Your browser does not support JavaScript!

Type

Guide

Hardware Security Guide to Industry Standards and Regulations

In an era marked by relentless technological advancements, the significance of cybersecurity standards, regulations and guidelines has emerged as a critical dimension for companies engaged in the manufacturing of electronic devices. In this dynamic landscape, semiconductor manufacturers are compelled to navigate a complex web of standards and compliance requirements to ensure […]

News

Cycuity Sets New Standard for Semiconductor Chip Security Assurance with Next Generation of Radix Technology

New capabilities expand security analysis, enhance performance, and automate security workflows to further Radix’s position as a first line of defense against hardware vulnerabilities SAN JOSE, Calif. — March 19, 2024 — Cycuity, an innovator of semiconductor security solutions, has introduced comprehensive new features for its Radix technology, including advanced […]

Blog

Microarchitecture Vulnerabilities: Uncovering the Root Cause Weaknesses

In early 2018, the tech industry was shocked by the discovery of hardware microarchitecture vulnerabilities that bypassed decades of work put into software and application security. Meltdown and Spectre exploited performance features in modern application processors to leak sensitive information about victim programs to an adversary. This leakage occurs through […]

Blog

Why Semiconductor Security Is More Important Than Ever in 2024

When I think about the state of semiconductor security today compared to when I joined Cycuity in 2020, I can safely say that chip security conversations are now taking place with greater frequency and urgency. Over the past year, I observed three trends that I expect will continue and accelerate […]

Video

Radix Overview from DAC 2023

Here’s a brief overview of Radix from our booth at the Design Automation Conference (DAC) in San Francisco, explaining how we help build more scalable and comprehensive security for the development lifecycle. Related Links:

News

Cycuity Achieves ISO/SAE 21434 Certification for Automotive Cybersecurity Compliance

Affirms Cycuity’s hardware security verification solution and engineering processes comply with cybersecurity standard for road vehicles SAN JOSE, Calif. — July 11, 2023 — Cycuity, Inc., an innovator of semiconductor security solutions, today announced that its Radix security product and engineering processes are now certified as compliant with ISO/SAE 21434, […]

Blog

Accelerating the DoD’s Access to Commercial Microelectronic Design Security Technology

We recently announced our $99M IDIQ contract from the Department of Defense (DoD) to drive proliferation of our Radix technology and expand its capabilities for increased assurance of microelectronic devices. The contract award comes at a critical inflection point with the rapidly growing demand to improve design security for commercial […]

News

Cycuity Awarded Seven-Year $99 Million IDIQ Contract To Address Design Supply Chain Security

First phase to address secure design supply chain and third-party IP security in close collaboration with partners in the defense and commercial sectors SAN JOSE, Calif. – June 14, 2023  –  Cycuity, Inc., the pioneer of hardware security solutions, today announced it was awarded a SBIR Phase III IDIQ contract […]

White Paper

Radix Coverage for Hardware Common Weakness Enumeration (CWE) Guide

Ready to leverage CWEs with Radix? MITRE’s hardware Common Weakness Enumeration (CWE) database aggregates hardware weaknesses that are the root causes of vulnerabilities in deployed parts. In this 100+ page guide, each CWE is listed along with a Radix template Security Rule that can be filled in with design-specific signals […]

Blog

Enhancing Automotive Security with MITRE CWE

The cybersecurity of the electronics used in automotive designs is crucial and must be considered very early during the architecture and design phase of development. An important set of guideposts for this process can be found in the MITRE CWE (Common Weakness Enumeration).  The CWE list provides a solid framework […]

Fact Sheet

Simplifying Automotive Cybersecurity Compliance

As automobile design increases in the complexity of its digital components, the resulting expanded attack surfaces mean that increasingy strong cybersecurity measures will be required if automotive components and systems are to work as intended. Naturally, this has given rise to increasing compliance requirements, with new regulations defining measures required […]

Blog

Getting Ahead of the Curve with Automotive Security Compliance

In the ever-evolving world of smart cars, cybersecurity has emerged as a major priority in the automotive industry. Automotive manufacturers are facing a market that demands smart cars meet more stringent automotive security compliance requirements, and providing evidence of security rigor to regulators, stakeholders, and consumers is more critical than […]

