Lattice Semiconductor Corporation announced the launch of the Lattice Mach-NX family, the second generation of its successful line of secure control FPGAs.
Building on the capabilities of the Lattice MachXO3D family announced in 2019, Mach-NX FPGAs offer enhanced security features and the high-speed, low-power processing power needed to implement root-of-trust hardware (HRoT) functionality on future server platforms as well as computing, data transmission, industrial and automotive systems.
Mach-NX is the third FPGA family developed on the Lattice Nexus FPGA platform over the course of a year.
Utilizing the Mach family of system control features, the Mach-NX FPGAs combine asecure area (an advanced 384-bit hardware-based cryptomotor that supports reprogrammable bit sequence protection) with a logic cell (CL) and an I/O module.
The safe area helps protect the firmware, while the CL and I/O module make system adjustment functions such as power management and fan control possible.
Mach-NX FPGAs can verify and install over-the-air firmware updates that keep systems compliant with evolving security protocols and guidelines.
The parallel processing architecture and dual-boot flash memory configuration of the Mach-NX FPGAs ensure the near-instantaneous response times required to detect attacks and perform system recovery (a level of performance beyond that possible with other HRoT platforms, such as microcontrollers).
Mach-NX FPGAs support the Lattice Sentry solution stack, a reliable combination of customizable embedded software, reference designs, IP cores and development tools designed to accelerate the implementation of secure systems that meet the National Institute of Standards and Technology (NIST SP-800-193) Platform Firmware Resiliency (PFR) guidelines.
The following are the main features of the Mach-NX family:
- Secure System Control - Mach-NX FPGA logic (up to 11,000 CL) and high I/O (up to 379) ensure speed and reliability of control. Lattice is a long-standing leader in the development of programmable logic for system control. Mach FPGAs have an attach rate of over 80% on the server platforms that are currently purchased.
- Reliable compliance with protocols and standards - Mach-NX FPGAs' 384-bit hardware cryptomotor supports fast and easy implementation of advanced cryptographic algorithms such as ECC 384 and industry-standard security protocols such as NIST SP-800-193 and MCTP-SPDM. Upcoming server platforms will require support for these protocols.
- Comprehensive Supply Chain Protection - Mach-NX FPGAs are supported by the Lattice SupplyGuard supply chain security subscription service, which provides peace of mind to OEMs and ODMs by tracking "armored" Lattice FPGAs throughout their lifecycle, from point of manufacture to transportation through the global supply chain to system integration and assembly, initial configuration and installation.
- Fast customization - The Lattice Propel design environment accelerates the design of a custom PFR compliant HRoT solution. The tool features a graphical user interface that allows developers to create PFR solutions while minimizing the need to write RTL code.
Comments
"Thereis an ongoing challenge between crackers looking to exploit firmware vulnerabilities and developers designing server platforms with the performance and security features that can block them," explains Patrick Moorhead, president and founder of Moor Insights & Strategy. "Protecting systems requires real-time HRoT with support for more complex encryption algorithms such as ECC 384 and new, trusted data security protocols such as SPDM. Lattice's Mach FPGA families can simplify and accelerate the implementation of these technologies for original server manufacturers looking to protect their platforms against cyber attacks and IP-core theft."
Adds Esam Elashmawi, Chief Strategy and Marketing Officer at Lattice: "Having an HRoT at startup does not guarantee that systems are protected against unauthorized access to firmware. It is also important that the components used to build the system are not compromised as they move through the global supply chain. When combined with the additional protection offered by our SupplyGuard security service, Lattice Mach-NX FPGAs can protect a system throughout its entire lifecycle: from the time the components begin to move through the supply chain, through initial product assembly, final product shipment, integration and product lifetime.
