FPGAs and Firmware: An Ironclad Security Duo at Every Stage of Design and ManufactureDecember 08, 2020 by Jake Hertz
With increased data transfer comes increased hardware security. We sat down with Lattice Semiconductor to discuss a new security-focused FPGA that may be a solution to many firmware vulnerabilities.
As data becomes more widespread and personalized, hardware security has become a paramount concern for engineers. There are many ways that a hardware device can be vulnerable to security threats; hardware trojans, counterfeits in the supply chain, side-channel attacks, and more recently, firmware attacks, are all becoming increasingly common.
In applications such as servers, where companies may be running proprietary IP like neural networks or where customers may be sending personal information, security concerns need to be taken very seriously.
Lattice Semiconductor has recently responded to these concerns with its newest family of secure FPGAs: the Mach-NX. We had the chance to speak with Peiju Chiang, a Wireless Product Manager at Lattice, to get the details of this new product.
Mach-NX at a High Level
Lattice’s newest product, the Mach-NX, is the third family of FPGAs developed on the Lattice Nexus platform.
The primary goal of the Mach-NX is to avoid firmware attacks by establishing a hardware root of trust at boot. By operating under a first-on-last-off scheme, the Mach-NX works by providing dynamic, real-time monitoring of system hardware, checking for anomalies and providing near-instantaneous response times needed to detect and recover from attacks.
Mach-NX reads through SPI flash memory of other devices to detect, protect, and recover the firmware of all devices on board. Chiang explained the importance of this scheme in detail.
“By being the first device on at boot, we can provision the other devices as hardware turns on. This way, we can secure the entire board and make sure there is no tampering done on the system. We can do that dynamically with our FPGA architecture.”
Mach-NX system block diagram
Further, Lattice took steps to ensure security throughout the IC supply chain, hoping to prevent the insertion of hardware trojans and to prevent IP from being stolen. Designers accomplished this by using a public key system in which the public key is programmed into FPGA in a high-security IC assembly facility.
The private key is only given to customers, making it extremely difficult for tampering during the supply chain. Chiang elaborates, stating, "Throughout the supply chain, the only way to enable functionality on the FPGA is to use the sign-encrypted bitstream, where the only person who has the key is the customer themself.”
A Closer Look at the FPGA's Hardware
Mach-NX incorporates many security-centric hardware blocks as well.
It's worth noting that the system utilizes a 384-bit strength cryptographic engine. For perspective, AES utilizes a maximum of 256 key length, and the NSA has deemed that any information classified as "TOP SECRET," should be protected with a 384-bit encryption. Within the crypto engines is a NIST-certified TRNG.
Hardware blocks in the Mach-NX
The device also features a RISC-V processor that provides the user with the ability to customize the security block with C code as opposed to the more esoteric HDL. Other hardware features include an 11K logic cell FPGA, an eSPI interface, and a configurable platform firmware resiliency (PFR).
Chiang stresses the versatility of Mach-NX, explaining that the solution is "multi-platform."
"Whether it’s an Arm or Intel/AMD processor, we are processor agnostic," he said. "We provide customers the flexibility to choose security and control solutions that they want.”
As technology becomes increasingly connected, firmware security is undoubtedly a significant concern for both software and hardware engineers. Lattice Semiconductor is hoping to ameliorate these issues with the introduction of Mach-NX, an FPGA for security meant to monitor and protect devices on-board.
While security concerns will certainly never vanish completely and no system is 100% secure, this device is certainly a step in the right direction.
All images used courtesy of Lattice Semiconductor.