ALISO VIEJO, CA -- Microsemi Corporation has signed a reseller agreement with Thales e-Security. Using Thales e-Security nShield hardware security modules (HSMs), custom firmware and the state-of-the-art security protocols built into every Microsemi SmartFusion™2 system-on-chip (SoC) field programmable gate array (FPGA) and IGLOO™2 FPGA, customers can automatically prevent overbuilding of their systems in any manufacturing facility anywhere in the world, saving millions of dollars in lost revenue.
Thales nShield HSMs in combination with custom firmware running on the nShield generates a unique authorization code for each SmartFusion2 or IGLOO2 device. The authorization code can only be decrypted by the device for which it was generated. Within the HSM security boundary a device limit count is used to control the number of authorization codes generated and hence the number of systems built.
This agreement, which makes Microsemi a certified reseller of Thales nShield HSMs, strengthens the relationship between Microsemi and Thales and extends the trusted supply chain assurance infrastructure used in-house to the end customer. Microsemi has been using Thales nShield HSMs as part of its manufacturing flow for SmartFusion2 and IGLOO2 devices to inject unique device IDs, device keys and x.509 device certificates. Allowing Microsemi customers to use the same HSMs in their manufacturing flow closes the loop on supply chain assurance. This enables the company's customers in the communications, industrial and defense markets to trust that their deployed systems are authentic and utilized precisely as planned. Overbuilding prevention is now completely automated.
"Our relationship with Thales allows us to combine our companies' security technologies and provide our customers the highest levels of protection to safeguard their intellectual property, products and revenues from today's evolving threats," said Shakeel Peera, senior director of FPGA/SoC marketing for Microsemi. "This new offering builds upon our existing hardware security module manufacturing infrastructure by allowing customers to securely program their unique key material and designs into a fixed number of SmartFusion2 SoC FPGAs and IGLOO2 FPGAs even in untrusted locations."
The U.S. Chamber of Commerce estimates that intellectual property (IP) threats cost domestic companies more than $250 billion per year in lost revenues. Hardware security modules effectively remove the vulnerability posed by insiders, particularly those within manufacturing locations, enabling offshore manufacturing without threat of overbuilding, cloning or reverse engineering—or incorporating classified data during non-classified manufacturing—while maintaining confidentiality of the sensitive data and preventing tampering such as insertion of a Trojan horse. A hardware security module is a tamper-resistant device designed to generate keys securely, encrypt FPGA bitstreams in a secure environment, facilitate the use of customer owned sensitive key material and execute standard and custom algorithms requiring the use of protected keys.
"Partnering with innovative companies like Microsemi enables Thales to apply our cumulative decades of experience in practical cryptographic techniques to securing the backbone components of the Internet of Things," said Cindy Provin, president of Thales e-Security, Inc. "As a world class provider of powerful, flexible hardware based cryptographic solutions, Thales looks forward to joining Microsemi in developing and deploying sophisticated cryptography that solves security problems at the heart of the advanced digital supply chain."
Applications that can benefit from Thales e-Security hardware security modules include any FPGA-based system that may be at risk for overbuilding, including core routers, switches, small cells, remote radio heads, factory automation, process control, smart small form-factor pluggables (SFPs), programmable logic controllers (PLCs), secure communications, missile systems, and defense equipment targeted at foreign military sales (FMS).
About Thales' Hardware Security Modules
Thales nShield hardware security modules provide a FIPS 140-2 Level 3 certified, hardened, tamper-resistant environment for secure cryptographic processing, key protection and key management. Utilizing the unique nShield CodeSafe feature which enables execution of custom code within the certified security boundary of the HSM, Microsemi specified custom firmware automatically prevents overbuilding when used in conjunction with SmartFusion2 SoC FPGAs or IGLOO2 FPGAs in any untrusted environment.
Thales nShield hardware security modules for Microsemi's devices are available now. Microsemi's SmartFusion2 SoC FPGAs and IGLOO2 FPGAs have been granted certification for seven protocols used in design security under the CRI DPA Countermeasure Validation Program developed by Rambus Cryptography Research Division.
For more information, visit