IP block adds tamper-detection and security to FPGAs

November 14, 2013 // By Graham Prophet
From Microsemi, for its SmartFusion2 SoC FPGAs and IGLOO2 FPGAs, comes EnforcIT Security Monitor; security IP that provides deepened layers of security with configurations of advanced hardware tamper detection and response mechanisms

EnforcIT Security Monitor is an advanced security IP block providing additional layers of user-configurable tamper protection and responses to what Microsemi claims are already the most secure and lowest power FPGA product families- the SmartFusion2 SoC FPGAs and IGLOO2 FPGAs.

With EnforcIT Security Monitor, SmartFusion2 and IGLOO2 devices can be configured to interface with hardware security mechanisms built into the devices' silicon. When configured for reporting, EnforcIT Security Monitor can report to the FPGA a variety of internal security flags and system conditions. When configured to act autonomously, EnforcIT Security Monitor can respond to malicious FPGA threats and take action, mitigating further attack by protecting or destroying critical data and design.

EnforcIT Security Monitor, the company says, will allow you to easily strike a balance between security, reliabioity and performance, while providing advanced monitoring, reporting and response against sophisticated FPGA attacks.

EnforcIT Security Monitor is a single, low-resource soft IP block capable of monitoring and responding to an assortment of internal security flags and system conditions. Taking advantage of the tamper detectors and responses built into the FPGA silicon, it can be configured to report threats, act autonomously or some combination of the two allowing the user to find the right balance between security, performance and safety. Microsemi's EnforcIT Security Monitor can also be used as part of the layered solution in NSAs Commercial Solutions for Classified Program.

The EnforcIT Security Monitor IP block is made up of a JTAG monitoring core, a clock frequency monitor core, a system heartbeat and a watchdog timer, all working together to ensure the FPGA is not under attack. Each of these four components can emit individual tamper responses. Under tamper, the user can configure various responses up to and including device zeroization (erasing the logic configuration).

Each component in EnforcIT Security Monitor can be independently configured for tamper monitoring and customised for response. The entire IP block uses less than 5% of Microsemi's