On Monday Synopsys announced that it was acquiring Elliptic Technologies. They have one of the largest portfolios of security IP consisting of both semiconductor IP blocks and software. Increasingly, security requires a multi-layer approach involving both secure blocks on the chip and a software stack on top of that.
Elliptic’s products are used in areas that you might expect such as for payment processing and for digital rights management (DRM). But it is also closer to the silicon than most security solutions including protecting against rogue semiconductor devices, IP theft and more. In each of these situations, cryptographic credentials such as keys or certificates must be managed and inserted into the target device to authenticate it. For example, if a manufacturer wishes to protect against anti-cloning when using a ODM, or overbuilding at a foundry, it can securely inject credentials from a secure server administered by the manufacturer. Only those products that receive these credentials will function correctly. Similarly, a designer of DSP algorithms for example could decrypt and enable the code only for authenticated use through the secure injection of credentials during manufacturing by customers. This will ensure that only authorized and paid-for copies are enabled.
Security IP is a significant growth area due to two factors. Firstly, the importance of security increases on a daily basis, and the risk of poor solutions can be measured in hundreds of millions of dollars for large companies. Secondly, the growth of connected consumer electronics such as smartphones and tablets, networking infrastructure, gateways, base stations, femtocells, and mobile applications. And, of course, an obligatory mention of IoT where security is up there alongside power as an issue.
Or, as Joachim Kunkel put it in the press release:We live in an internet-connected world and built-in security is critical in protecting devices from malware, data breaches and more.
One key capability is the Ellipsys Trust Framework that enables:
- Manufacturers to protect against counterfeiting, cloning, overbuilding of products produced by ODMs and contract manufacturers;
- IP designers to protect IP in the form of firmware-embedded algorithms, programs, and FPGA bit files, through all phases of product life cycle;
- Content Distributors to protect high value content such as High Definition video;
- Device manufacturers to activate and provision products at the point of sale;
- Network operators and administrators to manage the identity of devices and subscribers, and to enable features, applications and services in mobile and wired networks
The portfolio includes:
- Symmetric Cryptographic Engines
- Hashes and MACs
- Public Key Accelerators
- Random Number Generators
- Software Libraries
- Security Protocol Processors
- tRoot Embedded Security Modules
- Security Accelerators
- tVault DRM
- DTCP-IP content protection
- HDCP 2.2 content protection
This acquisition follows Synopsys’ recently announced acquisition of Codenomicon and announced plans to acquire Quotium’s Seeker product, also providing some of the necessary technology for developing secure products. Between pure software solutions which are grouped with Coverity, and semiconductor IP grouped into DesignWare, Synopsys has an increasingly broad portfolio of security products. Just as importantly, they have an increasingly large team of experts in software and silicon security implementation.
Terms of the acquisition were not announced, but it is not financially material to Synopsys (which means the price was not enormous). If you are curious about Elliptic’s name, I think it comes from two things (I’m guessing): getting IP into the name, and one of the major modern encryption techniques is elliptic curve cryptography (ECC), so to anyone in security the word elliptic doesn’t bring ovals to mind, but ECC which gets higher levels of security from the same key length as older approaches.
The Synopsys security IP page is here.