ASIL B Ready PCIe 5.0 Integrity and Data Encryption Security Module

PCI Express is a ubiquitous interface for a wide variety of applications, from connecting accelerators and peripheral devices to data center servers to their use in consumer electronics. PCI Express links carry high value information between the host and the peripheral and from endpoint to endpoint.

The Integrity and Data Encryption (IDE) Security IP Modules for PCIe 5.0 provide confidentiality, integrity, and replay protection against hardware-level attacks. IDE adds optional capabilities for PCIe devices to perform hardware encryption and integrity checking on packets transferred across PCIe links.

The IDE Security Modules for PCIe 5.0 offer seamless integration with the Controllers for PCIe 5.0 via the Transaction Layer Packets (TLP) interface as defined in the PCI-SIG IDE specification. This interface matches the data width used by the controller e.g., 512-bit or 256-bit, together with the maximum number of TLP prefixes to offer an optimal performance vs. area implementation.

The IDE extended capability registers are accessible from the Controllers for PCIe 5.0, offering a clear view of the link capabilities during discovery and configuration timeframes.

The Secure PCIe Controllers with IDE provide support for the TEE Device Interface Security Protocol (TDISP), an Engineering Change Notice (ECN) released by PCI-SIG that targets secure I/O Virtualization. TDISP standardized framework defines how to secure the interconnect between virtual machine hosts and devices, regardless of where the data center resides or who has access to the servers inside. The PCIe Controllers with IDE enable designers to build full TDISP support in their hyperscale SoCs and mitigate against data and system attacks to address the challenges of virtualized cloud security.

Besides the availability of Secure PCIe Controllers with IDE for high-performance computing and data center markets, the vendor is also offering the world’s first ASIL B compliant automotive variant of this product, for select configurations. This solution has been tailored to meet the stringent requirements of the automotive market, focusing on functional safety and cybersecurity in compliance with ISO 26262 and ISO/SAE 21434 standards.

Interoperability between the IDE Security Modules and Controllers for PCIe 5.0 is part of the development process, offering customers version compatibility and reference integration templates.

• Compliant with PCI Express IDE specification
• High-performance AES-GCM based packet encryption, decryption, authentication
• Seamless integration with Synopsys controllers via TLP packet-based interface
• Automotive compliant (ASIL B) aligning with ISO 26262 and ISO/SAE 21434
• Optimized for area, performance & latency
• Support for PCIe 5.0, 4.0 and 3.0 data rates
• Customer configurable
• Aligns with PCIe controller’s configuration options
• Scalable data bus width: 128, 256, 512
• Lanes: x1, x2, x4, x8
• Support for TDISP
• FIPS 140-3 certification ready
• Multi-stream support
• PCRC calculation & validation
• Efficient key control & refresh
• In-order bypass mode