Called the DesignWare ARC secure IP subsystem, the solution features either the SEM110 or 120D security processor, both featuring SecureShield technology. This, says the company, enables the creation of a trusted execution environment.
Rich Collins, product marketing manager, IP subsystems, said: It’s based on the SEM processor, which was launched last year. It has additional security features, including uniform timing to prevent side channel analysis.”
Collins believes security is now important at all levels, as product complexity moves ‘down and to the left’. “This pre verified solution addresses a range of attack agents.”
The subsystem addresses three potential areas of attack: the network; the device itself; and the chips inside. Looking to counter attacks, it
includes software and hardware accelerated cryptography options, as well as secure instruction and data memory controller. Collins noted: “It has a secure external memory controller, much like a small cache with built in encryption. It handles instructions and data, reducing latency. Because external memory is insecure, you can keep code in on chip memory and decrypt it on the fly as it’s used.”
However, the level of cryptography in the end chip will be defined by area versus performance trade offs. “The dedicated hardware engine has specialised instruction, but an external interface allows instructions to be added which accelerate software cryptography,” Collins said. “Embedded SIM customers see this a ‘happy medium’, giving them more performance without taking a gate count hit.”
Hardware security features are complemented by software, including a NIST-validated cryptography library, the SecureShield Runtime Library and secure boot support.