Mach-NX FPGA is designed for cyber-resilient systems
Lattice Semiconductor has added support for ECC 384 and SPDM protocols in its second generation of secure control FPGAs. Following on from the secure control of the Lattice MachXO3D FPGAs, released last year, the FPGAs are the third family in 12 months that have been developed on the Lattice Nexus FPGA platform. The company says the Mach-NX FPGAs deliver heightened security features and the fast, power-efficient processing needed to implement a real time hardware root of trust (HRoT) on future server platforms, computing, communications, industrial and automotive systems.
According to the company, the Mach FPGA families can simplify and accelerate implementation of technologies, such as ECC 384 and data security protocols like SPDM, to secure platforms against cyber attack and IP theft.
Esam Elashmawi, chief strategy and marketing officer at Lattice, commented: “Securing systems against unauthorised firmware access goes beyond establishing a HRoT at boot. It also requires that components used to build the system are not compromised as they move through the global supply chain. When combined with the additional protection afforded by our SupplyGuard security service, Lattice Mach-NX FPGAs can protect a system throughout its entire lifecycle: beginning at the time components start moving through the supply chain, through initial product assembly, end-product shipping, integration, and throughout the product’s operational lifetime.”
The Mach-NX FPGAs combine a secure enclave (a 384-bit hardware-based crypto engine supporting reprogrammable bitstream protection) with a logic cell and I/O block. The enclave helps secure firmware, and the logic cell and I/O block enable system control functions such as power management and fan control. The FPGAs can verify and install the over-the-air firmware updates to keep systems compliant as security guidelines evolve and protocols are introduced.
The parallel processing architecture and dual-boot flash memory configuration provide the near instantaneous response times needed to detect and recover from attacks (a level of performance beyond the capabilities of other HRoT platforms like MCUs), reports Lattice.
The FPGAs will support Lattice Sentry, a software stack of customisable embedded software, reference designs, IP and development tools. This accelerates the implementation of secure systems to comply with NIST SP-800-193, Platform Firmware Resiliency (PFR) guidelines and MCTP-SPDM.
The Lattice SupplyGuard supply chain security subscription service tracks locked Lattice FPGAs through their entire lifecycle, from the point of manufacture, through transport via the global supply chain, system integration and assembly, initial configuration, and deployment.
The Lattice Propel design environment accelerates design of a customised, PFR-compliant HRoT solution. It uses a GUI-based development environment that allows developers to create PFR solutions while minimising the need to write RTL code, explains Lattice.
