Lattice Sentry™ solution stack
Photo Gallery
Lattice Sentry™ solution stack
Additional Info
Company | Lattice Semiconductor |
Website | https://www.latticesemi.com/ |
Company size (employees) | 1,000 to 4,999 |
Headquarters Region | North America |
Overview
The cybersecurity landscape has become increasingly complex and challenging, posing significant threats to businesses and individuals alike. Tech Target notes that, by 2025, humanity’s collective data will reach 175 zettabytes—the number 175 followed by 21 zeros. This data includes everything from online banking transactions to medical records, all of which is vital to secure. Today’s common security solutions often do not have the real-time performance required to manage multiple devices if an attack does occur. The Lattice Sentry™ solution stack helps minimize in-system firmware attack vulnerabilities by providing real-time, dynamic protection, detection, and recovery capabilities.
The Lattice Sentry solution stack consists of a complete reference platform, fully validated intellectual property (IP) building blocks, easy to use FPGA design tools, reference designs/demonstrations, as well as a network of custom design services. Together, these form a comprehensive set of tools to help systems developers more easily design with security in mind and get to market quickly. By implementing platform firmware resiliency (PFR) mechanisms to secure enterprise server firmware, Lattice Sentry helps enhance security by mitigating potential threats and vulnerabilities.
In many instances, a fully functioning PFR solution can be developed by modifying the included RISC-V C source code. Yet, developers who wish to create additional RTL logic to supplement the functionality can do so using the included Lattice Diamond® and Lattice Propel™ software tools.
Key Capabilities / Features
The Lattice Sentry solution stack provides customers with a complete reference platform, fully validated IP building blocks, easy-to-use FPGA design tools, reference designs/demonstrations, and a network of custom design services compliant with National Institute of Standards and Technology (NIST) PFR Guidelines. Together, these form a comprehensive set of tools to help systems developers more easily design with security in mind and get to market quickly. This includes a suite of ready-to-use, cyber resilient, production-validated IP cores to protect and monitor SPI and I2C devices and their buses within a system, as well as demo boards and reference designs to test and showcase PFR capabilities. The Lattice Sentry solution stack is supported by the Lattice Propel™ software design tool, which helps users who are unfamiliar with FPGA languages customize their PFR implementations, enabling them to modify the C code for the stack’s RISC-V processor IP and visually lay out the IP used to create a complete system, drastically reducing time to market.
The Lattice Sentry solution stack is regularly updated to encompass new features and capabilities. The latest version of the Sentry stack incorporates new capabilities focused on enhanced security for servers and datacenters as a key attack vector with the rising popularity of Cloud computing. Lattice Sentry enables next-generation hardware Root of Trust (HRoT) solutions compliant with NIST PFR Guidelines (NIST SP-800-193) and supports 384-bit encryption. This addresses the rapidly evolving security requirements of current and emerging server platforms by providing developers with an efficient and secure way to quickly implement the enhanced system and cryptographic applications needed to evaluate, develop, test, and deploy FPGA-based PFR Root of Trust. The stack supports firmware security for the Communications, Computing, Industrial, Automotive, and Consumer markets.
How we are different
• Heightened security – Lattice Sentry supports secure enclave IP block that enables 384-bit cryptography (ECC-256/384 and HMAC-SHA-384) to better secure Lattice Sentry-protected firmware against unauthorized access. Support for 384-bit crypto is a requirement for many next-generation server platforms.
• 4X faster pre-boot authentication – Lattice Sentry supports faster ECDSA (40 ms), SHA (up to 70 Mbps), and QSPI performance (64 MHz), enabling faster boot times that help minimize system down time and reduce exposure to attempted attacks on firmware during the boot process.
• Ability to monitor up to 5 firmware images in real-time – Lattice Sentry enables real-time monitoring of up to five mainboard components in a system at boot and during ongoing operation. Competing MCU-based security solutions, as an example, lack the processing performance to properly monitor that many components in real-time.