Blog

Creating Comprehensive and Verifiable Hardware Security Requirements

Developing effective hardware security requirements is one of the trickiest aspects of building trustworthy electronic products. Even highly skilled and experienced teams don’t always get it right. Why? First, it’s very difficult to anticipate every security risk – much less cover every possible scenario with a specific security requirement. Instead, […]

Blog

A Security Maturity Model for Hardware Development

With systems only growing more sophisticated, the potential for new semiconductor vulnerabilities continues to rise. Consumers and hardware partners are counting on organizations meeting their due diligence obligations to ensure security sensitive design assets are secure when products are shipped. This is an iterative process, so a security maturity model […]

Blog

Verifying the OpenTitan Hardware Root of Trust

Dominic Rizzo (OpenTitan) and Jason Oberg (Cycuity) OpenTitan is the leading open source silicon root of trust project. It was also the industry’s first open source silicon root of trust, designed from scratch as a transparent, trustworthy and secure implementation for enterprises, platform providers and chip manufacturers. What Is a […]

Fact Sheet

Capture Effective Hardware Security Requirements in 3 Steps

As hardware vulnerabilities continue to rise, it’s increasingly crucial for those developing semiconductors to reduce consumer and business risk by establishing comprehensive security programs. These should include a systematic process for developing security requirements, verifying them at scale throughout the design process, and producing final documentation for security sign-off before […]

Press

Embedded Insiders Podcast: Verifying the CHIPS Act and Emerging Security Standards

On this episode, the Insiders are joined by Andreas Kuehlmann, Executive Chairman and CEO of Cycuity, formerly known as Tortuga Logic, to discuss the importance of security at the chip level amidst the release of new standards and recent government involvement in the semiconductor industry via the much-talked-about CHIPS Act.

Press

Cybernews Feature: Andreas Kuehlmann, Cycuity CEO

Featured on Cybernews Software often seems like the most important thing that makes the digital world go round, but we often forget that hardware is also in the picture. And as we make sure to secure our digital lives with password managers, virtual private networks, and whatnot, few tend to […]

Blog

A New Phase in Our Journey to Trustworthy Electronic Products

Semiconductor chips drive our everyday lives – and our global economy – in more ways than any of us could have envisioned when Tortuga Logic was founded in 2014. And similarly, the importance of hardware security has grown dramatically beyond what anyone could have predicted at that time. This has […]

PressNews

Tortuga Logic Rebrands as Cycuity

Addressing Evolving Needs in Product Security SAN JOSE, Calif. — June 22, 2022 — Tortuga Logic has officially changed its name to Cycuity, introducing a brand identity that marks a new phase in the company’s growth. Cycuity will expand the scope of its vision to support more holistic product security […]

Video

Hardware Security Assurance Starts With Cycuity

We talk about hardware security this week. Tune in to bootstrap yourself with a primer on hardware security with Dr. Jason Oberg – Cycuity CTO. https://www.youtube.com/watch?v=F5SIZJwh3vk

White Paper

Advancing the Maturity of Your Hardware Security Program

Where Are You Today on the Hardware Security Maturity Model? Hardware security is a journey. Knowing where to start and what goals to set regarding comprehensive hardware security verification can be challenging, but our five-level maturity model can help bring focus to your planning and execution. Whether you’re beginning at […]

White Paper

Cybersecurity is a Journey

Hardware Is the Foundation of Your Security Posture Due to the inability to ‘patch’ silicon, failure to identify and remediate hardware vulnerabilities early comes with catastrophic consequences. However, most of the focus and investments in cybersecurity have historically been on device software and its administrators, not on securing the underlying […]

White Paper

Detect and Prevent Security Vulnerabilities in your Hardware Root of Trust

Computer hardware is omnipresent, with more than one trillion semiconductor devices sold in 2018. Such large growth in the number of semiconductor devices is driven by many factors, including the rapidly expanding sector of the Internet of Things (IoT), which has resulted in the proliferation of simple microcontrollers in all […]

