FPGA-based security for IIoT
Security ranks continuously as the most pressing issue when companies list their concerns on the adoption of the Industrial Internet of Things (IIoT) . Critical security requirements include the protection of IIoT devices and the data they produce, process, and transmit, while simultaneously achieving acceptable performance, seamless availability, and ease of use.
Companies cannot compromise in their cybersecurity architectures as they need to minimize the risk for the environment and human lives, to protect financial value of the critical assets, and to guarantee continuous production. Industrial automation forms an integral part of the critical infrastructure of modern societies, and its security solutions must be based on the same threat model which other mission-critical sectors have adopted.
Transport Layer Security (TLS) is a cryptographic protocol to provide communication security in computer networks; TLS is essentially the “S” in HTTPS in secure web browsing to give an example. TLS 1.3 core enables secure client-server connections designed to be utilized for industrial automation systems. The TLS protocol is based on a combination of multiple cryptographic primitives including both symmetric and asymmetric cryptography, hash functions, and digital certificates. The latest version of TLS is 1.3 which was released in 2018 and standardized in RFC 8446. A hardware-based TLS 1.3 implementation enables high-level security in mission-critical industries, such as industrial automation; example applications are distributed and remote control, edge computing, and secure industrial communications.
Xiphera Ltd. is launching Transport Layer Security (TLS) 1.3 IP core based on Intel® FPGA technology. The cryptographic computations and key management are entirely FPGA-based, which enables complete independence from software for security-critical operations. “TLS 1.3 is the newest version of the TLS protocol which includes significant improvements to both security and speed compared to TLS 1.2,” said Chief Technology Officer Kimmo Järvinen at Xiphera, “Xiphera’s TLS 1.3 IP core gives further security enhancements with hardware isolated cryptography and key management as well as speed improvements thanks to hardware acceleration.”
Compact sized, difficult to attack
“Xiphera’s TLS 1.3 IP core implemented with Intel® FPGA technology adds a new capability to the defense-in-depth security needed for critical industrial applications,” said Rina Raman, Vice President and General Manager of the Embedded Acceleration Division at Intel Corporation. The TLS 1.3 IP Core is optimized for low-area footprint, targeting high-volume FPGAs and which makes it ideal for industrial applications. The ability to customize the algorithms in use allows for a future-proof roadmap for Post-Quantum Cryptography (PQC). In certain cases, TLS 1.3 IP core can also be retrofitted to existing Intel® FPGA-based solutions.
Xiphera’s TLS 1.3 IP Core offers hardened security against adversaries by keeping all the security-critical operations and keys in the IP Core and performing all cryptographic operations with deterministic key-independent latencies. TLS 1.3 IP Core also offers Gbps+ performance for bulk traffic encryption ensuring that the connection is both secure and fast.
For more information, visit our TLS 1.3 IP core page and read more about the natural advantages of using FPGAs in the joint white paper by Intel and Xiphera FPGA-based security solutions. Follow us on LinkedIn, Twitter, and Facebook.