Security IP icon


RT-641 Embedded HSM (Root of Trust)

ISO-26262 ASIL-B Compliant for Designs with Chinese Algorithms

The Rambus RT-640 Root of Trust is a fully programmable ASIL-B certified hardware security core. The RT-641 complements the RT-640 with Chinese cipher algorithms SM2, SM3 and SM4, offering security by design for automotive applications that require Chinese crypto-based security support. As the connected nature of automobiles evolves, device architects face a growing array of emerging security threats. Whether V2X, ADAS, infotainment, or other applications, one constant in automotive design is the need for a hardware root of trust-based security implementation. The Rambus RT-641 is the ideal security co-processor for automotive uses. Based on a custom 32-bit RISC-V siloed and layered secure coprocessor, along with dedicated secure memories, the RT-641 features a number of high-capability cryptographic accelerators like AES and SM4 (all modes), HMAC-SHA-2 and SM3 (all modes), RSA up to 4096 bits, ECC and SM2DSA up to 521 bits, a NIST compliant Random Bit Generator and fast DMA. Satisfying use cases such as secure boot, EVITA and SHE+ HSM, AutoSAR functionality, and protection of propriety algorithms, the ISO-26262 ASIL-B compliant RT-641 is ideally suited for automotive applications where security is a top priority.

Navigating the Intersection of Safety and Security

Navigating the Intersection of Safety and Security

Vehicle systems and the semiconductors used within them are some of the most complex electronics seen today. To support the realization of Level 4 and Level 5 (L4/L5) autonomous driving, a massive restructure is underway. The software-defined vehicle, the automotive Ethernet, vehicle-to-everything (V2X) connectivity, and domain controller units are just some of the new technologies required to realize L4/L5 capabilities. Ensuring all these new systems are both functionally safe and secure from cyberattacks is mission critical.

How the Root of Trust Works

The Rambus Root of Trust RT-641 is an independent hardware security core designed for integration into automotive semiconductor devices, offering secure execution of user applications, tamper detection and protection, and secure storage and handling of keys and security assets. The RT-641 implements hardware and software safety mechanisms to exceed ASIL-B safety integrity levels. It offers chipmakers a siloed approach to security; while located on the same silicon as the main processor, the secure processing core is physically separated. A layered security approach enforces access to crypto modules, memory ranges, I/O pins, and other resources, and assures critical keys are available through hardware only with no access by software. While based on a custom processor, the Rambus Root of Trust supports all common main processor architectures, including ARM, RISC-V, x86 and others.
Root of Trust diagram

The Root of Trust supports multi-tenant deployments by offering true multiple root of trust capabilities. Each individual Secure Application can be assigned its own unique keys, meaning permissions and access levels are set completely independent of others. Secure Applications are siloed from each other, ensuring the best approach to security. OEMs can determine access levels and permissions for each and all processes operating within the secure processor.

Secure Applications

Included with the RT-641 Hardware Root of Trust are a series of standard secure applications (“containers”) to speed development, including secure boot, identity management, HSM reference, and others. Dedicated EVITA-Full and EVITA-Medium Secure Applications can be offered on request. A container development kit (CSDK) is also included to allow the development of custom containers for specific use cases.

The Road to Post Quantum Cryptography cover

The Road to Post Quantum Cryptography

Quantum computing offers the promise of tremendous leaps in processing power over current digital computers. But for the public-key cryptography algorithms used today for e-commerce, mobile payments, media streaming, digital signatures and more, quantum computing represents an existential event. Quantum computers may be able to break the widely used RSA and ECC (Elliptic-Curve Cryptography) algorithms in as little as days. Learn about our solutions and recommendations to ready customers for a post-quantum world.

Solution Offerings

Full Disk Encryption of Solid State Drives and Root of Trust Cover

Full Disk Encryption of Solid State Drives and Root of Trust

File encryption, file system encryption and full disk encryption (FDE) are methods offered by the industry to allow users to protect their data stored on non-volatile storage devices, such as Solid State Disks (SSD). The main feature of FDE is to protect stored system and user date from unauthorized reading, writing, alteration, moving or rolling back. However, extended security features are key to securing FDE implementation.