The tRoot™ Hardware Secure Modules (HSMs) with Root of Trust enable connected devices to securely and uniquely identify and authenticate themselves to create secure channels for remote device management and service deployment.
The flexible tRoot Fx HSM (Figure 1) includes fully programmable and highly configurable solutions that enable designers to tune the HSM to their exact requirements, while the pre-built tRoot Vx HSM family offers a defined security boundary for a complete, drop-in security solution.
tRoot HSMs are designed to easily integrate into system-on-chips (SoCs) and provide robust hardware-enforced protection while maintaining a high level of performance through cryptographic acceleration and offering designers options to create solutions with the most efficient combination of power,
size, and performance. tRoot HSMs provide a Trusted Execution Environment (TEE) to protect sensitive information and processing and implement security- critical functions such as secure boot, storage, debug, anti-tampering and key management required throughout the device life cycle.
tRoot Fx Hardware Secure Modules: Programmable Root of Trust
Overview
Key Features
- Efficient ARC SEM Security Processor
- SoC host and peripheral interfaces
- APEX cryptography acceleration (CryptoPack)
- Clock and reset management
- Rich software libraries (NIST validated cryptography, device drivers, secure boot, and DSP)
- SecureShield runtime library
- Synopsys TRNG reference design example
- Synopsys ARChitect IP configuration tool
- Secure APEX extension options
Benefits
- Fully programmable and highly configurable tRoot FX hardware secure modules protect against malicious attacks targeting high value applications
- Integrated ARC SEM Security Processor protects against side-channel attacks
- Software and hardware cryptography options accelerate a range of crypto algorithms including AES, 3DES, SHA-256 and RSA/ECC
- Secure instruction and data controllers provide external memory encryption and authentication
- tRoot Fx HSM software includes NIST- validated platform libraries, cryptography library, secure boot toolkit, and SecureShield runtime library
Applications
- Mobile
- Embedded SIM (eSIM/iSIM)
- Embedded universal integrated circuit card (eUICC/iUICC)
- Embedded secure element
- Mobile payment
- Internet of Things (IoT)
- Smart metering
- eGovernment IDs
- Automotive
- Telematics
- V2V/V2I communications
- Industrial
- Programmable logic controllers (PLC)
- Robotics
Deliverables
- IPLib installation file, which includes:
- User-configurable hardware (RTL) and software source code (using Synopsys’ ARChitect IP configuration tool)
- Complete set of front-end views
- Demonstration application available as design template
- ARC EM IPLib installation file
- Databook (PDF)
- Release notes (PDF)
- ARChitect configuration tool
Technical Specifications
Maturity
Available on request
Availability
Available
Related IPs
- RT-630 Hardware Root of Trust Security Processor for Cloud/AI/ML SoC FIPS-140
- RT-660 DPA & Fault Injection Resistant Hardware Root of Trust Security Processor for Govt/Aero/Defense FIPS-140
- PUF-based Hardware Root of Trust
- RT-630-FPGA Hardware Root of Trust Security Processor for Cloud/AI/ML SoC FIPS-140
- Embedded Flash Protection with Hardware Root of Trust and Lite Crypto Engine
- RT-650 DPA-Resistant Hardware Root of Trust Security Processor for Govt/Aero/Defense FIPS-140