Sentry solutions stack & SupplyGuard service deliver end-to-end supply chain protection with dynamic trust

12 August 2020


Sentry solutions stack delivers RISC-V-based, NIST-compliant, real-time, dynamic PFR software solution that reduces time-to-market from many months to just a few weeks. Meanwhile, SupplyGuard service preserves trust throughout unprotected supply chains, protecting against counterfeiting, overbuilding & Trojan insertion.

Low power, programmable logic specialist, Lattice Semiconductor has launched its Lattice Sentry™ solutions stack and Lattice SupplyGuard™ supply chain protection service. The Sentry stack is a robust combination of customisable embedded software, reference designs, IP and development tools to accelerate the implementation of secure systems compliant with NIST Platform Firmware Resiliency (PFR) Guidelines (NIST SP-800-193). The Lattice SupplyGuard service extends the system protection provided by the Sentry stack throughout today’s challenging and rapidly changing supply chains by delivering factory-locked devices to protect them from attacks such as cloning and malware insertion, and enables secure device ownership transfer. These hardware security solutions are increasingly important for a range of applications, including communications and data centres, industrial, automotive, aerospace & defence, and client computing.

According to Patrick Moorhead, founder & President of Moor Insights & Strategy: “5G, Edge computing and IoT are accelerating the pace at which devices are becoming connected, and security concerns are on the rise among high-tech OEMs serving every market. Developers need to know their hardware platforms are secured against cyberattack and IP theft. They need security solutions that support comprehensive protection throughout a product’s entire operating life in the field, which means the solution must be able to dynamically adapt to an evolving threat landscape.

Lattice continues to execute to our solutions stack roadmap and strategy to provide our customers with easy to use, system-level solutions for key focus applications. The Lattice Sentry solutions stack makes it easy for customers to implement a hardware Root-of-Trust (RoT)-based PFR solution compliant with the NIST SP-800-193 guidelines,” said Deepak Boppana, Senior Director, Segments & Solutions Marketing, Lattice. “With Sentry’s validated IPs, pre-verified reference designs and hardware demos, developers can quickly customise the PFR solution by modifying the C code provided with the RISC-V and Propel design environment to cut time-to-market from ten months to just six weeks.

The security paradigm is changing, and firmware is an increasingly popular attack vector. The National Vulnerability Database reported that between 2016 and 2019 the number of firmware vulnerabilities grew over 700%. Meanwhile, Gartner has said that by 2022, 70% of organisations that do have a firmware upgrade plan in place will be breached due to a firmware vulnerability. Protecting systems against unauthorised firmware access requires dynamic, persistent, real-time hardware platform security for all connected devices. This includes securing component firmware from unauthorised access and enabling the system to automatically protect, detect and recover from an attack in an instant. TPM and MCU-based hardware security solutions use serial processing and therefore simply cannot deliver the real-time performance that parallel processing solutions like Lattice FPGAs can.

To provide them with peace of mind in a constantly changing and increasingly risky supply chain environment, Lattice developed our SupplyGuard service to help our customers securely provision their devices, while lowering their overall costs,” said Eric Sivertson, Vice President of Security Business, Lattice. “With Sentry and SupplyGuard, Lattice delivers comprehensive, truly parallel, nanosecond reactive, next-generation security to enable dynamic trust for our customers and the users of their products.


Key features of the Lattice Sentry solutions stack include:

•    Hardware security capabilities – the Sentry solutions stack provides a pre-verified, NIST-compliant PFR implementation that enforces strict, real-time access controls to all system firmware during and after system boot. If corrupt firmware is detected, Sentry can automatically rollback to a previously known good state version of the firmware, so secure system operation continues without interruption.

•    Compliance with latest NIST SP-800-193 standard and CAVP (Cryptographic Algorithm Validation Program) certifications – the stack enables implementation of a hardware RoT through its support for the cryptgraphically-sound Lattice MachXO3D™ family of FPGAs.

•    Ease-of-use – developers can drag-and-drop Sentry’s validated IPs and modify the included RISC-V C reference code in the Lattice Propel design environment without any prior FPGA experience.

•    Rapid time-to-market – the Sentry stack provides pre-verified and tested application demos, reference designs and development boards that can slash development times for PFR applications from ten months to just six weeks.

•    Flexible, platform-agnostic security solution – Sentry offers comprehensive, real-time PFR support for firmware and programmable peripherals. It can act as a RoT in a system and/or complement any existing BMC/MCU/TPM-based architecture for full NIST SP-800-193 compliance.

Key features of the Lattice SupplyGuard supply chain protection service include:


•    Robust security throughout device lifecycle – SupplyGuard is a subscribed service that offers OEMs and ODMs peace of mind by tracking locked Lattice FPGAs through their entire lifecycle, from the point of manufacture, through transport throughout the global supply chain, system integration and assembly, initial configuration and deployment. SupplyGuard helps protect OEMs by:

     o    Ensuring only authorised manufacturers can build an OEM’s design, regardless of their location.

     o    Providing OEMs with a secure key infrastructure to prevent the activation of their IP on unauthorised components, to stop product cloning and overbuilding.

     o    Securing devices against the download and installation of Trojans, malware or other unauthorised software, to protect platforms and systems against equipment hijacking or other cyberattacks.

•    Flexible, low-cost implementation – SupplyGuard is highly customisable to meet the specific security and supply chain needs of OEMs in every industry Lattice serves. The service lowers the operating costs associated with implementing a secure manufacturing ecosystem.

For more information on the Lattice Sentry solutions stack, please visit:

For more information on the Lattice SupplyGuard supply chain protection service, please visit:

Contact Details and Archive...

Print this page | E-mail this page