FPGA targets next generation, cyber-resilient systems

Technology News |
By Jean-Pierre Joosting

Lattice Semiconductor Corporation has announced the Lattice Mach™-NX FPGA family, the second generation in its successful line of secure control FPGAs. Building on the capabilities of the Lattice MachXO3D™ family announced in 2019, Mach-NX FPGAs deliver heightened security features and the fast, power-efficient processing needed to implement a real-time Hardware Root-of-Trust (HRoT) on future server platforms, as well as computing, communications, industrial, and automotive systems. Mach-NX marks the third FPGA family developed on the Lattice Nexus™ FPGA platform in a year.

Leveraging the system control capabilities of the Mach family, Mach-NX FPGAs combine a secure enclave (an advanced, 384-bit hardware-based crypto engine supporting reprogrammable bitstream protection) with a logic cell (LC) and I/O block. The secure enclave helps secure firmware, and the LC and I/O block enable system control functions such as power management and fan control. Mach-NX FPGAs can verify and install the over-the-air firmware updates that keep systems compliant with evolving security guidelines and protocols. The Mach-NX FPGA’s parallel processing architecture and dual-boot flash memory configuration provide the near instantaneous response times needed to detect and recover from attacks (a level of performance beyond the capabilities of other HRoT platforms like MCUs).

“The race is on between bad actors trying to exploit firmware vulnerabilities and developers designing server platforms with the security features and performance to stop them,” said Patrick Moorhead, president and founder of Moor Insights & Strategy. “Protecting systems requires a real-time HRoT with support for stronger cryptography algorithms like ECC 384 and new, robust data security protocols like SPDM. Lattice’s Mach FPGA families can simplify and accelerate implementation of these technologies for server OEMs looking to secure their platforms against cyberattack and IP theft.”

Esam Elashmawi, Chief Strategy and Marketing Officer at Lattice, added: “Securing systems against unauthorized firmware access goes beyond establishing a HRoT at boot. It also requires that components used to build the system are not compromised as they move through the global supply chain. When combined with the additional protection afforded by our SupplyGuard security service, Lattice Mach-NX FPGAs can protect a system throughout its entire lifecycle: beginning at the time components start moving through the supply chain, through initial product assembly, end-product shipping, integration, and throughout the product’s operational lifetime.”

Mach-NX FPGAs will support the Lattice Sentry™ solutions stack, a robust combination of customizable embedded software, reference designs, IP, and development tools to accelerate the implementation of secure systems compliant with NIST Platform Firmware Resiliency (PFR) Guidelines (NIST SP-800-193).

Providing secure system control, the Mach-NX FPGAs feature logic up to 11K LCs and high I/O count up to 379 to enable fast and secure system control. To address standards and protocol compliance, the Mach-NX FPGAs’ 384-bit hardware crypto engine supports quick-and-easy implementation of leading-edge cryptography like ECC 384 and industry-standard security protocols such as NIST SP-800-193 and MCTP-SPDM. Upcoming server platforms will require support for these protocols.

Mach-NX FPGAs are supported by the Lattice SupplyGuard™ supply chain security subscription service. SupplyGuard gives OEMs and ODMs peace-of-mind by tracking locked Lattice FPGAs through their entire lifecycle, from the point of manufacture, through transport via the global supply chain, system integration and assembly, initial configuration, and deployment.

Further, the Lattice Propel™ design environment accelerates design of a customized, PFR-compliant HRoT solution. The tool uses a GUI-based development environment that allows developers to create PFR solutions while minimizing the need to write RTL code.


Further reading

Maxim launches neural network accelerator chip
New Arduino boards feature u-blox wireless technology
Menta and Andes partner on RISC-V hardware reconfiguration
Researchers attempt to control robots using brain power alone
Critical Techniques for High-Speed A/D Converters in Real-Time Systems


Linked Articles
eeNews Embedded