Security at the Edge: Why It Starts with the Silicon

Edge devices, particularly those within the Internet of Things (IoT), are becoming increasingly indispensable to our daily lives. From smart home gadgets to industrial sensors and personal wearables, these devices are collecting and processing vast amounts of data at the Edge of the network. But as their presence in and impact on our lives expands, so does the imperative for robust security. At Synaptics, we believe that true security for Edge devices must start at the most fundamental level: the silicon.

Hardware: The Foundation of Trust in Edge Devices

The foundation of trust in any computing system, especially at the Edge, must be anchored in fixed, static hardware. Unlike software, which is adaptable and can be manipulated, hardware provides an immutable base from which to establish an unassailable root of trust. This hardware anchor is fundamental for validating any subsequent software or firmware that loads onto the device, thereby creating a robust chain of trust. Without this immutable hardware foundation, the integrity of the entire system remains vulnerable

Three Unique Challenges of Edge Devices

Edge devices present a distinct set of security challenges that differ significantly from those in more controlled environments like the cloud or traditional enterprise settings.

Challenge 1: Wide Attack Surface: Edge and IoT devices often operate in less-restricted environments, outside the confines of controlled data centers. End users frequently have physical access to these devices, which can more easily be tampered with. Moreover, the expanding interoperability between devices, while beneficial for functionality, also broadens the potential attack surface, making them susceptible to a wider array of vulnerabilities.

Challenge 2: Balancing power and security: A critical challenge for IoT devices is the inherent tension between maintaining strong security and operating under aggressive power modes and wake-up times. Many smartwatches, for instance, must wake up instantly when a user tilts their wrist, yet re-authenticating the system every time would lead to a poor user experience. To address this, sophisticated strategies are required, such as retaining trusted memory states in specific power modes. This allows the system to quickly resume from a trusted state without the need for constant, time-consuming re-authentication, striking a balance between user experience and security.

Challenge 3: Physical tampering and blind spots: Due to their accessibility, Edge devices are highly susceptible to physical attacks. Beyond direct tampering, critical "blind spots" can emerge during transitions in and out of power modes. If the root of trust is not continuously monitoring the system's state during these aggressive power transitions, the device becomes vulnerable to attacks. Ensuring the system's legitimacy and sanity even during rapid wake-up cycles is paramount to preventing these blind spots.

Synaptics' Multi-Layered Approach to Silicon Security

Synaptics has developed a comprehensive, multi-layered approach to building security directly into the silicon, addressing these unique challenges head-on.

The Immutable Root of Trust (Hardware Anchor)

At the heart of our security architecture is the immutable root of trust, serving as the ultimate hardware anchor. This lightweight, hardware anchor begins with an immutable Boot ROM. This Boot ROM is designed to be unmanipulable and is responsible for authenticating the first-stage boot loader, which we call the Secure Processor Kernel (SPK).

The SPK then rigorously authenticates all subsequent images, such as the Real-Time Operating System (RTOS) and Linux, establishing an unassailable chain of trust throughout the device's boot process. This ensures that only trusted software can run on the device. For supported low-power domain combinations, hardware ensures that the security configuration is retained so that exiting these modes does not introduce blind spots. This ensures the system is monitored across complex heterogeneous architectures involving MPUs MCUs and NPUs, hosting RTOS, Linux and Android OS layers.

Comprehensive Threat Detection and Response

Beyond establishing trust, silicon implementations should incorporate sophisticated mechanisms for proactively detecting and responding to security threats.

Aggressive detection capabilities: Synaptics silicon includes advanced features for detecting physical attacks. This encompasses a range of threats from non-invasive attacks like manipulating voltage, clock, or temperature, to more sophisticated backside attacks where an adversary might attempt to inject faults by physically altering the package. The use of digital sensors provides expanded exposure, enabling detection of subtle violations within the System-on-Chip (SOC) that might indicate an attack.

Flight controller: Upon detection of a security violation, the system must respond decisively. Synaptics employs a Flight Controller, a system designed for adaptive fault management. This controller defines policies for various security violations, allowing the system to take predefined actions. For example, in the event of an attack, it can wipe sensitive secrets from the device or reset the system, ensuring that an attacker gains no valuable information and preventing further compromise. The control over these policies is fully customizable.