White Paper

Measurable Hardware Security with MITRE CWEs

MITRE’s hardware CWE database aggregates, in a common form, the hardware weaknesses that are root causes of vulnerabilities. The list is categorized into major themes such as Security Flow Issues, Debug and Test Problems, Memory and Storage Issues, General Circuit and Logic Design Concerns, and others Hardware CWEs are ideal […]

Fact Sheet

Radix Automated Security Verification

Cycuity’s Radix technology adds systematic hardware vulnerability detection and prevention to existing ASIC, SoC, and FPGA verification methodologies using its comprehensive information flow analysi/s technology. By bringing more precise and more systematic security practices to every step of the development process, Radix helps security and verification teams identify and isolate […]

Fact Sheet

Security Verification with Radix

The attack surface of a semiconductor-based product evolves in unpredictable ways as design and development advance from block to system level. Creating comprehensive security requirements is an essential first step. But manual, point-in-time requirements verification is not practical with sophisticated products manufactured in collaboration with multiple supply chain partners. The […]

Fact Sheet

Security Signoff with Radix

One of the most challenging tasks that semiconductor product stakeholders have is making informed decisions about when a design is ready to receive security signoff. Leaders are often forced to decide when a product can proceed to tape-out and chip manufacturing based on incomplete or outdated information – all while […]

Fact Sheet

The New Rules of Hardware Security

Now that semiconductors play a central and fast-expanding role in many aspects of everyday life, chip manufacturers face a growing collection of new pressures, including: Increasing design complexity More demanding security requirements from customers New security standards and regulatory requirements Increasingly sophisticated threat actors These challenges are exacerbated by the […]

Fact Sheet

Requirements Definition with Radix

Most companies developing semiconductors – or products that incorporate them – have existing hardware security practices in place. But the security requirements that these activities are based on often have two key limitations: They focus disproportionately on known risks and fail to account for the unexpected. They aren’t easily verifiable […]

White Paper

Building a Robust Hardware Security Program

Chips and the Products That Rely on Them Are Everywhere Semiconductors are now a daily part of modern life. They power sensitive military equipment and enterprise infrastructure, including many with low to zero tolerance for security risk. Even everyday consumers rely on silicon to improve their professional and personal lives […]

Infographic

Is Your Hardware Root of Trust Delivering the Security You Expect?

A hardware root of trust (HRoT) creates a strong foundation for system security, reducing the likelihood of full system compromise. While a HRoT provides valuable security features, it is important to ensure that they are secure features. Vulnerabilities can have a major impact, including: Unprivileged access to your customers’ proprietary […]

Blog

Ensuring Security by Design is Actually Secure

Today’s connected systems touch nearly every part of consumers’ lives, from smart thermostats in our homes to self-driving cars on our roads. The adoption of these new devices has led to an explosion of new semiconductors and use models. But these novel conveniences also come with new risks. With vulnerabilities […]

Blog

A History of Hardware Security and What it Means for Today’s Systems

Although semiconductors provide the foundation of every modern electronic computing system, it’s difficult for most people to imagine the consequences of a hardware security incident on their own lives. However, this is quickly changing as more sophisticated and successful system exploits rooted in hardware make it into major news headlines. […]

Blog

Hardware Security Optimization with MITRE CWE

Whether you’re just starting to build out a hardware security program at your organization, or you’re looking to optimize existing hardware security processes, the MITRE Common Weakness Enumeration (CWE) database is an excellent resource to keep in your toolbox. What is CWE? A CWE is a weakness, or flaw, in […]

Blog

What is MoonBounce? Why You Should Be Concerned and What You Can Do About It

You’ve probably heard of rootkits, but have you ever heard of bootkits? They’re basically all that is terrifying about rootkits – only taken a level deeper. Rather than inserting themselves into the root level of an operating system, they target the firmware that sits beneath the OS. So at a […]

