With the rapid rollout of IoT and AI devices and applications, security issues have become a growing concern desperately in need of a fundamental solution. Confidentiality, integrity and availability are the key concepts that underpin information security. Confidentiality safeguards information from unauthorized access. Integrity maintains the accuracy and completeness of information from corruption by outside parties or influences. Availability guarantees that systems, applications and data are available to authorized users as needed. Various security solutions are implemented by integrating algorithms for cryptography, access control and hashing to satisfy these three security concepts.
To achieve confidentiality, integrity and availability, security should be built into every chip and every system with a reliable root of trust to ensure the following features:
- Data Integrity
System level and software protection are exposed to security weaknesses. Security that starts at the fundamental chip level provides more comprehensive protection. This is especially important for AI, IoT, mobile-computing, automotive and other modern applications.
Unclonable Random Number Seeds
A PUF (physical unclonable function) is an inherent physically-defined "silicon fingerprint" that is generated along with random nano-scale variations in the manufacturing process of a semiconductor, providing true uniqueness in every chip that is virtually impossible to duplicate. By using this incredible IC fingerprint, chip and system makers can use a PUF to generate a secret number for various security functions like ID creation, authentication, digital signatures, root of trust and secure booting.
Traditionally, the secret number of an IC has been assigned by an outside hardware security module (HSM) in a highly secure cleanroom and stored in embedded non-volatile memories (NVMs) like NeoFuse. The new trend is to replace outside HSMs with the internal PUF on a chip to eliminate the high maintenance cost of a secure cleanroom facility, as well as the logistical complications of managing secure chip stocks. Moreover, the PUF solution can provide significant security improvements compared with the use of an HSM.
Security is not an all-or-nothing choice. It should be a range of options for different scenarios and communication protocols. The security demands for a wearable smart band are not the same as those in an autonomous vehicle. Likewise, the communications protocols in a smartphone are not the same as those in an narrowband-IoT device. So security solutions should have sufficient flexibility -- including secret numbers, crypto-engines, and random number generation sources -- for different products and still provide a simple process for adoption in a range of foundries and process nodes.
Compared with software-based security measures, hardware solutions can provide a more solid security boundary against hostile attacks. Nowadays, more people are talking about hardware root of trust-based security protections for devices that they’ve spent huge amounts of time and human resources to create. Hardware security provides faster response time, less vulnerability and simpler protection than a software approach.
Explore our solutions
As embedded hardware security become more important in this connected world, we expect PUF-based security solutions to be widely adopted in various applications. PUFsecurity, the subsidiary of eMemory, offers PUF-based security IP solutions developed from eMemory’s two core IPs: NeoPUF and NeoFuse. PUFsecurity’s comprehensive security IP solutions help our partners easily integrate security functions, accelerate time-to-market and implement hardware root-of-trust in networking related applications.Learn more