Pim Tuyls, CEO of Intrinsic ID, founded the company in 2008 as a spinout from Philips Research. It was at Philips, where he was Principal Scientist and managed the cryptography cluster, that he initiated the original work on Physical Unclonable Functions (PUFs) that forms the basis of the Intrinsic ID core technology. With more than 20 years of experience in semiconductors and security, Pim is widely recognized for his work in the field of SRAM PUFs and security for embedded applications. He speaks regularly at technical conferences and has written extensively on the field of security. He co-wrote the book Security with Noisy Data, which examines new technologies in the field of security based on noisy data and describes applications in the fields of biometrics, secure key storage, and anti-counterfeiting. Pim holds a Ph.D. in mathematical physics from Leuven University and has more than 50 patents.
What brought you to semiconductors?
For that we must go back to 2002. At that time I was part of the security group of Philips Research and we were working on “Ambient Intelligence,” which is currently known as the Internet of Things (IoT). Foreseeing that everything around us would be connected and operations would be automated, it was clear to us that there were major security issues on the horizon. These issues would come up at the silicon level, as all measurements, processing, and connectivity in the IoT is provided by chips. That is when we started thinking about how we could help to increase the security of chips at a low cost to facilitate the needs of an upcoming market with potentially billions of devices. It was clear from the beginning that this problem required a novel and innovative approach with as little overhead as possible. That is when we decided to base security on the physical characteristics of chips and was the idea born to work with silicon-based Physical Unclonable Functions or PUFs.
PUFs convert tiny variations in silicon into a digital pattern of 0s and 1s that is unique to that specific chip and is repeatable over time. This pattern is a “silicon fingerprint,” comparable to its human biometric counterpart. The fingerprint is turned into a cryptographic key that is unique for that individual chip and is used as its root key. This root key is reliably reconstructed from the PUF whenever it is needed by the system, without a need for storing the key in any form of memory.
And how does this relate to the backstory of Intrinsic ID?
When we started working on these PUFs, our biggest internal customer at Philips was its semiconductor division. However, as we all know, in 2006 Philips decided to spin off this division into the independent company NXP. For our team this meant losing our internal customer, as research teams were supposed to work for internal customers only. At that point we were given the opportunity by Philips to make the change from a research team into a venture activity. This allowed us to create a business for ourselves that we successfully spin out of Philips in 2008, with the help of the VC Prime Ventures, as Intrinsic ID. From that point on we were able to start commercializing our own products and start building our customer portfolio, which includes several of the biggest semiconductor companies in the world, such as NXP, Intel, Silicon Labs, Microchip, and many others.
What customer challenges are you addressing?
The main problem for high-volume semiconductors, such as those in IoT devices, is to have a strong and low-cost implementation of a root of trust that also scales well over the ever-decreasing technology nodes. It is clear that a security implementation needs to be sufficiently strong, otherwise there is no point to it. The enormous volumes in IoT also demand the solution to be low-cost. But the impact and the importance of the solution to be scalable are often overlooked. Especially for hardware-based security, it is not trivial that an implementation scales along with decreasing technology nodes. If this is possible, it enables chip manufacturers to use the same technology over different nodes, which guarantees continuity and eases the burden on development and maintenance of software. High security and low cost with flexible scalability are what we provide with our security solutions based on PUF technology.
What are the products Intrinsic ID has to offer?
We have three flagship products at this moment: a semiconductor product, a software product, and an FPGA product. The semiconductor product is QuiddiKey, which consists of RTL that generates a root of trust for chips from an SRAM PUF. Additionally, QuiddiKey provides key management for the keys that are derived from the PUF. For existing silicon, or chips where additional RTL cannot be added, we have a software implementation of the same solution called BK, which runs on virtually any processor. And since last year, we have a specific solution for FPGA, called Apollo. Apollo facilitates the creation of a PUF-based root of trust in the programmable fabric of Xilinx FPGAs.
I’m happy to mention that later this year we will be launching a brand-new product called Zign, which provides a non-intrusive way to track high-volume devices. We also have a few other new developments in the works regarding random-number generators for off-the-shelf devices, as well as an activation product.
What is your competitive positioning?
PUF technology in general provides several benefits over traditional methods of key provisioning and storage. Most importantly, with an SRAM PUF, no sensitive data is ever stored on a chip. The root key of the device is created from the physical characteristics of the silicon and it is only generated when needed. All sensitive data and keys are encrypted with this root key before storage and therefore uniquely bound to the hardware of the chip, making it impossible to extract or copy any data. Furthermore, because the root key is created from silicon, there is no need for external provisioning of this key. This simplifies the supply chain by eliminating the need for key provisioning at a trusted facility. Also, no member of the supply chain will have any knowledge about the root key because it has not been provisioned and it never leaves the chip – it is intrinsic to the chip itself.
The benefits of our specific SRAM PUF technology include very strong security. This means the SRAM PUF provides high entropy to create the cryptographic root key on any chip. It also has high reliability over time – in fact, in some cases is even higher than the reliability of non-volatile storage for keys. On top of that, SRAM is a standard semiconductor component that is available in any technology node and in every process. This ensures the scalability of SRAM PUF over different nodes and processes and allows for easy testing and evaluation as this is a well-known semiconductor component. And finally, it is fully digital. This means that adding an SRAM PUF does not require any additional mask sets, analog components (like charge pumps), or special programming.
What kind of year has 2020 been for Intrinsic ID?
Clearly 2020 was a tough and challenging year for everyone due to the global pandemic. Working from home and worrying about the health of ourselves and our loved ones was hard on all of us. But despite these challenges, 2020 was a very good year for Intrinsic ID. We saw strong growth in revenue and royalty income, while also being able to launch new products. 2020 has been an important year for our presence on FPGAs, with the launch of our Apollo product for Xilinx FPGAs as well as a dedicated SRAM PUF implementation for Intel FPGAs, such as the Stratix X. So business wise, 2020 has been a great year for us.
What does 2021 have in store for Intrinsic ID?
We expect 2021 to be another great year for us, both financially and in growth of the company itself. We are starting the year strong with a great pipeline with top-tier prospective customers. And given the current growth in the semiconductor market, we also expect a steady growth of our royalty income. With Zign we will be launching another new product this year, which is currently already being evaluated by beta customers. We are also growing our team (see: www.intrinsic-id.com/careers) to keep up with ever-increasing customer demand. And finally, we are launching a new community website for people interested in PUF technology, www.pufcafe.com. This website provides a forum for people from the security community to get together, find resources, attend webinars, and submit their own documents to really drive the discussions on where the development of PUF technology in general (not just our products) should be headed. We are really looking forward to building an active community that will shape the future of PUF technology.