Anything that is connected to the internet is at risk, and connected vehicles are no exception. Every connected electronic component represents a potential entry point for malicious intrusion – into the component itself, or onto the network to which it is connected. Root-of-trust (RoT) technology is becoming an essential requirement for components in autonomous vehicles which now need to adhere to the industry standard ISO/SAE 21434 to ensure the vehicle fleet is secure by design.
QuiddiKey® is a physical unclonable function (PUF)-based RoT solution that can be applied easily to almost any MCU/SoC/ASIC without the need for adding costly, security-dedicated silicon. QuiddiKey 400 has been developed following an ISO 26262 functional-safety-compliant flow, and meets the ISO 26262 Automotive Safety Integrity Level (ASIL) B fault metric. Just like QuiddiKey 300, which was the world’s first RoT IP to receive a SESIP and PSA Certified level 3 certification, QuiddiKey 400 includes substantial protection against both software and hardware attacks to deny adversaries access to any key material or data, even on unmanned autonomous vehicles.
Intrinsic ID QuiddiKey is the world-leading and certified IP that uses standard SRAM as a PUF to create a strong hardware RoT. The PUF root key is never stored, but re-created from the PUF each time it is needed, offering the highest level of security. A key protected by QuiddiKey is integrity protected and can be decrypted solely on the device on which it was created.
QuiddiKey 400 meets the ISO 26262 Automotive Safety Integrity Level (ASIL) B fault metric. It validates all inputs and critical internal logic through integrity checks and error detection. It continuously asserts that everything runs as intended and flags any observed faults. Additionally, QuiddiKey 400 offers the user hardware and software handholds to check whether all data is correctly transferred to and from QuiddiKey.
- Uses standard SRAM start-up values as a PUF to create a hardware RoT
- Supports fault detection and reporting
- Validates input and output logic, flags observed faults, and offers handholds to check data transfer to and from QuiddiKey
- Offers key provisioning, wrapping, and unwrapping to enable secure key storage across the supply chain and for the lifetime of the device
- Binds keys and data to the hardware of the device
- Eases integration with custom driver API
- Meets the functional safety ISO 26262 standard ASIL B fault metric
- Integrates easily and scales with all fabs and technology nodes
- Offers a higher level of security than traditional key storage in NVM such as secure flash, OTP or e-fuses
- Enables designers to create and store an unlimited number of keys securely in unprotected NVM on/off chip
- Eliminates the need for centralized key management and programming
- Remains secure post quantum computing
- Meets ISO 26262 ASIL B fault metric
- ASIL D for systematic failures
- NIST CAVP
- ISO/IEC 20897-compliant PUF
- FIPS 140-3 support
- SRAM PUF-enabled products have been certified by EMVCo, Visa, CC EAL6+, PSA, and ioXt
- DoD and EU governments qualified
Why You Need QuiddiKey
Secure supply chain: Each QuiddiKey user can generate an unlimited number of device-unique keys. None of these keys are ever stored on the device. This means that each user in the supply chain can derive their own device-unique keys and import and protect other secrets, without these keys or secrets being known to the manufacturer or other supply-chain users. The wrapping functionality enables supply-chain applications and IP to be securely and reliably protected – for the lifetime of the device – prior to being deployed in the field.
Protection against reverse-engineering, counterfeiting/cloning: QuiddiKey protects firmware IP by encrypting it with a PUF-derived encryption key that is locked to the hardware instance of the device. If the firmware IP tied to a device with QuiddiKey is copied to other device instances, these rogue devices cannot unlock the IP or use it, because every device has a different hardware fingerprint.
Other use cases: Secure key storage, flexible key provisioning, HW-SW binding, secure communication, authentication
QuiddiKey 400 Configurations
QuiddiKey 400 is available in off-the-shelf configurations with size ranging between 114k and 163k gates. Configurations differ according to functionality, performance and compliance.
|Generate device keys and random values
|Wrap and unwrap keys
|Size (k gates)
|AC size (bytes)
|Security strength (bits)
|Maximum key length (bits)
|Time to root key (k cycles)
|SRAM required for PUF (kB)
APB or TileLink-UL
|Masked key output
|SRAM health checks
|Fault detection and reporting
|NIST CAVP certification (DRBG, AES, KDF)
|NIST SP 800-90 compliant
(✓) features are optional
QuiddiKey has been embedded on MCU/SoC/ASICs in a diverse set of foundry/process node combinations. SRAM PUF responses have been qualified for use with QuiddiKey in a wide range of operational environments.
QuiddiKey 400 Deliverables
QuiddiKey 400 IP can be integrated easily into any semiconductor design across all foundries and process nodes. Standard deliverables include:
- RTL netlist (VHDL, Verilog)
- Testbench (UVM, VHDL), C model
- Synopsys Design Compiler® synthesis constraints (tcl)
- QuiddiKey driver (C sources, headers)
- QuiddiKey register description (IP-XACT)
- Datasheet, integration manual and driver documentation
- NIST documentation (SP 800-90A/B)
- ISO 26262 documentation (ASIL B/D metrics)
Driver Eases Integration
The QuiddiKey 400 driver eases the use of the HW IP for developers in an embedded software environment. It is delivered as C source code and comes with a reference manual, integration tests and the QuiddiKey 400 register description.