New York Institute of Technology - Vancouver Develops Secure Boot Application for Gowin SecureFPGA
April 21, 2020 -- GOWIN Semiconductor announced their SecureFPGA devices in 2019 which enable hardware PUF (Physically Unclonable Functionality) based security providing a root of trust on their µSoC FPGAs. Since then, GOWIN has been working with various security technologists to develop use case examples in order to fast track embedded security development on their embedded devices.
NYIT-Vancouver (New York Institute of Technology Vancouver Campus) started developing solutions with GOWIN SecureFPGAs as part of their INCS 870 Cyber Security graduate capstone course. As part of this course, students worked with GOWIN to solve general purpose security problems using the GOWIN SecureFPGA µSoC FPGA and developed a secure boot example using the included Intrinsic ID Broadkey security library.
Ad |
PUF-based Hardware Root of Trust ![]() Fully-integrated 256-bit Physically Unclonable Function (PUF) with embedded reliability check ![]() |
Secure Boot is an industry standard that ensures that any device boots using only software that is digitally signed and verified by the Original Equipment Manufacturer (OEM). The device may be a PC or an embedded device. Typically, the secure boot process runs over a small amount of boot code prior to any application software. The process involves digital signature verification over the application firmware using an asymmetric key pair.
“After completing this project, students gained valuable experience in embedded system development. The multi-faceted nature of such systems makes it challenging to give students exposure to and experience in all facets of such systems,” said Yunlong Shao, Assistant Professor for the INCS 870 course at NYIT-Vancouver.
“In this capstone project, students used GOWIN’s SecureFPGA system and its Broadkey security library to perform the signature verification process over application firmware using an asymmetric key pair. The use of the Broadkey security library gave students practical experience and a sense of accomplishment, while reinforcing theoretical concepts. The results show that students perceived the project positively and that the learning objectives were met.”
SecureFPGA provides several additional layers of security for the secure boot process. First, SecureFPGA devices can be factory provisioned so that the root key pair of the device is initialized at the GOWIN factory floor. Second, the device uses SRAM based PUF technology taking intrinsic silicon properties of their device’s hardware SRAM to regenerate a root key pair rather than storing it in the device. Third, the private key is protected in a secure enclave that is never available to the developer and can only be accessed through the provided Broadkey security library.
“Secure boot is one of the most common requests we receive for customers wanting to add security capabilities to their embedded products,” said Grant Jennings, Director of International Marketing for GOWIN Semiconductor. “Partnering with New York Institute of Technology – Vancouver gave us incredibly valuable insight into our security product offering from graduate students with domain expertise specifically in cybersecurity.”
As a result of this successful capstone project by New York Tech - Vancouver, an example design is now provided at www.gowinsemi.com and can be evaluated using the DK-Start-GW1NSE-2C development kit from GOWIN providing developers an great starting point to integrate application firmware checking in their next product.
Duo Xu, graduate student at New York Tech -Vancouver explained that “In order to perform a secure boot, the developer needs to provide the start address and the size in bytes of the application firmware that will be verified using a digital signature . In the digital signature generation process, the program will initialize the ID Broadkey security library and generate the digital signature that is stored it in flash memory. As soon as the signature generation process finishes, the secure boot function can be called in any part of the code to regenerate the signature, compare it with the signature stored in flash memory, to verify that the application hasn’t been modified. If the verification is successful, the boot process jumps to the first address of firmware, if not, it shows an error message and jumps into an infinite loop.”
GOWIN Semiconductor looks forward to continuing collaboration projects through their overseas university program that enable successful application starting points for their customers. For more information on GOWIN Semiconductor and their SecureFPGA product visit www.gowinsemi.com.
About GOWIN Semiconductor Corp.
Founded in 2014, Gowin Semiconductor Corp., headquartered with major R&D in China, has the vision to accelerate customer innovation worldwide with our programmable solutions. We focus on optimizing our products and removing barriers for customers using programmable logic devices. Our commitment to technology and quality enables customers to reduce the total cost of ownership from using FPGA on their production boards. Our offerings include a broad portfolio of programmable logic devices, design software, intellectual property (IP) cores, reference designs, and development kits. We strive to serve customers in the consumer, industrial, communication, medical, and automotive markets worldwide.
For more information about GOWIN, please visit www.gowinsemi.com
|
Related News
- Codasip adds Veridify secure boot to RISC-V processors
- Codasip to Offer Secure Boot Solutions with Veridify Tools
- U.S. Department of Defense Partners with GLOBALFOUNDRIES to Manufacture Secure Chips at Fab 8 in Upstate New York
- GOWIN Semiconductor Introduces Their latest FPGA Product Line with Built-In Security
- The Qt Company and Inside Secure to Offer Joint Integrated Solutions for Creating Secure IoT and Embedded Devices
Breaking News
- Alphawave Semi Opens Pune Office, Continues Expansion into India
- SynSense closes USD$10m Pre-B+round to bring their ultra-low-power vision processing SOC "Speck™" to mass production
- Global Fab Equipment Spending on Track for 2024 Recovery After 2023 Slowdown, SEMI Reports
- OPENEDGES Completes the Tapeout of the 7nm HBM3 Memory Subsystem (PHY & Memory Controller) Test chip
- Andes Custom Extension™ (ACE) Supports AndesCore™ 45-Series Processors to Provide Flexible Acceleration
Most Popular
- OPENEDGES Completes the Tapeout of the 7nm HBM3 Memory Subsystem (PHY & Memory Controller) Test chip
- SoftBank and EdgeCortix Partner to Jointly Realize Low-latency and Highly Energy-efficient 5G Wireless Accelerators
- Andes Custom Extension™ (ACE) Supports AndesCore™ 45-Series Processors to Provide Flexible Acceleration
- CEO Interview: Ian Lankshear, EnSilica
- Renesas to Acquire Panthronics to Extend Connectivity Portfolio with Near-Field Communication Technology
![]() |
E-mail This Article | ![]() |
![]() |
Printer-Friendly Page |