eSecure | Silex Insight

The Module for SoC Security

Highly scalable and flexible silicon proven Security IP for embedded systems used in the ever growing connected world of the IoT. All our turn-key solutions are compliant with most common industry standards (NIST and others). IP integrators can benefit from decades of experience in security ASIC and FPGA design.

Answer All Your Security Needs

Best-in-class Security

No external devices & no additional components
Easier to interfere a communication between 2 components if physical access to the device

Keeps the typical “secure key storage”
Even without embedded Flash

Scalable & Flexible

Customizable - No fixed configurations & performances

Supports a very broad and recent crypto functions

It can also be configured to have the appropriate trade-off between resources and performances for specific customer applications

Secure OTA Updates

Lifecycle management

The eSecure IP can be updated using secure SW update Over-the-air (OTA) without reloading new keys

New features/updates/removal can quickly be implemented

Broad Range of High Performance Cryptos

Ideal for network packet encryption or crypto offloading

Includes a AXI DMA interface to the Host memory space

- Keeping the key hidden from the host CPU

Secure Boot

Execute authenticated and trusted software

Prevent malicious code execution

Small Footprint

Reduced board area, board layers

Less complexity at the PCB level

Cost Effective

Lower product cost, replacing many discrete components with one chip

Less components = reduced inventory cost

Time-to-market Acceleration

Smooth integration of the eSecure IP

No need for a new chip for new features/updates/removal
- OTA available

Secure Debugging

Authenticate and protect in-the-field

Perform secure failure analysis/RMA

Certificate based
Set permissions levels
Public key cryptography

Easy Integration

No security chip needed on the board so straightforward implementation

Secure Any Application

The eSecure IP is a very efficient solution to enable any secure application on chip. The hardware module shielded from the main processor brings a high level of security. Also the hardware offloading of the cryptographic operations from the main processor to the eSecure module guarantees a low power operation. The eSecure module is tuned to the target application in terms of feature and performance.

Built For Your Specific Needs

The scalable cryptographic engine supports symmetric encryption (AES, DES, SM4, …), asymmetric operations (ECDSA, ECDH, RSA, SM2, …), hashing (SHA-1, SHA-256, SM3, …) and random number generation. The cryptographic engine can be configured to reach the performance level required by your application, enabling efficient offloading of the main CPU.

CONFIGURABLE

Include features as needed

SCALABLE

Define performance and footprint depending on your needs

CUSTOMIZABLE

Adapt to your specific needs

eSecure IP Module

The eSecure IP is a complete standalone module that enables security applications by shielding the secret information from the non-secure application running on the main processor. The firewall prevents any unauthorized access to the secret data. The secure controller embedded in the eSecure module keeps full control of the execution of the security functions. In some designs, the secure controller can be optionally virtualized in the host processor.

We’ve Got Your Security Covered!

Secured System-on-Chips (SoC)

Proven Root-of-Trust for use in ASICs

Secure boot
- Execute authenticated and trusted software
- Prevent malicious code execution

Authenticate your code at run-time

Secure software update (Field upgradable)

Anti-rollback protection

Device Unique Identity

Prevents counterfeiting and cloning

Identify and trust your devices
- Uniquely identify each manufactured part
- Authenticate your device

Device rights management

Attestation

Device decommissioning

Secure Storage of Secret Information

Confidentiality and authenticity is guaranteed

Store secret assets
- In protected and unprotected storage

Confidentiality & authenticity
- Achieved with strong cryptographic algorithms

Secure key provisioning
- Key revocation

Secure Debugging

Authenticate and protect in-the-field

Perform secure failure analysis/RMA
- Certificate based
- Set permissions levels
- Public key cryptography

Side-channel Attack Protection

Protect against external physical attacks

Unique efficiency DPA countermeasures
- AES
- Public Key Accelerator
- SM4

Anti-tampering
- Multiple tamper detection mechanisms
- Configurable depending on threat model
- Digital sensors

Secure Communication

Only using the most secure and latest algorithms

TLS/DTLS (TLS/SSL 1.2/1.3)

IPsec and MACsec

Thread networking, Apple HomeKit, Bluetooth, Zigbee and more

eSecure Supports

An Andes Technology system can be easily implemented together with eSecure, either as a secure processor within eSecure or as the host processor.
An ARM system can be easily implemented together with eSecure, either as a secure processor within eSecure or as the host processor.
A MIPS system can be easily implemented together with eSecure, either as a secure processor within eSecure or as the host processor.
A RISC-V system can be easily implemented together with eSecure, either as a secure processor within eSecure or as the host processor.

Interested to know more about our eSecure?

Feel free to get in touch with us

 

Free White Paper Download