The CryptoManager Infrastructure is a high performance, secure transaction processing and data reporting system designed to securely manage provisioning, device personalization and high value key management throughout a semiconductor’s life cycle. As a critical part of the manufacturing and communications infrastructure, high availability, performance, and security are emphasized in all components of the CryptoManager Infrastructure. Security throughout the system is provided through the use of Hardware Security Modules (HSMs) in every node of the CryptoManager infrastructure. These FIPS 140-2 level 3 compliant HSMs provide tamper resistant secure storage and a secure computation environment for the necessary cryptographic computation and sensitive operations in the CryptoManager Infrastructure.
Related to the inherent complexities and costs associated with building a brand new chip, fabless chip manufacturers are under constant pressure to improve operating efficiencies while, at the same time, satisfying OEM customer requirements. As such, large OEM customers requesting personalization, customer specific data preparation and feature customization of standard parts challenge the chipmakers ability to minimize inventory overhead and improve operating efficiencies.
Customer specific personalization services may be accomplished with a high degree of visibility and audit tracking controls that are secured by the CryptoManager solution for each step in the manufacturing supply chain.
For example (see Figure 1), if three OEM customers of a SoC manufacturer each request different feature configurations and/or data preparations for a standard SoC product, the SoC manufacturer needs to figure out how to support three customerspecific part types without creating three different SKUs.
Device personalization creates complexity in manufacturing and in inventory management. With multiple SKUs for standard products, managing inventory for each step requires accurate forecasts and discrepancies can result in wasted silicon or delays in fulfilling orders (see Figure 2)
In this case, pushing the personalization processing step to the end of the manufacturing flow just prior to or, in some cases after delivery to the customer, mitigates the impact on inventory and operations (See 3).
With mobile devices housing more and more sensitive data that is utilized in a wide variety of applications, chip and device companies must meet the complex security requirements for each potential use case or capability. Most security measures require the injection of secret identity data and cryptographic keys. Currently, cryptographic keys are provisioned in the open without encryption on test equipment which is operated by third party contract manufacturers. These current provisioning methods expose chip manufacturers to liability and risks for any security breach that occurs within their supply chain.
Utilizing the CryptoManager Root of Trust hardware IP Core, SoC architects have a built-in design for the secure provisioning of cryptographic keys during chip manufacturing. For OEM device manufacturing, this feature also enables remote secure key provisioning at the ODM (Original Device Manufacturer).
When chips are shipped into the field, it is required that test features, needed to test the chip during manufacturing, must be securely disabled (see Figure 1 below). If left enabled in the field, these test and debug ports could provide a back door into the device that could be used maliciously to read sensitive keys and other sensitive data from the device. These test features must be disabled when the part ships into the field, but must also be securely enabled later when defective parts are returned through the RMA (Return Merchandise Authorization) channel for failure analysis.
To prevent misuse of debug modes (e.g. BIST, scan, JTAG), the CryptoManager Root of Trust can be connected to the debug mode enable, which defaults to an off (safe) setting. The Root of Trust can selectively enable debug features as needed, for example:
- At specified manufacturing stages (wafer test, package test), necessary debug capabilities can be temporarily enabled
- In the case of a defective chip or device, debug capability can be re-enabled for Return Merchandise Authorization (RMA) and Failure Analysis (FA)
Once the debug is completed, the Root of Trust will disable the debug mode. The CryptoManager solution provides a method for chip and device companies to authenticate the device and authorize the provisioning of the debug enable/disable operation for each device.
Our CryptoManager Infrastructure automates and secures the provisioning of device services across the supply chain, reducing operating costs and accelerating time-to-market. It is designed to easily integrate into any manufacturing facility without disruption to existing operations. Learn more about our CryptoManager Infrastructure, and how it enables the secure provisioning of device services throughout the distributed manufacturing supply chain.