DesignWare® tRoot Hardware Secure Modules (HSMs) with Root of Trust enable connected devices to securely and uniquely identify and authenticate themselves to create secure channels for remote device management and service deployment. The DesignWare tRoot HSM provide SoCs with a unique identity that cannot be tampered with, and extend the trust of that identity to other internal and external entities in the SoC.
The DesignWare tRoot HSMs provide security functions in a trusted environment as a companion to a host processor. The secure instruction and data controllers provide protected access and runtime tamper detection in external memories for code and data privacy protection without the added cost of additional dedicated secure memory. In addition, they reduce system complexity and cost by allowing tRoot’s firmware to reside in any non-secure memory space. Its unique architecture can effectively adjust to future security requirements and standards.
The complete, standalone products provide a secure hardware enclave with firmware components and tools, allowing designers to quickly integrate a security solution without requiring expertise to write security software. With the DesignWare tRoot HSMs, designers can easily create, store and manage secrets that are critical in industrial control, cellular communications and IoT hubs.
The DesignWare tRoot HSMs are available in two variants: compact (C5) and high-performance (H5). The tRoot C5 HSM is optimized for smallest footprint, while the tRoot H5 HSM offers more than 100x faster performance than the previous generation.
Figure 1: DesignWare tRoot H5 Hardware Secure Module
DesignWare tRoot Hardware Secure Modules
Downloads and Documentation
- Complete hardware secure modules with Root of Trust give SoCs a unique, tamper-proof identity
- Enable secure services deployment
- Provide a Trusted Execution Environment to create, provision, store and manage keys
- Crypto APIs based on PKCS #11
- Full hardware key protection
- Multi-stage secure boot
- In-the-field device management Secure identification and authentication
- Secure identification and authentication
- Secure storage
- Secure firmware updates
- Secure debug
- Run-time integrity protection
- Secure key port
- External memory access protection and runtime anti-tampering
- Available in compact and high-performance variants
- Hardware cryptography acceleration for high-performance product variants