The Silent Guardian of AI Compute - PUFrt Unifies Hardware Security and Memory Repair to Build the Trust Foundation for AI Factories
At the upcoming NVIDIA GTC 2026, the Vera Rubin architecture takes center stage as NVIDIA's most ambitious AI platform to date: combining a purpose-designed Vera CPU with two Rubin GPUs in a single Superchip package, connected via NVLink 6 and scaled to 72 GPUs per NVL72 rack delivering 3.6 EFLOPS of AI compute. The architectural complexity of this platform pushes engineering challenges well beyond raw compute performance into yield, reliability, security, and system-scale management.
Two pain points define the challenge at this scale:
- Manufacturing and runtime reliability. The Vera Rubin platform consists of dual reticle-limited dies, 900 million SRAM bitcells, 22.2 TB/s of HBM4 bandwidth per GPU, and 1.8–2.3 kW of heat per accelerator, and therefore defects, variation, and thermal stress are not edge cases but statistical certainties. Every deployed GPU requires persistent, chip-specific repair maps and calibration data stored in on-chip nonvolatile memory to remain operational across its full service lifetime.
- Hardware-anchored security at cluster scale. With tens of thousands of GPUs per cluster, each accelerator must carry a unique, unforgeable cryptographic identity from the silicon level upward, enabling secure boot, firmware authentication, and hardware-attested trusted execution across the entire NVLink fabric. At this scale, software-based security is insufficient; trust must be rooted in the physical hardware of every die.
At the scale of the Vera Rubin platform, yield, calibration, and security failures compound across tens of thousands of devices. A single unified hardware anchor at the silicon level is not optional, it is architectural necessity.
A physical unclonable function-based hardware root-of-trust, PUFrt, jointly developed by eMemory and PUFsecurity, was designed precisely for this role: a fully integrated implementation of the Caliptra 2.0 open standard that simultaneously manages cross-die memory repair and hardware root of trust across the full platform.
Cross-Die Repair Hub: AI Compute Platform Yield and Lifecycle Resilience
With the Vera Rubin platform's full adoption of HBM4, memory bandwidth and capacity per GPU have reached unprecedented levels. Managing this scale introduces a new coordination challenge: bitcell defects and PVT variation across GPU dies and HBM4 stacks must be tracked and repaired from a single persistent, trusted source. PUFrt serves as that cross-die repair hub, storing manufacturing repair data, in-field incremental repair records, and per-chip calibration tables in NeoFuse one-time programmable (OTP) memory. System resilience across the full operational lifetime of the platform is enabled by NeoFuse OTP based on the following capabilities:
- Post-package repair for HBM4 and compute die: within rack-scale architectures such as the Vera Rubin NVL72, PUFrt crosses physical die boundaries to permanently store the repair address map for both HBM4 stacks and on-die SRAM. On every boot, optimal repair parameters are automatically loaded, significantly improving production yield and extending product lifetime.
- High-capacity OTP storage for PVT sensor calibration: under high-load operation, Vera Rubin relies on PVT sensors to precisely regulate voltage and frequency. Each die's calibration compensation table is unique and must be permanently programmed post-test. The large capacity of NeoFuse OTP provides ample storage for multi-sensor calibration coefficients, ensuring the system maintains optimal compute accuracy even under the demanding thermal conditions of a data center environment.
- Unified management at the BMC Level: acting as the Root of Trust for the baseboard management controller (BMC), PUFrt centrally orchestrates repair status and calibration data versions across all dies, enabling full-lifecycle secure firmware update and operational transparency.
- Code patch for faster time to market: advanced SoCs in the Vera Rubin platform involve lengthy development cycles and enormous tape-out costs. When firmware or microcode bugs are discovered post-mass production, traditional remediation requires a costly and time-consuming respin. By storing patch code in the large capacity NeoFuse OTP of PUFrt, fixes can be dynamically loaded at boot without any hardware changes, dramatically reducing respin costs and compressing the time to return products to market.
Hardware Root of Trust: Silicon Identity and AI Platform Security
In a multi-die architecture like the Vera Rubin platform, security can no longer be managed at the level of a single die. PUFrt is built around three silicon-level security primitives, each addressing a distinct platform requirement:
- NeoFuse secure OTP (One-Time Programmable memory): optimized for sub-3nm process nodes, NeoFuse is electrically programmable and requires no additional mask steps. Its resistance to side-channel attacks and reverse readout makes it the ideal carrier for Vera Rubin's root keys and security credentials, ensuring cryptographic assets are protected at the physical level.
- High-quality TRNG (True Random Number Generator): leveraging the intrinsic physical randomness of NeoPUF, PUFrt delivers a high-entropy random source for NVLink encrypted communications, fully compliant with NIST SP 800-90B and equivalent international security certification standards.
- NeoPUF-derived UDS (Unique Device Secret): NeoPUF physically reconstructs the UDS on every power-up without statically storing it in any memory, fundamentally eliminating the risk of key extraction. This maps seamlessly onto the compound device identifier (CDI) required by Caliptra 2.0, guaranteeing that every Rubin GPU deployed at scale within an AI factory carries a unique, unclonable digital identity.
The Silent Guardian at the Pinnacle of AI Compute
As the spotlight at NVIDIA GTC 2026 falls on the exascale compute leap delivered by the Vera Rubin platform, proprietary solutions of eMemory and PUFsecurity are safeguarding something more fundamental – the authenticity and durability that underpin every calculation.
The design philosophy of PUFrt is straightforward yet profound. In the microseconds after a chip powers on, it answers the two most critical questions in AI infrastructure with physical-layer certainty: "Can this chip be trusted?" and "Will it keep running reliably under sustained load?" With the support of eMemory and PUFsecurity's technology, the formidable compute power of Vera Rubin platform is not only state-of-the-art today, but built to withstand both the test of time and the scrutiny of adversaries.
Related Semiconductor IP
- 8MHz / 40MHz Pierce Oscillator - X-FAB XT018-0.18µm
- UCIe RX Interface
- Very Low Latency BCH Codec
- 5G-NTN Modem IP for Satellite User Terminals
- 400G UDP/IP Hardware Protocol Stack
Related Blogs
- Rivian’s autonomy breakthrough built with Arm: the compute foundation for the rise of physical AI
- UEC-LLR: The Future of Loss Recovery in Ethernet for AI and HPC
- UA Link vs Interlaken: What you need to know about the right protocol for AI and HPC interconnect fabrics
- Pushing the Boundaries of Memory: What’s New with Weebit and AI
Latest Blogs
- The Silent Guardian of AI Compute - PUFrt Unifies Hardware Security and Memory Repair to Build the Trust Foundation for AI Factories
- Heterogeneous NPU Data Movement Tax: Intel's Own Slides Tell the Story
- PQMicroLib-Core now supports PSA Certified Crypto API
- Imagination Demonstrates DirectX Gaming on D-Series GPUs
- Embedded Security explained: Post-Quantum Cryptography (PQC) for embedded Systems