360体育直播

Design Security

Security Throughout the Product Lifecycle

Overview

security is a complex topic that covers multiple technical disciplines and areas of focus based on the threats a customer is trying to protect against, the sophistication of the adversary they are concerned about, and the environment the end product is deployed in. the venn diagram below shows the different disciplines that encompass the term "platform security" and which xilinx invests heavily in.

Venn diagram shows the different disciplines that encompass the term Platform Security

Assurance: Focuses on the known pedigree and heritage of the system solution provided by Xilinx. Silicon, software, firmware and soft-IP must be "Trojan-free". Supply chain security and risk management are key focus areas.

Information Assurance (IA): Information Assurance is focused on protecting the information, or data, the device is handling or processing. This is done through standard cryptographic techniques (e.g. authentication and encryption) as well as fault tolerant design methods. Fault tolerant design methods ensure that security is not compromised in the face of a fault.

Cybersecurity:360体育直播 While Information Assurance assures all information in all forms of media, Cybersecurity is focused on the protection of information in the cyber domain. This effectively makes Cybersecurity a subset of Information Assurance in most applications.

Anti-Tamper (AT): Focused on protecting the customers’ intellectual property (IP) that is deployed in their product and contained within the device either as hardware or software. Our customers invest heavily in their products, and Xilinx devices must protect those investments from cloning, reverse engineering or other types of attacks that can extract the IP resident in Xilinx devices.

as the venn diagram accurately reflects, there are areas of uniqueness as well as significant areas of overlap between the disciplines. looking holistically across all disciplines provides the best defense in depth approach.

security must be considered throughout the entire product lifecycle in order to maximize the protection of a system. as an example, developing fault tolerant application level security solutions deployed on a device that does not boot securely, is like building a mansion on a foundation of sand. as can be seen from the pyramid, xilinx and their customers have a shared responsibility to ensure the security of a system. it is also important to recognize that no system is completely immune to attack - with enough time, energy, resources and money, any system can be compromised. security is all about managing risk, and how much investment a customer wants to make to manage that risk.

360体育直播xilinx employs world-class best practices to establish the trustworthiness of its silicon, software and development tools. an array of countermeasures are integrated into silicon which aid in protecting against a myriad of attack vectors. the secure boot, or configuration, of our products employ a hardware root of trust with authenticity, confidentiality, and integrity built in.

the device, after booting securely, must maintain the security that has been established. run-time protections are a shared responsibility between xilinx, the customer, and the rich xilinx ecosystem.

360体育直播the base of the pyramid is established to ultimately protect the customer’s end application.

the pyramid displays that customers have a shared responsibility to ensure the security of a system
Security Working Group

Notice:

After careful consideration, Xilinx has decided to cancel all XSWG 2020 Events due to the global concern regarding the corona virus outbreak. We are taking this measure out of caution for the health and safety of our employees, customers, and partners. We greatly value these events and look forward to holding XSWG in 2021.   Please check this page for updates times/locations for XSWG 2021 early next year.

The Xilinx Security Working Group (XSWG)360体育直播 is an annual multi-day FREE event in North America and Europe that brings together Xilinx customers from all markets, academic representatives, Xilinx Alliance partners, and government agencies and authorities to discuss the latest security topics.

the unique aspect about this working group is that an nda is required. this allows xilinx to present roadmap and detailed design information that would not normally be presented in such a forum. all participants will require a current nda.

San Jose, CA USA

 

October 20 - 21, 2020
 

EVENT CANCELLED

Longmont, CO USA

 

September  29 - October 1, 2020


EVENT CANCELLED

Laurel, MD USA

360体育直播(baltimore/washington area)

November 10 - 12, 2020



EVENT CANCELLED

Munich, Germany

 

December 8 -9, 2020

EVENT CANCELLED

Event Overview

not sure which one to attend?  see below.

Event Who should attend?
XSWG: Xilinx Security Working Group (San Jose, CA) Customers in commercial markets such as Communications, Data Center, Industrial, Automotive and Consumer
XSWG: Xilinx Security Working Group (Longmont CO and Laurel, MD) Aerospace and Defense customers
XSWG: Xilinx Security Working Group (Munich, Germany) Customers across all markets:  Automotive, Industrial, A&D, Communications
Documentation
Cryptographic Algorithm Validation

cryptographic algorithm validation, via the nist cryptographic algorithm validation program (cavp) is an important aspect of the security solutions provided by xilinx. the following table identifies the algorithm, and product, that has been validated with a link to the nist website.

Xilinx Device Family
NIST Validation Description (Number)
Validation Type(s)
7-Series and Zynq-7000
HMAC
AES
SHA2
RSA
UltraScale/UltraScale+ AES
SHA3
Zynq UltraScale+ SHA3
AES, SHA3, RSA
AES
AES, SHA3, RSA
AES, SHA3, RSA
Versal AES
AES, SHA3
IP AES
AES
AES
AES
AES
Development Software KDF
KDF
Partners
Vendor Program Tier
Location

Helion Technology Limited
Data security and lossless data compression for High performance/efficiency FPGA design

Member Cambridge GB

Fidus Systems, Inc.
Electronic product development and consulting services. Capabilities: Hardware, FPGA, Signal Integrity, Embedded Software, PCB Layout, Wireless, DSP, and Mechanical design.