Secure Lifecycle Management

Maintaining security extends beyond the operational life of a device. Synaptics implements stringent protocols for securely handling secrets throughout the device's entire lifecycle, from manufacturing to field deployment and even through to product returns. This helps to ensure that sensitive data is never compromised, even when devices are returned for analysis, as confidential data is wiped.

Application Crypto

To manage the demands of modern applications, particularly those with intensive AI workloads, Synaptics utilizes an innovative Application Crypto coprocessor.

Performance and isolation: High-performance cryptographic services required during runtime are offloaded to this separate coprocessor. This design is crucial for several reasons: it prevents the core root of trust from being exposed to the complexities of application-level cryptography, handles the heavy computational lifting required for modern workloads, and maintains critical isolation between the secure core and application-specific cryptographic operations.

Multi-tenant capability: The Application Crypto is designed to securely support multiple tenants, such as ODMs, and OEMs, while maintaining strict isolation. Access is managed through hardware-based requestor authentication and a locking mechanism, ensuring that only one client operates at a time without risk of interference. When the lock is released, the switch to the next tenant is handled securely, with data from the previous tenant wiped to prevent leakage. For example, the App Crypto can handle cryptographic operations for Bluetooth communications and, once released, service encrypted storage requests. This approach guarantees isolation between workloads while still providing the high-performance services needed as AI applications become more prevalent.

Why Edge Security is Paramount: Risks and Real-World Impact

The consequences of overlooking silicon-level security for Edge devices are profound, impacting both individuals and industries.

Protecting Personal Data and Privacy

As IoT devices integrate deeply into our daily lives, from smart home assistants to personal health trackers, they handle an ever-increasing volume of personal information and sensitive data. The primary vulnerability is often not just about compromised keys, but the leakage of personal data itself. Therefore, robust security measures must ensure data confidentiality at every stage: from its ingestion into the device, through its processing, and finally to its storage. Anchoring protection in the hardware Root of Trust and enforcing strict isolation across system domains is critical to safeguarding this data.

Safeguarding AI Workloads at the Edge

The rapid adoption of Artificial Intelligence at the Edge introduces new dimensions to security. Protecting AI models, their weights and associated data goes beyond simply encrypting them at rest. Once loaded for execution, these assets must remain protected through strong hardware-rooted security and isolation. Physical attack protection has also become increasingly important. Because AI is highly data-intensive, any compromise during runtime could corrupt model weights or inputs, undermining trust in the system's decisions. By combining a hardware Root of Trust with isolation mechanisms and digital sensors that monitor for tampering, the SoC provides robust safeguards to help ensure AI workloads remain trustworthy at the Edge.

Beyond Today: Industry Standards and Future Innovations

The threat landscape for Edge devices is constantly evolving, requiring continuous innovation and a commitment to exceeding current benchmarks.

Adherence to and Exceeding Standards

Synaptics devices are designed not only to meet but to surpass industry benchmarks. Upcoming line of Synaptics Astra™ line of processors adhere to rigorous standards such as the Arm PSA Certified Level 3, which specifically focuses on protection against physical attacks, as well as the CSIP (Cybersecurity Information Protection) industry consortium's equivalent levels, and FIPS (Federal Information Processing Standards). Achieving certifications like PSA Level 3, involves extensive testing against diverse attack methodologies, demonstrating a strong security posture. However, recognizing that standards can lag behind evolving threats, we strive to exceed minimal requirements.

Evolving Threat Landscape

Automation through AI is significantly lowering the cost of executing sophisticated attacks and simultaneously increasing their complexity. This means that what once took weeks of manual effort by skilled adversaries can now be accomplished in a fraction of the time, continuously raising the bar for required security postures. This dynamic environment demands that our security solutions are constantly innovating to stay ahead.

Charting the Future of Edge Security

Synaptics is committed to building a robust security narrative and platform. We are setting the stage to share deeper insights into our architectural specifics and future silicon generations, demonstrating how we are proactively addressing the complexities of Edge security. Stay tuned for more discussions on how Synaptics is committed to leading the way in silicon security for Edge devices, continually building on the foundational principles outlined here to secure the future of AI and IoT.