To thwart bad actors attempting to exploit firmware vulnerabilities, systems can be protected with a real time HRoT and support for stronger cryptography algorithms like ECC 384 as well as robust data security protocols to secure platforms against cyberattack and IP theft.
The Mach-NX FPGAs combine a secure enclave (a 384-bit hardware-based crypto engine supporting reprogrammable bitstream protection) with a logic cell and I/O block. The secure enclave helps secure firmware, and the LC and I/O block enable system control functions such as power management and fan control. The FPGAs can verify and install over-the-air firmware updates to ensure systems comply with the latest security guidelines and protocols. The parallel processing architecture and dual-boot flash memory are claimed to provide the near instantaneous response times needed to detect and recover from attacks.
The FPGAs support the Lattice Sentry stack of customisable embedded software, reference designs, IP, and development tools to accelerate the implementation of NIST-compliant secure systems.
The FPGAs have up to 11k logic cells and up to 379 I/O and are customisable using the Lattice Propel tool. This GUI-based development environment allows developers to create Platform Firmware Resilience (PFR) solutions while minimising the need to write RTL code.
Another security feature for OEMs is the Lattice SupplyGuard supply chain security subscription service. This tracks locked FPGAs through their lifecycle, from manufacture, through transport, system integration and assembly, initial configuration and deployment.
