eMemory’s subsidiary, PUFsecurity, and Carota Form Strategic Alliance to Secure OTA Updates for the Software-Defined Era
Hsinchu – September 9, 2025 – PUFsecurity, a subsidiary of eMemory Technology Inc., today announced a strategic alliance with Carota Corporation, a global leader in over-the-air (OTA) solutions for connected devices. By integrating PUFsecurity’s Physically Unclonable Function (PUF)-based hardware root of trust with Carota’s proven OTA platform, the companies will deliver end-to-end, hardware-anchored cybersecurity for the next generation of connected vehicles and AIoT, and the broader Software-Defined Anything (SDx) ecosystem.
Mitigating OTA Risks with PUF-Based HSM Edge Servers
As connected vehicles and AIoT devices increasingly rely on OTA software updates, they also face growing risks of data leakage, remote tampering, and supply-chain compromise. Conventional key deployment methods introduce vulnerabilities from mishandling or cloning.
Through this alliance, Carota will integrate the PUF-based Hardware Security Module (HSM) Edge Server into its OTA architecture. This enables secure identity recognition, key lifecycle management, software signing, firmware integrity verification, device–server binding, version auditing, sandbox testing, and privacy protection—all within a trusted execution environment. The result is a multi-layered defense from device to cloud, strengthening trust in OTA updates across software-defined ecosystems.
Launching New PUF-Based OTA Service for Smart Devices
Built on eMemory’s NeoPUF technology, the HSM generates a unique, unclonable chip fingerprint to serve as the basis for secure key generation. Its modular cartridge design allows flexible computational resource expansion to meet different device requirements, significantly enhancing resilience and stability in key management. By also integrating a PUF-based FIDO authentication mechanism, customers retain full control over key access rights, eliminating the risks of supplier leakage or internal mishandling common in traditional key deployment.
This “PUF-based OTA” service represents the first practical application of PUF technology in OTA scenarios. It not only strengthens current automotive and AIoT security, but also lays the groundwork for next-generation smart mobility and automation — including AI robots, drones, AGVs/AMRs, and even flying cars.
Shared Vision of Creating a Future-Proof OTA Security Paradigm Together
Dr. Tsung-Lin Lin, Special Assistant to the Chairman of PUFsecurity, stated:
“This collaboration is an important milestone in our vision of PUF-based Security-as-a-Service (SECaaS). By embedding hardware root of trust into Carota’s OTA platform, we are creating a sustainable cybersecurity ecosystem—spanning chip, module, and system levels—that addresses both current threats and the evolving needs of the software-defined era.”
Wo Po-Yi, CEO and Founder of Carota, commented:
“Carota’s mission is to deliver secure, efficient, and future-proof OTA solutions. Partnering with PUFsecurity allows us to embed security at the deepest hardware level, from identity authentication to update verification, ensuring our customers can trust every stage of the OTA lifecycle. This strengthens both automotive and AIoT ecosystems as they scale into the SDx era.” The alliance between PUFsecurity and Carota establishes a new PUF-based OTA security paradigm—combining hardware-anchored trust, cryptographic depth, and efficient OTA workflows. Together, the companies are setting the foundation for forward-looking, sustainable cybersecurity services across smart mobility, automation, and the expanding SDx ecosystem.
About PUFsecurity
PUFsecurity is a leading provider of hardware root-of-trust technologies, specializing in security IP solutions based on Physically Unclonable Function (PUF) technology. Leveraging eMemory’s NeoPUF and OTP technologies, PUFsecurity focuses on developing and deploying native key generation and full-stack security architectures to address the challenges of the quantum era: core IP solutions include PUFpqc (Post-Quantum Cryptography), PUFcc (Crypto Coprocessor), PUFrt (Root of Trust), and PUFhsm (Hardware Security Module). PUFsecurity is currently constructing a PUF-based Security-as-a-Service ecosystem to provide protection and authentication for the next generation of connected devices.
About Carota
Carota is a global one-stop provider of OTA upgrade and remote diagnostics solutions. Services include OTA subscription services, smart cockpit software development, remote diagnostics, OTA testing tools, and AI-powered fleet management solutions, mainly targeting connected vehicle and IoT industries, Carota’s customers span Greater China, Europe, North America, Japan, Korea, and Southeast Asia.
Related Semiconductor IP
- Root of Trust
- Embedded Hardware Security Module (Root of Trust) - Automotive Grade ISO 26262 ASIL-B
- Root of Trust (RoT)
- Silicon Proven Hardware Root of Trust
- Via-PUF Security Chip for Root of Trust
Related News
- PUFsecurity and eMemory Launch Next-Gen PUF-based Hardware Root of Trust IP for Future Computing
- Achronix Adopts eMemory IP for FPGA Hardware Root of Trust
- PUFsecurity Provides Free Access to its Root of Trust and Security Co-Processor Solutions
- PUFsecurity and Himax Prioritize User Security and Data Protection in Endpoint AI with PUF-based Root of Trust
Latest News
- eMemory’s subsidiary, PUFsecurity, and Carota Form Strategic Alliance to Secure OTA Updates for the Software-Defined Era
- Intel Announces Key Leadership Appointments to Accelerate Innovation and Strengthen Execution
- SiFive’s New RISC-V IP Combines Scalar, Vector and Matrix Compute to Accelerate AI from the Far Edge IoT to the Data Center
- Siemens Joins the CHERI Alliance: a United Front for Cutting-Edge Cybersecurity
- Comcores Launches OmniGate: A Versatile and Compact Hardware Evaluation Platform for TSN Ethernet End Stations, Switches, and Gateways