Go Back

Cloud native EDA tools & pre-optimized hardware platforms

Request a Free Trial →

Multi-Die System Solution

A comprehensive solution for fast heterogeneous integration

Discover Multi-Die →

Explore Silicon Design, Verification & Manufacturing

Synopsys is a leading provider of electronic design automation solutions and services.

Simpleware Software

Virtual Prototyping

Synopsys Cloud

Unlimited access to EDA software licenses on-demand

Request a Free Trial →

Explore Silicon IP

Synopsys is a leading provider of high-quality, silicon-proven semiconductor IP solutions for SoC designs.

Synopsys IP Portfolio

Download Brochure →

Synopsys IP Technical Bulletin

Read Latest Issue →

Explore Application Security

Synopsys helps you protect your bottom line by building trust in your software—at the speed your business demands.

Integrated AppSec Solutions

Your guide to securing your open source supply chain

Read the report →

Company Overview

SNUG 2024

Synopsys User Group Conference

Learn more →

Pursue Your Passion

Start Your Job Search

Apply Now →

Synopsys PUF IP for Embedded Microcontrollers

Building Trust in IoT from the MCU

Billions of devices are being connected to the Internet of Things (IoT), while the number of attacks on these devices is increasing rapidly. In 2017, Altman Vilandrie & Company showed that half the U.S. firms in the IoT market were attacked, and the liability in some cases was more than $20 million. If data is considered the currency of the IoT, that currency has value only if the data comes from a trustworthy source and is untampered. As such, data integrity has a direct impact on business and infrastructure. We need to look at embedded microcontrollers (MCU), the orchestrating components in all these devices, to reduce the number of attacks. MCUs need to ensure security for IoT data at rest and in motion, and protect the IP that operates the device. But how can an MCU vendor create a scalable security solution under extreme price pressure in a market? MCU vendors can differentiate in a competitive market with a fit-for-purpose security solution.

Problem

Since valuable data is being generated in the billions of deployed edge devices, IoT security needs to start from the edge
For creating trustworthy data and security for IoT devices, a strong identity is required
Traditional ways of creating and storing keys that form a device identity are too costly, not reliable, and not flexible enough for high volumes of IoT

Solution

Start security where the data is created by deriving a unique and unclonable identity for every device
Use an SRAM PUF to create an unclonable identity that authenticates the source, ensures data integrity, and protects valuable IP

Results

An unclonable, immutable, invisible, and unique identity to authenticate every device
Secure, authenticated data from the moment it is created, delivering end-to-end protection
Best-in-class combination of high security, low costs, and high flexibility for IoT security
Read/Modify protection for secret root key
Protection for hardware and software from misuse and counterfeiting

Strong security functions are needed on every device to protect the IoT from its enormous attack threat. Functions such as authentication, secure boot, IP protection, secure communication, and software updates are needed to protect devices. However IoT devices have considerable constraints. Chips need to be small in size, operate at high speed with low power consumption, and cost effective. How can strong security be deployed under these constraints?

Strong Authentication

Authentication and security start with an unclonable device identity. All security functions require cryptographic keys derived from this identity, making the identity the root of all security. The keys authenticate the device and its data and encrypt data at rest and in transit.

How do the identity and keys get on a device’s MCU, and how are they stored securely? Through Synopsys' SRAM PUF technology. SRAM PUFs create an unclonable, device-unique key from tiny variations in silicon. This key is never stored and cannot be copied. It is immutable and invisible to attackers, creating an unparalleled trust anchor.

SRAM PUF keys are the basis for IoT security:

Device authentication: PKI-based handshake for secure communication
Data confidentiality: encrypt sensitive data and keys, preventing data extraction from the device and reverse engineering of valuable IP
Data integrity: protect against tampering and theft with the signing of device-specific firmware

SRAM PUF Availability

Synopsys provides its SRAM PUF solutions as hardware or software IP for embedding in an MCU or integrating into its firmware. The solution has a small footprint and, most importantly, a cost amenable to profitable scaling of the IoT. Algorithms for symmetric and public key cryptography are included and compliant with NIST specifications. SRAM PUFs scale overall popular fabs and process nodes, and SRAM is universally available in all MCUs.

SRAM PUFs offer the best-in-class combination of high security, low cost, and high flexibility:

Network connectivity: authentication and encryption to protect communication & data
IP protection: signing and encrypting IP with device-unique SRAM PUF keys to prevent reverse-engineering & device counterfeiting
Consumable connectivity: authentication protocols to allow monitoring of consumables

Bottom Line Benefits

Unclonable, immutable and invisible identity
Device authentication and data integrity
Best-in-class combination of high security, low costs, and high flexibility for IoT security
Secure storage for all keys and data
Protection for hardware and software from overproduction and counterfeiting

Resources

White Paper

SRAM PUF - The Secure Silicon Fingerprint White Paper

Read now →

White Paper

A Secure Vault for Every Device - IoT Security with Hardware Root-of-Trust SDKs

Read now →

Glossary

What is a Physical Unclonable Function?

Read now →