Bare Metal Security™
UltraSoC allows SoC development teams to build an entirely new level of security functionality into their SoCs. Bare Metal Security features use UltraSoC on-chip monitors to watch for unexpected behaviors such as suspicious memory accesses or processor activity, at hardware speed and non-intrusively, with minimal silicon overhead.
Because Bare Metal Security features are implemented as hardware running below the operating system, they are non-intrusive and remain robust even if the system’s conventional security measures are compromised.
Bare Metal Security tools can be used standalone or as a complement to traditional security mechanisms such as encryption and E-Fuse protection. The same gates can also be used for debug and performance profiling, accelerating SoC development and giving the development team an intimate understanding of just how their device operates under real conditions.
Because it is an orthogonal on-chip hardware infrastructure independent of the main system functionality and software, Bare Metal Security functionality does not affect system performance and is very difficult to subvert or tamper with. Bare-Metal Security features also provide visibility of the whole system, making it extremely difficult to camouflage or hide an attack. Although it functions below and outside of the operating system, the technology also provides a means of communicating with software on the device as part of a holistic security system, if this is necessary.
Security is a growing concern for manufacturers of all types of electronic equipment, from IoT-enabled devices such as white goods and smart sensors, to enterprise IT, communications and factory automation products. As well as enabling hardware-based security for larger, complex SoCs, Bare Metal Security can also be used in lean, cost-sensitive connected products like light bulbs and domestic thermostats, which it is impractical to protect via conventional means.
The technology is proof not only against malicious attacks, but also against inadvertent malfunctions – effectively providing “security of operation”. For example, aerospace systems are prone to memory corruption due to radiation hits (“single event upsets”), which can cause the system to enter an unexpected state. Because Bare Metal Security provides protection at the hardware level, it can protect against such events, either by raising an alert or forcing the SoC into a “safe” mode.
You can read more about Bare Metal Security in a Technical Note available from our downloads page.