Connected devices are playing an increasingly significant role in our lives and the need to protect them from cyberattacks is becoming more important too. The products we’re relying on to provide real-time data and insight can be exploited by hackers, with far-reaching consequences for the individuals and organizations involved.
PUFsecurity has set out to safeguard the devices the connected world is being built on. We’re an IP provider that develops fully integrated security solutions to protect, connect and authenticate semiconductors.
Our products include the PUFcc Crypto Coprocessor which provides chip designers with a complete IP solution so they can easily build security into their devices from the chip level up. The PUF-based crypto (cryptographic) coprocessor, which integrates both the hard and soft IPs, provides key generation, key storage, and a complete crypto engine as a single drop-in IP block. Another highly praised feature by users is the pre-harden entropy source and TRNG that requires no post-production tuning. We’re also providing an extra layer of assurance by integrating with the Arm Cortex®‑M33 processor and Arm Corstone subsystem.
A Foundation for Connected Device Security
Our team of security specialists believe protecting devices from hardware and software attacks is critical if we’re to realise the potential of the Internet of Things (IoT), artificial intelligence (AI), and other groundbreaking technologies. PUFcc uses a hardware Root of Trust (RoT) to provide a set of essential functions that can be trusted by the rest of the system. It reduces risks, removes unnecessary processes, and helps to prevent counterfeiting or reverse engineering. We compare it to the process of someone verifying their identity using their fingerprints or other biometrics.
As the operations that are executed by the RoT underpin the security of the entire system, we asked independent experts to evaluate our implementation. We chose the PSA Certified multi-level assurance scheme and we’ve now achieved PSA Certified Level 3 RoT Component.
PSA Certified Level 3 RoT Component is for IP providers and silicon vendors who want to ensure the the right building blocks for security have been put in place. In the case of PUFcc, a third-party security lab checked that we’d met a set of defined security functional requirements.
Collaboration Will Help Build Trust in Connected Devices
The certification acknowledges the significant investment we’ve made in security and it can be reused by silicon vendors that want to certify their system-on-chips at PSA Certified Level 2 or PSA Certified Level 3. That speeds up their evaluation process and reduces their costs.
It’s an example of the kind of collaborative approach that’s required to build trust within the ecosystem. Security should be seen as everyone’s responsibility. I explain further in this video.
PSA Certified is also bringing the ecosystem together by establishing a common security language that we all speak. It means our customers use the same security language as we do. It’s one of the reasons we chose to work with PSA Certified. The other benefit is the scheme is industry led, which means it’s responsive to the challenges we face.
Quote
We really love PSA Certified because it’s a common [security] language that we speak, and our customers also speak. It’s also industry led, which means it’s much more responsive to the challenges we face.