The DesignWare® ARC® SEM Family includes performance-efficient, ultra-low power, compact security processors that enable designers to integrate security into their SoC to protect against logical, hardware and physical attacks.
The ARC SEM110 security processors are RISC cores based on the ARCv2 instruction set architecture (ISA), with the capability to closely couple memories and peripherals. They integrate security features ideally suited for a wide range of embedded applications and can be implemented as either a standalone secure core or a single core performing both secure and normal functions. ARC SEM processors include SecureShield™ technology to enable creation of a Trusted Execution Environment (TEE) to isolate multiple execution contexts and protect secure functions from software vulnerabilities in user code.
The ARC SEM processors also include protection from side-channel attacks, which rely on information from the physical implementation rather than exploiting a direct weakness in the security measures themselves. Side-channel resistance features include uniform instruction timing, timing randomization, and power randomization, which obfuscate security operations from potential hackers. Although the ARC SEM processors do not themselves include cryptographic algorithms, these features enable third-party software or software accelerated implementations of cryptography in high value target applications such as embedded SIM and smart meters without the area overhead of dedicated hardware engines. Refer to the separately licensable ARC CryptoPack Option for more information about software accelerated cryptographic implementations.
The ARC SEM120D processor includes the same features as the SEM110 and has an added DSP instruction set and unified multiply/MAC unit. It is suited for applications requiring real-time processing and security functionality in the same core.
- Performance-, power- and area-efficient security processors for embedded applications
- Secure privilege mode orthogonal to kernel/user mode
- Enhanced secure MPU with context ID for secure or normal operation
- Up to 16 configurable protected regions and per region scrambling capability
- Uniform instruction timing and timing/power randomization for side channel resistance
- In-line instruction scrambling to protect algorithms from reverse engineering or IP theft
- Data and instruction path integrity checking to prevent fault injection attacks
- Integrated watchdog timer detects system failures that can result from tampering and enables countermeasures
- Secure debug capability with user defined challenge/ response mechanism
- Ability to add secure custom instructions or co-processors in a trusted mode boosts performance and reduces power