News

Tortuga Logic Appoints Dr. Mitchell Mlinar as New Vice President of Engineering

Seasoned Engineering executive brings extensive leadership experience in product development, security, cloud, and hardware design San Jose, CA – January 11, 2022 — Tortuga Logic® Inc, a cybersecurity company that has pioneered semiconductor chip security solutions, today announced the appointment of Dr. Mitchell Mlinar as Vice President of Engineering. In this […]

Blog

Building a More Secure U.S. Microelectronic Design Infrastructure

The security of the U.S. microelectronic designs and their supply chain is becoming a significantly growing concern for both commercial semiconductor companies and the Department of Defense (DoD).  The industry has seen significant impact from both silicon shortages and vulnerabilities that have caused disruption in the assurance of microelectronics that […]

Blog

The Most Important CWEs For Hardware Security

Due to the significant growth in hardware vulnerabilities, industry leaders have been coming together to discuss the most important security weaknesses to hardware and semiconductors. In early 2020, through invaluable contributions from The MITRE Corporation, Intel Corporation, and Tortuga Logic, a hardware-specific Common Weakness Enumeration (CWE™) taxonomy was born. This […]

Blog

Detecting Spectre Using Radix

By Jerry McGoveran, Senior Security Applications Engineer, Tortuga Logic This is the second post in a two-part series on how Radix can be used to detect and discover microarchitectural vulnerabilities such as Meltdown and Spectre. The prior post, Detecting Meltdown Using Radix, written by Nicole Fern, discussed the Meltdown vulnerability, […]

Blog

Power Side-Channel Analysis Against Values Squashed in the Processor Pipeline

Executive Summary Speculative microarchitectural side-channels have been prevalent over the last several years, the most predominant being variants of Meltdown and Spectre. Another unique and harmful side effect of speculative execution is its influence on power side-channels. This technical report details how leakage can occur through power side-channels due to speculative execution. Specifically […]

Blog

Detecting Meltdown Using Radix

This is the first post in a two-part series on how Radix can be used to detect and discover microarchitectural vulnerabilities such as Meltdown and Spectre. This first post introduces the Meltdown vulnerability, formulates Meltdown as a hardware information flow property violation, and provides details on how Tortuga Logic’s Radix […]

News

Tortuga Logic and DARPA Extend Partnership Through the DARPA Toolbox Initiative.

Commercial Partnership Enables DARPA Researchers to Take Advantage of Tortuga Logic’s Security Verification Technology Through the Toolbox Program San Jose, CA,  March 30, 2021 | Tortuga Logic® Inc, a cybersecurity company and innovator of semiconductor chip security solutions, today announced a new licensing agreement with the U.S. Defense Advanced Research […]

Blog

Darpa Toolbox – Accelerating innovation for forward looking security research

As most are aware, our infrastructure continues to be under cyber attack from state-sponsored actors.  The Solar Winds hack was the most aggressive and damaging attack to date, affecting government agencies and commercial institutions.  It’s clear that our adversaries are sophisticated and are accelerating their desire to disrupt our way […]

Blog

Information Flow Analysis: Tracking Information through Hardware Designs

Many of today’s systems are built around specialized computing hardware that includes intellectual property (IP) to accelerate algorithms used in applications such as Machine Learning and Artificial Intelligence, or Cryptography. While a specific algorithm or system may be secure in theory, a final System on Chip (SoC) implementation may not […]

News

Tortuga Logic announces expansion of product portfolio

New Security Governance Platform will be Developed in Conjunction with an Investment from  In-Q-Tel, Inc. San Jose, Calif. – March 9, 2021: Tortuga Logic® Inc, a cybersecurity company that has pioneered semiconductor chip security solutions, today announced the development of a Security Governance Platform (SGP), expanding its portfolio of advanced […]

News

Tortuga Logic Expands Government-sponsored Program

US Government Awards $12M Contract to Hardware Security Pioneer Tortuga Logic to Advance Solutions for Zero-Trust Assured Microelectronics SAN JOSE, Calif. – Dec. 21, 2020: Tortuga Logic® Inc., a cybersecurity company that has pioneered ASIC, FPGA and SoC hardware security solutions, today announced that it has been awarded an SBIR […]

