Lattice Sentry Solution Collection and SupplyGuard Service Provide End-to-End Supply Chain Protection with Dynamic Trust
Shanghai, China – August 13, 2020 – Lattice semiconductor Corporation (NASDAQ: LSCC), the world’s leading supplier of low-power programmable devices, today announced the launch of the Lattice Sentry™ solution collection and SupplyGuard™ supply chain protection service . Sentry is a portfolio of premium resources including customizable embedded software, reference designs, IP and development tools to accelerate the implementation of secure systems that comply with NIST Platform Firmware Protection Recovery (PFR) guidelines. Lattice SupplyGuard extends the system protection provided by Sentry into today’s challenging and rapidly changing supply chains by delivering factory-locked devices, protecting them from attacks such as cloning and malware implantation, while enabling secure transfer of device ownership . These hardware security solutions are increasingly important for a wide variety of applications in communications, data centers, industrial, automotive, aerospace, and customer computing.
Patrick Moorhead, president and founder of Moor Insights & Strategy, said: “5G, edge computing and IoT are accelerating the speed at which devices are interconnected, and high-tech OEMs serving various markets are more concerned about security than ever. Developers need to ensure that their hardware platforms Stay safe from cyberattacks and IP theft. They need security solutions that can dynamically adapt to changing threat scenarios to provide comprehensive protection for the life of the product.”
“Lattice will continue to execute on its solutions roadmap and strategy to provide customers with easy-to-use, system-level solutions for key applications,” said Deepak Boppana, senior director of product and solutions marketing at Lattice. “Lattice Sentry Solutions Collection Allows customers to easily implement NIST SP-800-193 compliant hardware Root of Trust (RoT) based PFR solutions. With Sentry’s proven IP, pre-validated reference designs and hardware demos, developers can modify RISC- The C code provided by the V and Propel design environments to rapidly customize PFR solutions, reducing time-to-market from ten months to six weeks.”
The traditional security model is changing, and firmware has become an increasingly common attack vector.The National Vulnerability Database reports that the number of firmware vulnerabilities grew by more than 700% between 2016 and 2019. To prevent systems from being accessed by unauthorized firmware, we need to provide dynamic, persistent, real-time hardware platform security for all networked devices, including preventing unauthorized access to component firmware and enabling systems to survive attacks Automatically protect, detect, and recover as they happen. TPM and MCU-based hardware security solutions typically use serial processing and cannot provide the real-time performance of parallel processing solutions like Lattice FPGAs.
Eric Sivertson, vice president of Lattice’s security business, said: “In order to prepare customers for an unpredictable and risky supply chain environment, Lattice developed the SupplyGuard service to help them securely supply equipment while reducing overall costs. Lattice Through Sentry and SupplyGuard, Sentry will provide comprehensive, truly parallel, nanosecond-level response next-generation security solutions, enabling dynamic trust mechanisms for customers and users of their products.”
Key features of the Lattice Sentry solution collection include:
Hardware Security Features – The Sentry solution collection provides pre-validated, NIST-compliant PFR implementations that enforce strict real-time access control to all system firmware during and after system startup. If corrupt firmware is detected, Sentry can automatically roll back to a previously known good version of the firmware, ensuring uninterrupted safe system operation.
Compliant with the latest NIST SP-800-193 standard, CAVP certified – This solution set implements hardware RoT with Lattice’s MachXO3D™ FPGA family of devices supporting strict encryption.
Ease of use – Developers can modify the given RISC-V C language reference code by dragging and dropping Sentry’s proven IP blocks into the Lattice Propel design environment without any FPGA design experience.
Reduced time to market – The Sentry solution collection provides pre-validated and tested application demonstrations, reference designs and development boards that can reduce the development time of PFR applications from 10 months to just 6 weeks.
Flexible, security solutions for all platforms – Sentry provides comprehensive, real-time PFR support for firmware and programmable peripherals. It can be used as a RoT in a system and/or complement an existing BMC/MCU/TPM based architecture, making it fully compliant with NIST SP-800-193 standards.
Key features of Lattice SupplyGuard supply chain protection services include:
Robust security throughout the life of the device – SupplyGuard is a subscription service from Lattice, from product manufacturing to global supply chain shipping, system integration and assembly, to first configuration and deployment During the cycle, OEMs and ODMs can calmly deal with supply chain risks by tracking locked Lattice FPGAs. SupplyGuard protects OEMs by:
o Ensure that only authorized manufacturers can build OEM designs, no matter where those manufacturers are located.
o Provides OEMs with a secure key mechanism to prevent activation of their IP on unauthorized components, preventing product cloning and overbuilding.
o Prevent devices from downloading and installing Trojans, malware or other unauthorized software, and protect platforms and systems from device hijacking or other cyber attacks.
Flexible, low-cost implementation—SupplyGuard can be customized on-demand to meet the specific security and supply chain needs of OEMs in various industries that Lattice serves. The service significantly reduces the operational cost of implementing a secure production ecosystem.
About Lattice semiconductor
Lattice Semiconductor (NASDAQ: LSCC) is a leading supplier of low-power, programmable devices. We provide solutions from the network edge to the cloud for customers in the growing communications, computing, industrial, automotive and consumer markets. Our technology, longstanding partnerships and world-class technical support enable our customers to quickly and easily start their innovation journey to create a smart, secure and connected world.
 Data source: National Vulnerability Database, December 31, 2019
The Links: G121EAN01.0 LTM190E4-L02