Premier Ottawa ON CA

Fremont CA US

Waterloo ON CA

DornerWorks, Ltd.
DornerWorks provides expertise and a development plan to help developers create amazing products so that they are free to focus on what they do best.

Premier Grand Rapids MI US

Bottom Line Technologies, Inc.
360体育直播 FPGA, board, and system designs for commercial, industrial, and military/IC clients. TS-SCI cleared personnel Xilinx exclusive regional Authorized Training Partner

Certified Columbia MD US

Ellicott City MD US

Silex Insight
IP for Video Codecs (JPEG2000, JPEG, VC-2LD, MPEG), Encryption( AES, Public Key, Hash, TRNG), Embedded Security platforms and Video-over-IP.

Certified Gent BE

Louvain La Neuve BE

Avnet
360体育直播 Avnet is an operating group of Phoenix-based Avnet, Inc. that serves electronic original equipment manufacturers

Premier Phoenix AZ US

A2e Technologies
360体育直播 Embedded System Design and Custom Application Software Services and Video related IP Cores for Xilinx Devices.

Certified Burlington MA US

San Diego CA US

Guadalajara MX

Missing Link Electronics, Inc.
360体育直播 Turn FPGAs into Programmable Systems with a configurable applications processors running a full GNU/Linux software stack integrated into a pre-validated platform.

Premier San Jose CA US

Neu-Ulm DE DE

CAST, Inc.
360体育直播 CAST developes and supports over 100 different popular and standards-based IP cores.

Certified Woodcliff Lake NJ US

São Paulo

SP BR

Logicircuit, Inc.
360体育直播 Logicircuit provides DO-254 compliant IP for Xilinx devices and also supports the general DO-254 and DO-178C compliance requirements of Xilinx Aerospace and Defense customers.

Member Alpharetta GA US

Atessa, Inc
Atessa, Inc. focuses on electronic system security. The company's products and services enable designers to meet anti-tamper (AT) requirements and address global supply chain security challenges.

Member Pleasanton CA US

The Athena Group, Inc.
360体育直播 Athena is a leading provider of security, cryptography, anti-tamper, and signal processing IP cores to many of the world’s largest semiconductor companies, defense contractors, and OEMs, as well as emerging providers. Embedded in millions of ASIC and FPGA devices, Athena technologies enable high-value solutions where security and performance are mission critical ─ defense and aerospace, vehicle safety (V2V, V2X, telematics), networking and communications, satellites, cellular base stations, handsets, the Internet of Things (IoT), and more.

Member Gainesville FL US

Star Lab Corp.
Star Lab is a high-tech business focused on complex systems security, with significant expertise in developing world class defensive embedded software security solutions for both commercial and military applications.

Member Washington DC DC US
Green Hills Software, Inc. Member Santa Barbara CA US
Tortuga Logic, Inc.
HW Security Solution and Verification
Member San Jose, CA  US

Idaho Scientific LLC
360体育直播 Idaho Scientific provides Secure IP and design services tailored to meet DoD Anti-Tamper, Export, and Cyber Security requirements.

Member Boise ID US

Graf Research
Graf Research unleashes innovation by developing ideas into disruptive technologies.

Member Blacksburg VA US

SoC-e
360体育直播 SoC-e offers specialized design services and products based on reconfigurable devices. SoC-e is focused on Industrial Networking, Sofware-Defined Radio and VPX Rugged FPGA based systems.

Certified Erandio ES

Extreme Engineering Solutions (X-ES)
360体育直播 Extreme Engineering Solutions, Inc. (X-ES) is a leader in the design, manufacture, and support of standard and custom embedded computing solutions.

Member Middleton WI US

Curtiss-Wright
360体育直播 Curtiss-Wright is a technology leader in development of rugged COTS electronic modules and systems for defense & aerospace applications. Curtiss-Wright's FPGA solutions include VPX, XMC, PMC, & FMC.

Member Kanata ON CA

Ashburn VA US

Newton PA US

Rincon Research Corporation
360体育直播 Rincon Research Corporation (RRC) is a world leader of innovative, cutting-edge Digital Signal Processing (DSP) products and solutions targeting the aerospace, defense, and communication industries.

Member Tucson AZ US

intoPIX s.a.
intoPIX enables its customers with leading-edge image compression (J2K, TICO,...), security (AES,RSA,...), video transport (AVB, MPEG2-TS,...) and hardware enforcement IP-cores for audiovisual markets.

Member Mont-Saint-Guibert BE

Algotronix, Ltd.
Implementation of algorithms on FPGAs, Security and Cryptography

Member Edinburgh GB

WIND RIVER SYSTEMS, INC.
A global leader in delivering software for intelligent connected systems.

Member Alameda CA US