Silicon Labs has launched the Secure Vault suite of security technology that includes protection against power attacks in system-on-chip designs for the Internet of Things (IoT).
The Secure Vault hardware and software technology is designed into the Wireless Gecko Series 2 chips that will be launched in the next few months.
The Secure Vault includes a range of advanced tamper detection developed by SiLabs to protect an SoC from an attack that monitors the power system. The protection ranges from easy-to-implement product enclosure tamper resistance to tamper detection of silicon through voltage, frequency and temperature manipulations. Hackers use these changes to force hardware or software to behave unexpectedly, creating vulnerabilities for glitch attacks, and the configurable tamper-response features enable developers to set up appropriate response actions with interrupts, resets, or in extreme cases, secret key deletion.
The Secure Vault also uses a physically unclonable function (PUF) hardware technology for encryption keys that reduce the risk of IoT security breaches and compromised intellectual property. The security subsystem includes a dedicated core, bus and memory that is separate from the host processor to isolate the secure key store management and cryptography.
The effectiveness of a security scheme for device and data access directly depends on key secrecy. With Secure Vault, keys are encrypted and isolated from the application code. Virtually unlimited secure key storage is offered as all keys are encrypted using a master encryption key generated using the PUF. The power-up signatures are unique to a single device, and master keys are created during the power-up phase to eliminate master key storage, further reducing attack vectors.
Having the security embedded in the low power Wireless Gecko 2 chip allows for the secure update of connected devices over-the-air (OTA) throughout the product lifecycle.