Page 21 - 23_EETE_03
P. 21
EE|Times EUROPE 21
Hardware Root of Trust: The Key to IoT Security in Smart Homes
A46_EETime_2_062x9_5_2023.qxp_Layout 1 2
The transistors’ threshold voltages are ENSURING RELIABILITY OVER TIME
different, but not too different, or else the All electronic devices gradually change over
chip would not work electrically. And when time. They simply age, and the main degra-
the physical properties of the transistors dation effect that leads to SRAM failure is
change, they all change with roughly the negative-bias temperature instability (NBTI). DC-3 Series
same value. It causes a gradual increase in the threshold DC-1 Series
When the SRAM is powered on, the ran- voltage. DC-2 Series
domness is expressed in the startup values If no anti-aging countermeasures are taken,
(0 or 1) of SRAM cells, and the startup values SRAM PUFs tend to become less reliable.
create a highly random and repeatable “With our SRAM PUF, we can use the NBTI
pattern that is unique to each chip, Tuyls phenomenon to our advantage by writing a
explained. There is SRAM in every digital specific pattern into the SRAM such that every HiQP Series
Certified to
chip, and SRAM is available in every node. SRAM cell ages to its preferred startup value,” ISO 9001:2015
AS9100D
When the power comes up, every cell chooses Tuyls said. “We can make an SRAM age in the
a unique and random pattern of 0s and 1s. right direction to decrease the noise and
This pattern results in a silicon fingerprint guarantee its reliability over long periods of DC-DC
that serves as a unique identifier for the chip time.”
and builds the foundation of a security sub- The behavioral characteristics of an SRAM CONVERTERS
system. And when the device is powered off, PUF depend on the environment to which
no secret key can be found in any memory. it is exposed, such as ambient temperature,
The root key is “invisible” to hackers. supply-voltage variation and electromag- NEW!
“SRAM is volatile, which means that if netic interference. Intrinsic ID claims it has
you power off the chip, all values disappear,” performed millions of measurements and HIGH INPUT VOLTAGES
Tuyls said. “There is no trace in the memory, accelerated aging tests on SRAM PUFs to
so even if hackers break open the device, they make sure they work correctly in tempera- UP TO 1200 VDC
will not find any secrets. They are protected tures ranging from –55˚C to 150˚C, with a
from the physics, and that brings security voltage variation of ±20%. DC-1 Series
levels substantially higher to what has been Intrinsic ID has integrated the error • 120-370 VDC input voltage range
possible in legacy systems.” correction, randomness extraction, security • 5-300 VDC regulated isolated outputs
• Up to 300 watts output power
SRAM PUFs do not store a key, and what and anti-aging techniques into its products. • 4.5” X 2.5” X 0.50” encapsulated package
•
is not stored cannot be stolen, cloned and Today, its SRAM-based PUFs are deployed in DC-2A/2B Series
shared. SRAM PUFs protect secrets from MCUs, FPGAs, sensors, data center chips and • 350-1200 VDC input voltage range
reverse-engineering attacks. They are also banking cards. • 5 -300 VDC regulated isolated outputs
flexible, scalable, easy to use and low-cost, • Up to 300 watts, single and dual outputs
Tuyls said. COMPLYING WITH PROTOCOLS AND • Thru hole and terminal strip models
•
CERTIFICATIONS DC-3 Series
EXTRACTING AN ENCRYPTION KEY As customers add features, their security • 300-900 VDC input voltage range
The SRAM PUF is used to derive a cryp- expectations increase and their demands for • 3.3 -300 VDC regulated isolated outputs
tographic key unique to the device. Because certification and standardization become • Up to 50 watts, single and dual outputs
the response from the SRAM PUF is a noisy more pressing. Intrinsic ID’s hardware and • Thru hole and terminal strip models
•
fingerprint, a post-processing algorithm is software IP have been certified for the NIST HiQP Series
needed to turn the silicon fingerprint into a Cryptographic Algorithm Validation Program • 125-475 VDC input voltage range
high-quality and secure cryptographic key. (CAVP). They have also been deployed in • 24-200 VDC regulated isolated outputs
• Up to 50 watts output power
This is done with Intrinsic ID’s IP. devices certified by EMVCo, Visa, CC EAL6+, • 2.50” X 1.55” X 0.50” encapsulated package
“We have developed an algorithm that PSA, ioXt and governments worldwide.
ALL MODELS AVAILABLE WITH
extracts from the startup values of the SRAM “One of the trends that we are seeing for EXPANDED OPERATING TEMPERATURES
a unique and very stable sequence,” Tuyls 2023 is the adoption of the Matter protocol,” SELECTED MILITARY SCREENING
said. “‘Unique’ because no other chip is the said Vincent van der Leest, product market- CUSTOM DESIGNS
same and ‘stable’ because, whether you use ing director at Intrinsic ID. Matter, formerly VISIT OUR EXCITING NEW WEBSITE
that chip in Phoenix or in Alaska, or 25 years Project Connected Home over IP (CHIP), is an For full characteristics of these and the entire PICO product
from now, you will always end up with the open-source interoperability standard that line, see PICO’s Full line catalog on our NEW WEBSITE
same sequence.” aims to make smart-home devices secure, reli- www.picoelectronics.com
The algorithms address error correction to able and seamless to use. In November 2022, Pico Representatives
extract exactly the cryptographic key every the Connectivity Standards Alliance (CSA) England
time and under all environmental circum- released the Matter 1.0 standard for both Solid State Supplies/Ginsbury
E-mail: russell.bennett@sssltd.com
stances. They also cover entropy extraction, hardware and software. Phone: 44 1634 298900 • Fax: 44 1634 290904
or privacy amplification, to make sure the Van der Leest said NXP and Silicon Labs Belgium/Luxemburg/France
cryptographic key is fully random. have both released Matter-compliant chipsets Netherlands/Scandinavia
ELCOS/BVBA
In smart homes, cryptographic keys are using Intrinsic ID’s root-of-trust E-mail: info@elcos.be
needed to verify the device’s identity, secure technology. ■ Phone: 32 3 218 20 73 • www.elcos.be
Germany
the communication between devices and ELBV/Electra Bauemente Vertrieb
encrypt sensitive data at rest as well as in This article ran as part of the EE Times Special E-mail: info@elbv.de
transition. They create a chain of trust for IoT Report: Embedded in the IoT Era, which may Phone: 49 089 460205442
Fax: 49 089 460205442
devices. be read at bit.ly/3lxWhwV.
www.eetimes.eu | MARCH 2023
