Security IP icon

Security

CryptoManager Root of Trust RT-645

The CryptoManager Root of Trust RT-645 is a fully programmable, ISO-26262 ASIL-D ready hardware security core offering security by design for automotive applications. It protects against a wide range of failures such as permanent, transient and latent faults and hardware and software attacks with state-of-the-art anti-tamper and security techniques.

As the connected nature of automobiles evolves, device architects face a growing array of emerging security threats. Whether V2X, ADAS, infotainment, or other application, one constant in automotive design is the need for a hardware root of trust-based security implementation. The Rambus RT-645 is the ideal security co-processor for automotive uses. Built on a custom 32-bit RISC-V siloed and layered secure co-processor, along with dedicated secure memories, the RT-645 features a number of high-capability cryptographic accelerators like AES (all modes), HMAC, SHA-2 (all modes), RSA up to 4096 bits, ECC up to 521 bits, a NIST-compliant Random Bit Generator, AXI Multi Issue Out-of-Order, and Fast DMA capability. Additional algorithms such as Whirlpool (SHE), SHA-1 (legacy), AES-CMAC, SHA-3, Poly1305 & ChaCha and OSCCA SM2-3-4 are available as optional HW crypto accelerators.

Additionally, the RT-645 is certified by TÜV-SGS as ISO26262 ASIL-D ready satisfying the ASIL-D Single Point Fault Metric (SPFM ≥ 99 % of faults detected) and Latent Fault Metric (LFM ≥ 90 % of faults detected). To support its customers, the RT-645 package comes with the proper ASIL documentation, such as the ASIL-D Failure Modes Effects and Diagnostic Analysis (FMEDA), Dependent Failure Analysis (DFA) and Safety manuals.
Satisfying use cases such as secure boot, EVITA HSM, and protection of propriety algorithms, the ISO-26262 ASIL-D ready RT-645 is ideally suited for automotive applications where security is imperative. If lower SPFM and LFM rates are needed, RT-640 ASIL-B ready configuration is available.

How the Root of Trust Works

The CryptoManager Root of Trust is an independent hardware security co-processor design for integration into semiconductor devices, offering secure execution of user applications, tamper detection and protection, and secure storage and handling of keys and security assets. The Root of Trust offers chipmakers a siloed approach to security; while located on the same silicon as the main processor, the secure processing core is physically separated. A layered security approach enforces access to crypto modules, memory ranges, I/O pins, and other resources, and assures critical keys are available through hardware only with no access by software. The CryptoManager Root of Trust supports all common main processor architectures, including ARM, RISC-V, x86 and others.
CryptoManager Root of Trust

The CryptoManager Root of Trust supports multi-tenant deployments by offering true multiple root of trust capabilities. Each individual Secure Application can be assigned its own unique keys, meaning permissions and access levels are set completely independent of others. Secure Applications are siloed from each other, ensuring the best approach to security. OEMs can determine access levels and permissions for each and all processes operating within the secure processor.

Secure Applications

Included with the RT-645 Hardware Root of Trust are a series of standard secure applications (“containers”) to speed development, including secure boot, identity management, HSM reference, and others. Dedicated EVITA-Full and EVITA-Medium Secure Applications can be offered on request. A container development kit (CDSK) is also included to allow the development of custom containers for specific use cases.

Protecting Safety, Revenue and Brand: Combating Counterfeit Semiconductors in the Automotive Supply Chain cover

Protecting Safety, Revenue and Brand: Combating Counterfeit Semiconductors in the Automotive Supply Chain

The counterfeit market for semiconductors is real, sizable and growing. Industry analysts peg the current market for fake semiconductors at $75B. Counterfeit chips pose great risk to driver comfort and safety, to say nothing of the severe negative consequences they present to automaker revenues and brand. The good news is there are immediate and cost-effective measures available to secure the semiconductor supply chain and stop counterfeiters in their tracks.

Solution Offerings

Superior Security

  • Hardware root of trust built on a custom 32-bit RISC-V processor
  • Secure in-core processing and industry-leading anti-tamper protections
  • Built-in tamper detection and resistance to side-channel attacks (configuration-dependent)
  • Multi-layered security model provides protection of all components in the core
  • FIPS 140-2 & 140-3 CAVP certified
  • FIPS 140-2 & 140-3 CMVP certified
 

Enhanced Flexibility

  • 3rd-party applications run securely within trusted boundary, each with its own assigned security permissions
  • Complete development environment allows OEMs and users to easily develop secure applications (”containers”); standard use case application containers provided
  • Support for secure provisioning of keys and firmware at manufacturing or in the field
  • Support for multiple roots of trust within a single secure core
 

Security Models

  • Hierarchical privilege
  • Secure key management policy
  • Hardware-enforced isolation/access control/protection
  • Error management policy
 

Cryptographic Accelerators

  • Includes AES, HMAC, RSA, ECC, RBG (configuration-dependent)
 

Security Modules

  • Canary logic for protection against glitching and overclocking
  • Secure key derivation and key transport
  • Life cycle management
  • Secure test and debug
  • Feature management

Complete Documentation

  • Hardware integration guide
  • Hardware and software reference manuals
  • Programming guides
 

Tools and Scripts

  • Verilog for synthesis and simulation
  • All scripts and support files needed for standard EDA tool flows integration deliverables
 

Integration Deliverables

  • Complete verification test bench and comprehensive set of test vectors
  • Container-authoring software
  • Boot loader and firmware, including secure RTOS and security monitor
  • HLOS APIs for accessing capabilities
  • Complete development environment, including compiler, assembler, debugger, simulator, reference code
  • Available FGPA-based development board
 

Secure Applications Deliverables

  • QEMU implementation (source code)
  • Implementation of HLOS or ASIC components (source code)
  • Sample application demonstrating usage of Secure Application
  • Documentation
    • Software Architecture
    • HLOS Programmer’s Guide
    • Developer’s Guide
    • API Guide
    • Integration Guide
Secure ApplicationDescription
Linux Secure BootImplements secure boot for Linux OS, secured by the Root of Trust co-processor
Linux Secure FOTAImplements secure Firmware Over the Air (FOTA) updates for Linux OS
ASIC Secure BootUses the Root of Trust co-processor to assist in the secure boot process of ASICs and FPGAs
Secure Data StorageUses the Root of Trust co-processor to protect user credentials or biometric templates
Open SSL HardeningHardens the OpenSSL crypto operations via the Root of Trust secure co-processor
Reference HSMImplements a basic HSM supporting AES, HMAC, SHA256, ECDSA, X.509 certificates and secure storage
Unique ID GeneratorCreates a Root of Trust unique ID and stores it in the Root of Trust NVM (Non Volatile Memory)

Don’t miss out on the Rambus Design Summit on October 8th!