Vendor: Synopsys, Inc. Category: Root Of Trust

tRoot Vx Hardware Secure Modules

The tRoot™ Hardware Secure Modules (HSMs) with Root of Trust enable connected devices to securely and uniquely identify and authe…

Contact Provider Request Datasheet

Overview

The  tRoot™ Hardware Secure Modules (HSMs) with Root of Trust enable connected devices to securely and uniquely identify and authenticate themselves to create secure channels for remote device management and service deployment.
The flexible tRoot Fx HSM family includes fully programmable and highly configurable solutions that enable designers to tune the HSM to their exact requirements, while the pre-built tRoot Vx HSM family offers a defined security boundary for a complete, drop-in security solution.
tRoot HSMs are designed to easily integrate into system-on-chips (SoCs) and provide robust hardware-enforced protection while maintaining a high level of performance through cryptographic acceleration and offering designers options to create solutions with the most efficient combination of power,
size, and performance. tRoot HSMs provide a Trusted Execution Environment (TEE) to protect sensitive information and processing and implement security- critical functions such as secure boot, storage, debug, anti-tampering and key management required throughout the device life cycle.
The Synopsys tRoot Vx HSMs (Figure 1) are pre-built solutions with defined security perimeter. Their advanced design combats complex threats by protecting the device and its data at boot time, run time, and during the communication with other devices or the cloud. tRoot Vx HSMs are typically targeted at microprocessor-based SoCs in high-end edge devices, IoT hubs, cellular communication, industrial control, automotive, and mobile devices.

Key features

  • The Synopsys tRoot Vx HSMs include a highly secure hardware Root of Trust that enables devices to boot securely and permits encryption and decryption of sensitive data allowing it to be stored in non-secure devices or memory. It provides a completely secure environment in a non-secure system from which applications can execute secure cryptographic services.
  • The tRoot Vx HSMs secure SoCs by using unique code protection mechanisms that provide run-time tamper detection and response. Code privacy protection is achieved without the added cost of dedicated secure memory. This unique feature reduces system complexity and cost by allowing the tRoot Vx HSM’s firmware to reside in any non-secure memory space.
  • Commonly, tRoot Vx programs reside in shared system DDR memory. Due to the confidentiality and integrity provisions of the secure instruction controller, this memory is effectively private to the HSM and impervious to attempts to modify it originating in other subsystems in the chip, or from outside. The tRoot Vx HSM’s ROM-less architecture can support system design changes at any time without risk of exposing the system memory to threats and without additional engineering development cost. To minimize the number of attack vectors, tRoot Vx HSMs use a simple interface with a limited set of interactions with the host processor.

Benefits

  • HSMs with Root of Trust provide high- grade protection against malicious attacks
  • Complete solutions with defined secure perimeter give SoCs a unique, tamper- proof identity
  • Enables secure services deployment and life cycle management
  • Provides a TEE to create, provision, store, and manage keys
  • Crypto APIs based on PKCS #11
  • Full hardware key protection
  • Multi-stage secure boot validates software and data integrity of the host CPU
  • In-the-field device management
  • Secure identification and authentication
  • Secure storage, debug, and firmware updates
  • Run-time integrity protection for tRoot and host CPU
  • Secure key port provides a hardware secure data path for derived and negotiated keys to other entities
  • External memory access protection and runtime anti-tampering
  • Hardware cryptography acceleration for high-performance product variants

Applications

  • Industrial control and automation
  • Internet of Things: hubs, aggregation points, smart metering, high-end wearables
  • Networking: gateways, routers, cellular communication
  • Mobile
  • Automotive

What’s Included?

  • Synthesizable RTL written in Verilog-2005 (IEEE Std 1364-2005)
  • Binary firmware image(s)
  • Build and configuration tools
  • Host application library
  • Verilog integration testbench and test vectors
  • Integration test image(s)
  • Sample simulation script
  • Sample synthesis script
  • Documentation (hardware and software user guides, software APIs)

Specifications

Identity

Part Number
dwc_troot_vx_hardwtRoot_vx_hardware_secure_modules
Vendor
Synopsys, Inc.
Type
Silicon IP

Files

Product Sheet Download

Note: some files may require an NDA depending on provider policy.

Provider

Synopsys, Inc.
HQ: USA
Synopsys is a leading provider of high-quality, silicon-proven semiconductor IP solutions for SoC designs. The broad Synopsys IP portfolio includes logic libraries, embedded memories, analog IP, wired and wireless interface IP, security IP, embedded processors and subsystems. To accelerate IP integration, software development, and silicon bring-up, Synopsys’ IP Accelerated initiative provides architecture design expertise, pre-verified and customizable IP subsystems, hardening, and signal/power integrity analysis. Synopsys' extensive investment in IP quality, comprehensive technical support and robust IP development methodology enables designers to reduce integration risk and accelerate time-to-market.
Contact Synopsys, Inc.

Learn more about Root Of Trust IP core

Root of Trust: A Security Essential for Cyber Defense

Imagine a datacenter powering critical cloud services, silently compromised by a tampered chip inserted during manufacturing. In most cases, the malware would be practically impossible to remove and could persist across formats/reinstalls !

Why Hardware Root of Trust Needs Anti-Tampering Design

The hardware root of trust (HRoT) provides the trust base (root key), hardware identifier (UID), hardware unique key (HUK), and entropy required for the secure operation of the entire chip and therefore is often the focus of hacker attacks. If the design can’t effectively resist attacks, hackers can easily obtain the secrets of the entire chip. Attackers can use the secrets to crack identity authentication and data encryption and steal product design know-how, causing application security problems.

Frequently asked questions about Root of Trust IP cores

What is tRoot Vx Hardware Secure Modules?

tRoot Vx Hardware Secure Modules is a Root Of Trust IP core from Synopsys, Inc. listed on Semi IP Hub.

How should engineers evaluate this Root Of Trust?

Engineers should review the overview, key features, supported foundries and nodes, maturity, deliverables, and provider information before shortlisting this Root Of Trust IP.

Can this semiconductor IP be compared with similar products?

Yes. Buyers can compare this product with similar semiconductor IP cores or IP families based on category, provider, process options, and structured technical specifications.

×
Semiconductor IP