Root of Trust - Foundational security in SoCs and FPGAs for IoT servers, gateways, edge devices and sensors

Designed to be integrated in power and space-constrained SoCs or FPGAs, the RT-130 Root of Trust (formerly VaultIP) is a SESIP, PSA Certified, and FIPS 140-3 compliant hardware core that guards the most sensitive assets on chips and establishes the foundation for platform security.

Featuring a firmware-controlled architecture with dedicated secure memories, the RT-130 hardware Root of Trust provides a variety of cryptographic accelerators including AES, SHA-2, RSA and ECC. Ideal for power and space-sensitive applications like IoT servers, gateways and edge devices, the RT-130 Root of Trust offers the best balance of size and performance available on the market.

The RT-130 offers a series of key security use cases ‘out of the box’, including:

• Secure Boot assist to host CPU(s) and protection of key material
• Secure firmware upgrade management for Host CPU
• Lifecycle management support
• Secure Debug support
• Secure device authentication and identity protection

The RT-130 provides a secure asset store:

• Only the RT-130 can manage, use and access the assets
• The O/S and applications cannot access key values
• Applications request asset use by reference
• Enforces policies for access and use of keys and cryptographic functions
• Key generation, derivation, storage and transport

How the Root of Trust Works

The RT-130 Root of Trust is a silicon IP core developed to protect an SoC platform and its operation. It allows the SoC to boot securely and protects sensitive key material and assets. At its heart, its Secure Asset Store allows import, negotiation, and creation of secret and private key material. Safe use of key material is enforced through a flexible key use and access policy. Keys can be securely stored in off-chip NVM. Fully featured, its cryptographic data plane associated to its DMA offloads the main CPU while never exposing secret data to the OS or the applications. It is designed to provide secure, energy efficient and accelerated security functions.

Readily deployable, the RT-130 Root of Trust is offered in off-the-shelf configurations, allowing a choice tailored to the needs of your application. Configurations differ by cryptographic accelerators contained and 3rd-party certification and standard compliance.

The RT-130 is part of the broad Rambus Root of Trust portfolio, which ranges from small, lightweight cores designed to protect IoT endpoints all the way to fully programmable Root of Trust cores designed to protect the most sensitive government/defense chips and automotive deployments requiring ISO-26262 certifications.

Rambus can optionally offer dedicated certification support packages to its RT-130 licensees that provide related certification documentation, test scripts, and dedicated support to achieve FIPS 140-3, SESIP and PSA certification when embedded in your SoC or ASIC.

• Side channel attack resistant
• Technology and node independent
• Superior cryptographic protection
• Use with any ASIC or FPGA

• IoT, IIoT, gateways, edge devices

• Verilog RTL Design database
• Tools and Scripts for synthesis and simulation
• Complete verification test bench and comprehensive set of test vectors
• Complete Documentation Set: Hardware Reference Manual, Programmers Manual, Integration Guide
• Driver Development Kit