Semiconductor
Semiconductor is at the heart of the advanced digital devices that are used today, especially with the growth of customized application specific integrated circuits (ASICs) & field programmable gate arrays (FPGAs).
Semiconductor chips are the brains inside IoT Devices. But devices would not be able to work properly if the chip itself was not secured. Undetected vulnerabilities at the design process level could lead to great loss of money for the different stakeholders.
The specific security challenges for Semiconductor
The Semiconductor industry needs to deliver robust and secure solutions when all experts agree that true security is security by design, a silicon-based security providing true physical attack resistance.
Chip makers now know they have to incorporate security when designing the chip. Secure-IC supports them in providing that root of trust and protects the devices throughout their lifecycle from chip manufacturing, through deployment, everyday use, to decommissioning.
Semiconductor Security Solutions
Security solutions for semiconductor chips are at the heart of Secure-IC’s activities. Indeed, Secure-IC develops and proposes hardware and software security IPs to be included in Semiconductor integrated circuits, but also the tools necessary to evaluate the security solutions implemented, both at pre-silicon and post-silicon levels, as well as the services to understand, implement and make the best use of them, through trainings, consulting and certification support.
Secure-IC’s PESC approach is built on a portfolio of security products and services that, when combined, create a deep security by design that protects the very foundation of your industry.
For integrated circuits design houses and ASIC manufacturers, Secure-IC has developed a comprehensive portfolio of stand-alone silicon IPs such as True Random Number Generator, Secure Mailbox and Secure DMA, and various hardware encryption engines such as Triple DES, AES, Public Key cryptography, Hash function. A cryptographic software library is also available for those who do not have access to the hardware part.
To protect the above-mentioned IPs, a wide range of protections has been developed and deployed, whether integrated in the security IP themselves, or added into the System-on-Chip (SoC) design for additional security, such as digital sensors which detect various types of fault injection attacks, or an active shield which protects the SoC’s area against invasive attacks and tampering.
Capitalizing on these stand-alone IPs and its experience in software security, Secure-IC also offers a silicon-based hardware root of trust. This integrated Secure Element (iSE), called SecuryzrTM, is a semiconductor IP *sub-system organized around an embedded microcontroller (MCU), which can be included in a SoC, where it will manage the security operations such as first programming, secure boot and firmware update, ensuring that the SoC firmware is not tampered with, but also taking into account the complete product lifecycle from first programming through customization at the OEM’s premises, and in the field operation, to decommissioning. It also allows the SoC to use its resources for various cryptographic services.
Developed according to a security-by-design methodology, this secure hardware foundation offers chipmakers a rich cybersecurity solution that can be fully customized to meet their needs.
Secure-IC’s pre-silicon evaluation tool, VirtualyzrTM, can be used to verify before the tape-out that the SecuryzrTM design will meet the strict compliance requirements of standards such as ISO/IEC 17825:2016 but also Common Criteria, FIPS or OSCCA.
After the engineering samples return from the foundry, Secure-IC’s AnalyzrTM tool can be used to verify that there is no leakage of information that could allow cryptographic security to be breached.
ExpertyzrTM is Secure-IC’s expertise service, it constitutes of a number of services and trainings that could bring your business to the next level in terms of Security such as Support to Certifications like FIPS-140 or Common Criteria, Security Training. Within ExpertyzrTM also lies Secure-IC’s own Security Science Factory within it are advanced R&D projects, advanced projects and thought leadership.
For chip manufacturers and OEMs who want to increase their teams’ awareness of the various cybersecurity challenges for the semiconductor industry, trainings and consulting reports can also be provided by Secure-IC’s experts.
Standards to consider in Semiconductor
Several standards have been developed and are applicable to the Semiconductor Industry as well general certifications like FIPS 140-3, OSCCA or Common Criteria.
As a security expert, Secure-IC supports companies and governments wishing to acquire and strengthen these certifications; whether through collaborative projects, tutorials, trainings or operational consulting.
Semiconductor General Standards:
- FIPS 140-3 (U.S. Standard)
- Common Criteria (EU Standard)
- OSCCA (Chinese Standard)
Semiconductor Specific Standards:
- NIST SP 800 (90A, 90B, 90C, 52, 57, etc.)
Related Resources & Events
You may also be interested in having a closer look at the elements below:
