Lattice Semiconductor, the low power programmable pioneer, announced its MachXO3D™ FPGAs for secure system control received the National Institute of Standards and Technology’s (NIST) Cryptographic Algorithm Validation Program (CAVP) certification. CAVP validates that critical MachXO3D cryptographic algorithms are compliant with Federal Information Processing Standards (FIPS), the U.S. federal government’s standard for cryptographic software.
By complying with both the CAVP and NIST’s Platform Firmware Resilience specifications, the MachXO3D FPGA’s security mechanisms can protect, detect and recover the device and other system components from unauthorised firmware access throughout its entire operating life: from the device’s initial integration, through system shipment, installation and its entire operational life.
Industrial, automotive and computing markets
“Securing hardware against unauthorised access is critical to preventing the potentially catastrophic damage caused by data and design theft, product cloning and overbuilding, and device tampering or hijacking. However, as the threat landscape is constantly evolving, it’s difficult for OEMs to confirm their system’s hardware is truly protected,” said Jim Tavacoli, Senior Director of Product Marketing, Lattice Semiconductor.
Lattice addresses many of the hardware security concerns the industrial, automotive and computing markets currently face"
“By obtaining CAVP certification for our MachXO3D FPGAs, Lattice addresses many of the hardware security concerns the industrial, automotive and computing markets currently face by assuring OEMs that their systems are protected by cryptographic solutions independently confirmed to be compliant with stringent U.S. government regulations.”
Flexibility of programmable logic
MachXO3D is the only FPGA on the market that combines the design flexibility of programmable logic with a secure dual-boot configuration block to provide easy application design, establish a hardware-based Root of Trust to ensure system components only boot from authorised firmware, and enable secure delivery of firmware updates in the field.
Key features of the MachXO3D include:
- Up to 9K look-up tables for implementing logic that instantly configures at power up from on device flash memory
- On-device regulator for single 2.5/3.3-volt power supply operation
- Support for up to 2700 Kbits of user Flash memory and up to 430 Kbits sysMEM™ embedded block RAM to provide more flexible design options
- Up to 383 I/Os, configurable to support LVCMOS 3.3 to 1.0, and designed to integrate into a wide variety of system environments with features such as hot-socketing, default pull-down, input hysteresis, and programmable slew rate
- Embedded security block that provides pre-verified hardware support for cryptographic functions such as ECDSA256, ECIES, AES, SHA, HMAC, TRNG, Unique Secure ID and Public/Private Key Generation
- Embedded secure configuration engine to ensure only FPGA configurations from a trusted source can be installed
- Dual on-device configuration memories to enable fail-safe reprogramming of component firmware in the event of compromise