHSM offers a range of key management configurations, including BIP32/39, Multi-Signature wallets, and FIDO2 passkey support. By remaining offline when not actively used, it provides robust safeguarding against unauthorized accesses, marking it as an ideal choice for high-stakes custodianship and secure storage needs. Beyond its traditional usage, the PHSM's capacity for customization and compliance with various protocols places it as a versatile choice for protecting digital identities and assets, suitable for both end-user applications and enterprise-level security systems. This reliability makes it an essential tool for organizations seeking to bolster their defenses amidst increasing cyber threats, particularly those necessitating two-factor authentication and cryptographic safeguards.
FortiMac provides a reliable HMAC SHA2 IP core solution with advanced resistance against DPA and FIA, utilizing a minimal number of digital gates for an efficient security measure. Its underlying protection is built on the Threshold Implementation strategy, which offers formidable resistance against SCA and FI attacks. This IP stands out as the sole market component offering pure software solutions with robust algorithmic safeguards. FortiMac effectively supports various SHA schemes and ensures SCA and FIA protection on multiple processor architectures, making it adaptable for a range of applications including secure communications and automotive systems.
Securyzr Integrated Security Services Platform (iSSP) is a comprehensive lifecycle management solution. This platform allows Secure-IC's clients to monitor, manage, and secure their embedded devices throughout their operational lifecycle. It enables provisioning, firmware updates, security monitoring, and device identity management with high ease and trustworthiness. This solution facilitates zero-touch lifecycle services, significantly enhancing the security posture of device fleets in dynamic environments, thus demanding minimal interruption in ongoing operations.
Aeonic Insight provides advanced on-die telemetry, offering chip designers significant insights into power grids, clock health, and SoC security. It's tailored for use in complex applications like data centers, AI, 5G, aerospace, and automotive where high observability and programmability are essential. The IP's sensors integrate with third-party platforms to enhance silicon lifecycle analytics, delivering actionable data for refined design decision-making.
The Quantum Resistant Encryption Core is designed to offer robust security against emerging quantum threats. It features algorithms curated to withstand quantum computing capabilities, thus ensuring that sensitive information remains safeguarded. The solution forms an integral part of Crypto Quantique’s security architecture, leveraging their deep understanding of cryptographic principles to fortify device security. This core employs high-level encryption standards and is developed to support rapid integration into existing digital infrastructures. One of its standout features is its adaptability, meaning it can be implemented across a range of devices and platforms with minimal disruption. This versatility is crucial given the diverse nature of devices within the IoT ecosphere. Moreover, the Quantum Resistant Encryption Core is engineered with performance in mind, efficiently managing resources to ensure that security does not come at the expense of processing speed or energy consumption. Incredible resilience against future threats is provided by the integration of post-quantum cryptographic standards. Traditional cryptographic methods face significant risks as quantum computing technology becomes more prevalent, making quantum-resistant solutions imperative for long-term security strategy. This core solution by Crypto Quantique thus ensures devices remain protected well into the future, maintaining the integrity and confidentiality of data.
NVM Defender is Texplained's pioneering hardware module designed to safeguard integrated circuits from common invasive attacks aimed at extracting non-volatile memory. The module provides a robust solution against the copying, emulation, cloning, and counterfeiting of chips by integrating security by design principles. This innovative technology detects invasive attempts in real-time, thereby rendering bypass strategies impracticable. It is effectively engineered for seamless integration into existing chip designs, offering a cost-effective security enhancement for chip manufacturers and integrators.
The SHA-3 Crypto Engine is a sophisticated hardware accelerator designed for cryptographic hashing functions. It stands out as an area-efficient and high-throughput design, fully compliant with the NIST FIPS 202 standard. This IP core supports all SHA-3 hash functions including SHA-3-224, SHA-3-256, SHA-3-384, and SHA-3-512, in addition to extendable output functions (XOF) such as SHAKE-128 and SHAKE-256. Its design includes robust protection against time-based side channel attacks (SCA) and features automatic byte padding. Operating within a single clock domain, the SHA-3 Crypto Engine has been meticulously verified to ensure reliability. It serves as a versatile solution for maintaining data integrity, enabling authentication, and supporting various security protocols. Its applications are extensive, finding use in Message Authentication Codes (MAC), IPsec and TLS/SSL protocol engines, secure boot mechanisms, encrypted storage, e-commerce, financial systems, blockchain, and pseudo-random bit generation. Deliverables with the SHA-3 Crypto Engine include System Verilog RTL source code, testbenches, integration examples, and software example source code, accompanied by comprehensive documentation. It is available under a one-time licensing fee, suitable for both single and multi-project licenses. The IP core offers impressive resource utilization and performance across several device families, ensuring efficient integration in diverse system environments.
The WiseEye2 AI Processor from Himax is a highly capable ultralow power AIoT processor designed for sensor fusion applications. Comprised of an advanced CMOS image sensor and the HX6538 microcontroller, this solution is tailored for battery-powered endpoint AI, including smart home and security implementations. It features an Arm-based Cortex M55 CPU coupled with Ethos U55 NPU, providing enhanced processing capabilities and robust industrial-grade security features. This processor is engineered to handle complex AI models while ensuring minimal power consumption, ideal for always-on AI applications. Its architecture supports model quantization and pruning, promoting software efficiency without compromising on performance. The WiseEye2 integrates seamlessly into various intelligent devices, offering sophisticated neural network processing and powerful sensor data integration capabilities. Renowned for its adaptive power management and security protocols, the WiseEye2 helps in delivering refined AI insights with improved speed and efficiency. It aligns perfectly with modern user's demands for lasting battery life and intelligent response, fostering advancements in consumer electronics and IoT environments.
