Lattice MachXO5D-NX FPGA family enables Hardware Security in Programmable FPGAs

Lattice Semiconductor has recently introduced the MachXO5D-NX FPGA family, which integrates a hardware root of trust (RoT) into low-power FPGAs. This addresses security challenges by combining on-chip Flash memory and hardware encryption to minimize code capture risks during load time.

The MachXO5D-NX family includes three variants with logic cell counts of 27k (FMXO5-25), 53k (LFMXO5-55T), and 96k (LFMXO5-100T). These FPGAs feature built-in hardware encryption, a cryptographic engine supporting AES-256, ECDSA-384/521, SHA2-256/384/512, and RSA 3072/4096, and a unique secret identity (USID) for device identity protection. Built on a 28-nm fully-depleted silicon-on-insulator (FD-SOI) process, these FPGAs reduce power consumption by 75% and lower soft error rates by 100x(as the company mentions). They support interfaces such as MIPI D-PHY (CSI-2, DSI), LVDS, Gigabit Ethernet, and PCIe, making them suitable for secure edge applications.

Lattice MachXO5D NX FPGA dev board

Lattice MachXO5D-NX FPGA family specifications

  • FPGA – Lattice Semi MachXO5D-NX FPGA family (27k (FMXO5-25), 53k (LFMXO5-55T), and 96k (LFMXO5-100T))
  • Programmable Logic – 27k to 96k logic cells, 20 to 156 multipliers
  • Memory – 1.9 Mbot to 7.3 Mbit embedded memory, DDR3/DDR3L/LPDDR4 support
  • Interfaces – MIPI D-PHY, LVDS, SLVS, SGMII, PCIe Gen1/2, Ethernet
  • I/O – 200-300 programmable I/O, high-performance (1.8V) and wide-range (3.3V)
  • Analog Features  Dual ADC (1 MSPS, 12-bit SAR), three continuous-time comparators
  • Security Features – Bitstream encryption (AES-256), authentication (ECDSA), secure boot
  • Additional Features – Clock Data Recovery (CDR), sysDSP blocks with Dynamic Shift for AI/ML, sysMEM EBR, soft error mitigation, dual ADC, dual DAC
  • Power Management – Low-power and high-performance modes
  • Dimensions – 17 x 17mm
LFMXO5-15D Simplified Block Diagram
Simplified Block Diagram for LFMXO5-15D device

Please note that this is a summarized overview of the MachXO5-NX FPGA family’s capabilities, for more information you can check out the MachXO5-NX Family datasheet on Lattice Semiconductor’s website.

MachXO5-NX FPGAs enable edge AI and math-intensive applications with multipliers and DSP cells. The FPGA also comes with MIPI, LVDS, Ethernet, PCIe, and DDR interfaces. Embedded Flash memory supports multi-boot and user storage. Additionally, the chips are compatible with the Lattice Radiant design suite and utilize pre-engineered IP modules.

This FPGA also features a hardware-based cryptographic engine with advanced encryption standards(AES), a true random number generator, and a unique secret identity for enhanced security. The devices are crypto-agile, which means they can switch between multiple cryptographic algorithms or methodologies. Additionally, they support Commercial National Security Algorithms (CNSA) specified for bitstream and cryptographic algorithms like AES-256 and SHA2-512. By integrating security features into hardware, no FPGA fabric needs to be dedicated to security, ensuring efficient utilization of resources.

The MachXO5-NX includes an FD-SOI’s layered architecture that reduces leakage current resulting in 75% lower power consumption and a 100x reduction in soft errors. Meaning it can be used in electrically noisy and radiation-prone environments.

Another problem this chip solves is the code capture risk, a code capture is done after Glitching a chip. Glitching is a process where you power the chip with an electrical pulse or voltage fluctuation that causes the chip to temporarily malfunction, which allows the hacker to bypass the security and configuration flags and then malicious code can be executed or code can be copied from the memory.

Lattice MachXO5D NX FPGA dev board top and bottom view

The company also offers the MachXO5-NX development board built around the MachXO5-NX-25 FPGA and with a range of features for secure control and system management. It provides flexible I/O options including SGMII, and ADC, and to make it more interesting it is compatible with various expansion headers like Arduino, Raspberry Pi, and FX12. Additionally, it supports multiple configuration modes (JTAG, I2C/I3C, SPI), onboard programming via USB, and includes components like HyperRAM, LEDs, switches, and buttons for demonstration and prototyping purposes. The board is designed to make the development process simpler.

I was not able to find any purchasing link for the FPGA IC itself, but I found a Digikey listing where the development board can be purchased for $199. More information about the chip can be found on the company product page or the press release.

LFMXO5 25 EVN
Lattice MachXO5D-NX FPGA Dev Kit from DigiKey
Share this:
FacebookTwitterHacker NewsSlashdotRedditLinkedInPinterestFlipboardMeWeLineEmailShare

Support CNX Software! Donate via cryptocurrencies, become a Patron on Patreon, or purchase goods on Amazon or Aliexpress

ROCK 5 ITX Rockchip RK3588 mini-ITX motherboard

One Reply to “Lattice MachXO5D-NX FPGA family enables Hardware Security in Programmable FPGAs”

Leave a Reply

Your email address will not be published. Required fields are marked *

Boardcon Rockchip RK3588S SBC with 8K, WiFI 6, 4G LTE, NVME SSD, HDMI 2.1...
Boardcon Rockchip RK3588S SBC with 8K, WiFI 6, 4G LTE, NVME SSD, HDMI 2.1...