Security IP icon


Secure Silicon Provisioning

We provide secure programming of your technology secrets during chip manufacturing, at the OEM and/or in the cloud.

How the Secure Silicon Provisioning works

The Secure Silicon Provisioning Platform (formerly from Inside Secure) allows Rambus to serve as an independent License Authority provisioning secret values into SoCs/Modules to enable secure silicon for our customers. Rambus is the largest third-party custom chip provisioner in the world provisioning on multiple manufacturing lines (13 SoC partners and counting), with over 60 existing customers in the computer, security and OEM space. The Secure Silicon Provisioning Platform allows production line certificate generation and tracking to ensure the integrity of the manufacturing and licensing process.

Diagram of BlackBox Server connected to SoC programmer to show how provisioning on the fab's production line
Provisioning server programs devices and wafers directly on the fab's production line. Programming your secrets into devices is easier than ever because the BlackBox Server already resides on production lines of most SoC vendors.

Advanced data and content distribution protection requires that embedded security features are enabled and specific information to be loaded into the chips. Normally, access to programming services of unique IDs and secret keys is reserved for high volume security vendors who independently develop their own infrastructure. Rambus is in the unique position to offer a provisioning platform for virtually any SoC and module vendor. Rambus provides a common interface and access to secure silicon features incorporated into today’s devices allowing customers to maximize security in their systems and selection of a wide variety of SoC and module manufacturers to suit their OEM device and computer needs.

Features & Benefits

  • Enables use of high security features and functions
  • Hardware enforced access to secure silicon features
  • Highly secure, cost effective way to add security to OEM devices and computers
  • Embedded RSA/ECC key allows third party customers to sign their code
  • Third party symmetric key for customer use during OEM device and computer provisioning
  • Licensable cryptographic library for boot loader protection
  • Protects customers’ boot and application code
  • Supports any security or CAS/DRM vendor
  • Prevents custom software from being exported into another device or module
  • Enables the customer to own their secret keys, providing flexibility in choice of security providers
  • Enables CAS vendor switching for fielded OEM devices
CryptoManager Root of Trust Cover

The CryptoManager Root of Trust

Built around a custom RISC-V CPU, the Rambus CryptoManager Root of Trust (CMRT) is at the forefront of a new category of programmable hardware-based security cores. Siloed from the primary processor, it is designed to securely run sensitive code, processes and algorithms. More specifically, the CMRT provides the primary processor with a full suite of security services, such as secure boot and runtime integrity, remote attestation and broad crypto acceleration for symmetric and asymmetric algorithms.
Rambus logo