Video

A Fireside Chat with Dr. Jason Oberg

We talk about hardware security this week. Tune in to bootstrap yourself with a primer on hardware security with Dr. Jason Oberg – CTO of Cycuity. https://www.youtube.com/watch?v=MYY39G19xWk

Blog

Establishing a Special Interest Group on Common Hardware Weaknesses

It seems like almost every week, yet another hardware security vulnerability is announced. Just last week a team of researchers disclosed a new attack called “Platypus”, an acronym for “Power Leakage Attacks: Targeting Your Protected User Secrets.” This is another attack exploiting the simple fact that hardware sits below the […]

Press

CEO Interview: Andreas Kuehlmann of Tortuga Logic

You may remember Andreas from his time at Synopsys, where he led the new Software Integrity Business Unit. He joined Tortuga Logic a couple of months ago to lead the company. Given his background in software security, I was eager to get a CEO interview… Read the full interview on […]

News

Tortuga Logic Announces Expansion of Cybersecurity Leadership Team

Tortuga Logic Announces Expansion of Cybersecurity Leadership Team, Appoints Andreas Kuehlmann as Executive Chair and Interim CEO, Co-Founder Jason Oberg as CTO SAN JOSE, Calif. – Aug. 4, 2020: Tortuga Logic, Inc., a cybersecurity company specializing in hardware security, today announced that its Board of Directors has appointed Andreas Kuehlmann as Executive […]

Blog

Hardware Security — A Critical Piece of the Cybersecurity Puzzle

Cybersecurity is a critical foundation of our rapidly expanding digital world-spanning hardware and software that powers everything from our personal devices to the global infrastructure. Over the past decade, significant progress has been made in many security domains, especially in maturing secure software development processes. So far, hardware security has […]

Blog

Hardware Security Verification with CWE and Information Flow Analysis

Common Weakness Enumeration (CWE) is a community-developed list of software and hardware weakness types which may cause security issues. CWEs for software have been around since 2006 but the list of hardware weaknesses is new. The list is maintained by the MITRE organization and can be found here: cwe.mitre.org A […]

News

Tortuga Logic’s Dr. Jason Oberg Appointed to the CWE/CAPEC Board

SAN JOSE, Calif. –July 21, 2020: Tortuga Logic, Inc., a cybersecurity company specializing in hardware security, today announced that its CEO, Dr. Jason Oberg, has been appointed to the newly established, Common Weakness Enumeration (CWE™) / Common Attack Pattern Enumeration and Classification (CAPEC™) Board. CWE is sponsored by the U.S. […]

Blog

Reducing Hardware Security Risk

Introduction In today’s world, hackers, computer viruses and cyber-terrorists are making headlines almost daily. Security has become a priority in all aspects of life, and most importantly, of our businesses. Recently hackers have been targeting the heart of our most complex systems, the Application Specific ICs (ASICs) and Systems on […]

News

What Makes A Chip Tamper-Proof?

The cyber world is the next major battlefield, and attackers are busily looking for ways to disrupt critical infrastructure. Read the full article.

Press

Fundamental Changes in Economics of Chip Security

June 10th, 2020 – By: Ed Sperling: Protecting chips from cyberattacks is becoming more difficult, more expensive and much more resource-intensive, but it also is becoming increasingly necessary as some of those chips end up in mission-critical servers and in safety-critical applications such as automotive… Read the full article.

News

CEO Update 2020

Dr. Jason Oberg, CEO and co-founder of Tortuga Logic, overviews his thoughts on hardware security vulnerabilities and the new industry initiatives driving hardware security. Read the full interview.

News

3 Steps to a Security Plan

Assessing the security of a hardware design sometimes seems like a combination of the guy looking under a streetlight for his car keys, because that’s where the light is (we have this tool, let’s see what problems it can find) and a whack-a-mole response to the latest publicized vulnerabilities (Cache […]

News

Hardware CWEs…This Will Change Everything

Something happened in February of this year that will change the way security of integrated circuits (ASICs), System on Chips (SoCs), and field-programmable gate arrays (FPGAs) are specified, designed, and verified… Read the full article.