Swissbit's iShield HSM is a versatile hardware security module tailored for IoT applications, enabling secure storage of cryptographic keys. This module enhances device authentication and registration in a straightforward plug-and-play format, making it an excellent choice for system integrators looking to retrofit security in existing systems. The iShield HSM ensures that sensitive information such as private keys and certificates are securely maintained, protecting against unauthorised access and duplication.
SiFive Intelligence X280 is positioned at the forefront of AI processing, designed to cater to the rapidly growing demands of AI and machine learning applications. The X280 boasts advanced vector processing capabilities, crucial for executing complex AI workloads efficiently. With up to 512-bit vector length and single vector ALU, its architecture is optimized to support object detection, speech processing, and data management tasks. Built on RISC-V's scalable design, the X280 integrates seamlessly with multiple AI frameworks, making it a versatile choice for varied AI applications. This capability is enhanced by its integration with TensorFlow Lite, offering exceptional support for next-gen AI technologies. Through flexible vector operations and energy-efficient design, the X280 processor provides high-performance computing at remarkably low power. It's ideal for edge AI applications where computational resources and power efficiency are critical. This ensures that SiFive's AI solutions can meet the evolving needs of data-intensive industries effectively.
The Keccak Hash Engine IP core is a versatile cryptographic function component known for its adaptability beyond just hashing. Based on the innovative sponge construction, Keccak powers not only hash functions but also serves roles in authentication, encryption, and pseudo-random number generation. Among its notable features is the Keccak-f cryptographic permutation, which offers an easy-to-implement flexible solution that caters to varying security requirements. Standardized under 3GPP TS 35.231 for mobile telephony and NIST’s FIPS 202 and SP 800-185, Keccak assures dependability by undergoing rigorous public scrutiny and third-party analysis. It provides an easy integration path, operating within a single clock domain, and it can be configured to suit different output lengths and security strengths. This flexibility ensures its applicability in a broad spectrum of applications, from maintaining hash functions to complex encryption tasks. When licensing the Keccak Hash Engine, KiviCore provides System Verilog RTL source code, along with testbenches, software examples, and documentation. Licensing is available with single and multi-project options, ensuring accessibility and implementation for various project scopes. Its efficient design and robust security make it a critical component for those developing secure systems across numerous platforms.
Fault Injection Attack Countermeasures offer systems tailored to detect and mitigate vulnerabilities to fault injection attacks at the pre-silicon stage. Utilizing simulation tools, FortifyIQ provides a proactive approach to identify potential weaknesses before physical production. This technology, integrated with their comprehensive design architecture, includes support for advanced countermeasures that reinforce protection against physical disruptions and unauthorized data extraction techniques. It's especially beneficial for automotive, IoT, and other industries facing stringent security requirements, ensuring the integrity of critical information in deployment scenarios where traditional defenses may fall short.
The UniqueID PUF Core is a cutting-edge security solution leveraging the physical variations inherent in semiconductor manufacturing to produce unmatched cryptographic keys. PUF (Physically Unclonable Function) technology ensures each chip generates a unique ID, making it virtually impossible to duplicate or clone a device’s digital signature. These intrinsic variations enable highly secure operations such as bitstream encryption and decryption, providing a secure root of trust for any system requiring enhanced security measures. As cyber threats become increasingly sophisticated, PUF technology represents a vital line of defense for protecting sensitive data and intellectual property. This core is particularly suitable for IoT devices, secure communications, and embedded systems where security is paramount. It brings robust encryption capabilities while reducing the need for additional cryptographic hardware, optimizing resource utilization in compact and power-sensitive devices.
PUFhsm is a robust hardware security module designed to cater to the evolving security demands of the automotive and advanced applications markets. Integrating a CPU and extensive cryptographic engines, it isolates critical security operations from the primary system to ensure high-level protection against sophisticated cybersecurity threats. It supports EVITA-Full compliance, acting as a security enclave that manages all security functions such as secure boot, updates, provisioning, and more. The PUFhsm empowers chip designers to meet stringent automotive security standards efficiently, optimizing resources while maximizing security efficacy across the lifecycle of the device.
Suite-Q HW is an advanced system-on-chip (SoC) designed to consolidate all necessary cryptography in a compact and efficient package. Offering secure protocols, the design targets both high-end servers and low-end embedded systems, differing mainly in processor cores, connectivity, and operating frequencies. It handles symmetric and asymmetric cryptographic operations efficiently, utilizing hardware accelerators. The solution supports multiple cryptography types, including isogeny-based, lattice-based, and code-based cryptography, albeit pending final NIST standardization. Integral features include a true random number generator and advanced hashing and encryption standards like SHA-2, SHA-3, and AES variations. Suite-Q HW integrates easily into various SoC and FPGA designs, providing comprehensive offloading of intensive cryptographic computation, which significantly lowers power consumption in hardware compared to software.