During the last three years Synopsys has expanded its operation into the security market and it is growing its portfolio of security products aggressively. The latest announced product is the ARC Secure IP Subsystem that addresses security threats in embedded SIM as well as other high value embedded applications.
Hacking of personal information and privileged communications is unfortunately much in the news lately. There is only so much that architects can do to protect a system without the use of specific sophisticated devices that not only can defeat specific threats but can also allow architects to produce low power, compact solutions.
The Synopsys press release describes the capabilities of the ARC Secure IP Subsystem as follows.
“The new DesignWare® ARC® Secure IP Subsystem, is an integrated, pre-verified hardware and software IP solution that addresses increasing security threats in high-value embedded applications such as embedded SIMs (eSIMs), smart metering and embedded Universal Integrated Circuit Cards (eUICC). At the heart of the ARC Secure IP Subsystem is a DesignWare ARC SEM110 or SEM120D Security Processor with SecureShield™ technology, which enables the creation of a Trusted Execution Environment (TEE) with advanced security features to protect against side-channel attacks. The Secure IP Subsystem includes both software- and hardware-accelerated cryptography options as well as secure instruction and data memory controllers that provide confidentiality and authenticity for non-trusted memory accesses. The subsystem's hardware security features are complemented by software, including a NIST-validated cryptography library, SecureShield Runtime Library and secure boot support. By providing the integrated and configurable Secure IP Subsystem, Synopsys enables SoC designers to implement an area- and energy-efficient programmable root of trust (RoT) that protects high-value targets against malware, tampering and exploitation of communication protocols.”
The ARC SEM processor is at the core of the subsystem. It enables the creation of a TEE for secure code execution, secure handling of assets and tamper protection. The ARC SEM Processors offer advanced security features including side-channel protection, a tamper-resistant pipeline with inline instruction, data and address scrambling, error detection and parity checking on memories, and secure debug to protect against theft of keys, code or other sensitive information.
Designers can choose among many cryptography options ranging from pure software implementations to dedicated hardware cryptography engines, providing SoC architects with the flexibility to balance the power, performance and area requirements for typical ciphers, hashes and MAC algorithms such as AES, DES/3DES, SHA-256, RSA and ECC. The ARC Secure Subsystem includes the NIST-verified DesignWare Cryptography Software Library, which implements widely used algorithms for a range of security functions including secure boot, secure communication and Transport Layer Security (TLS). The secure instruction and data controllers provide robust decryption of secure code and data with minimal latency overhead. The subsystem includes signing tools that assist designers in creating an encrypted code image, which is important when the code is stored in non-secure external memory.