News

An Objective Hardware Security Metric in Sight

Security has been a domain blessed with an abundance of methods to improve in various ways, not so much in methods to measure the effectiveness of those improvements… Read the full interview on SemiWiki.com.

News

Tortuga Logic Scores Role in DoD Security Programs

It should be no surprise in the current climate that the US government is ramping up investment in microelectronics security, particularly with an eye on China and investments they are making in the same area. This has two major thrusts as I read it: to ensure trusted and assured microelectronics […]

News

Verifying Security in Processor-Based SoCs

Security in modern systems is of utmost importance. Device manufacturers are including multiple security features and attack protections into both the hardware and software design. For example, the Synopsys DesignWare ARC Processor IP includes many security functions in its SecureShield feature set. End-product system security, however, cannot be guaranteed by […]

News

Taking Aim at the Achilles Heel of Computer Hardware

Cybersecurity is at a crossroads. Spending on cybersecurity is expected to exceed $133 billion in 2022, and yet we still have huge data breaches. Read the full article.

News

Mercury Systems Selects Radix for DARPA Program

SAN JOSE, Calif., Jan. 15, 2020 /PRNewswire: Tortuga Logic, Inc., a cybersecurity company specializing in hardware security, today announced that its products and services have been selected by Mercury Systems, Inc. (Nasdaq: MRCY), to support the DARPA Guaranteed Architecture for Physical Security (GAPS) program. Mercury Systems’ secure processing subsystems are used in numerous Command, Control, […]

News

Radix™ Hardware Security Verification Solutions Licensed by Xilinx

Tortuga Logic’s Radix Series Bolsters Firmware and System Security SAN JOSE, Calif., July 30, 2019 /PRNewswire/ — Tortuga Logic, a cybersecurity company specializing in system-level security, today announced a licensing agreement with Xilinx Inc. Under the license, Xilinx will use Tortuga Logic’s Radix™ series of security verification solutions to provide best in class […]

Blog

The Headaches of Being a SoC Security Architect

A modern System-on-Chip (SoC) has a wide array of very strict and difficult-to-verify security properties. Issues related to locking critical configuration or key registers, proper implementation of interconnect access control rules, and general configuration during system boot are issues that pain just about every SoC Security Architect. They spend hours […]

Blog

You Probably Have a Lot of Dead Hens in Your Hardware Design

Meeting timing, keeping under power budget, delivering on time – all aspects of hardware design are pretty easy if you just relax the constraint of being “correct”! Hardware designers of course know this and are quick to find creative and easy fixes to their problems but are of course held […]

Blog

You Must Verify HW/SW Interactions To Avoid Security Vulnerabilities

Imagine waking up tomorrow morning only to discover that your employer’s brand is all over the news for the wrong reasons. Qualcomm employees experienced that last week. Over 900 million Android devices containing a Qualcomm processor were shown to have four known security vulnerabilities, and these alarming security issues are […]

Blog

Securing the Internet of Things Starts with Silicon

In just a few short years, connected devices of the Internet of Things (IoT) have gone from concepts to reality and as a result there are now major concerns regarding their initial development. The consensus opinion is that communication standards, power, and security are the major issues for connected device […]

Blog

Securing FPGAs

Ask an FPGA design engineer about securing their designs and a typical reply is likely “Oh – we don’t have to worry about that, our FPGA vendor takes care of silicon security”. This perspective is partially true in that FPGA vendors provide security functionality to protect a user’s bitstream and the […]

Blog

Here’s What You Need To Know About Design-For-Security

It’s the natural inclination of engineering management to address difficult and new issues in product development by testing for them late in the design cycle. Often the new issues are not well understood, EDA tools and techniques to address the issues are new and unproven (if available at all), and […]

Blog

Software Security Is Necessary But Not Sufficient

As the silicon designs inside the connected devices of the Internet of Things transition from specifications to tapeouts, electronics companies have come to the stark realization that software security is simply not adequate. Securing silicon is now a required, not optional, part of RTL design processes. Design-for-Security (DFS) needs to […]

Load More