Tortuga Logic Bolsters Emerging Design-for-Security Market With Toolkit to Transform Hardware/Systems Developers' Approach to Security
New Hardware Design Tools Eliminate Hardware Security Breaches
Tortuga Logic today announced immediate availability of its comprehensive Prospect Hardware Security Design and Analysis Toolkit, transforming the way hardware designers and system architects test the security of hardware designs.
"The semiconductor industry needs to redirect its attention from only analyzing software vulnerabilities to identifying ways to detect security issues in hardware designs," says Dr. Jason Oberg, co-founder and chief executive officer (CEO) of Tortuga Logic. "As more and more devices are designed to be Internet enabled, the more we need to be concerned about hardware security. Hackers are focusing now on hardware."
Tortuga Logic, founded by accomplished hardware security experts and not developers steeped in electronic design automation (EDA), is part of the emerging Design-for-Security market. Its goal is to solve security-specific problems, minimizing security breaches in hardware and systems by automating the process of verifying their security properties. Prospect is able to uncover hidden bugs and prove the absence of vulnerabilities in hardware designs.
The Security Market
Cisco predicts that 50-billion devices, such as automobiles, consumer electronics, medical devices and wearables, will be connected to the Internet by 2020, many potentially susceptible to cyberattacks.
Current security analysis software tests embedded software, assuming the hardware is secure when it may not be. Typical security practices for hardware design consist of manual code review, where security engineers sift through thousands of lines of code written by a separate hardware design team to find security vulnerabilities. If a security issue is found, the hardware design team makes changes and the cycle repeats, an unreliable design and review process that does not scale.
Without building security in from the beginning, it is not possible to build a secure system. Moreover, many of the security properties built into the hardware eliminate an enormous class of software-based attacks.
Prospect performs hardware security analysis, automating the process and enabling it to scale. The result is hardware that is safer and less vulnerable to cyberattacks.
How it Works
Prospect's patented technology defends against specific types of hardware attacks that other software does not. Prospect analyzes security vulnerabilities of hardware designs written in hardware description languages (HDL) such as SystemVerilog, Verilog and VHDL. Prospect checks the design and ensures that confidentiality and integrity properties are being enforced.
It proves that sensitive information, including passwords, encryption keys and biometric data such as fingerprints, will only travel to parts of the system designated as "trusted," preserving confidentiality. It can prove functional isolation from critical and non-critical components to ensure integrity and safety.
Prospect reads an HDL description of the design and performs a thorough analysis to uncover a broad range of vulnerabilities. It does so by automatically generating System Verilog assertions and instrumentation from a high-level description of the security properties. This information is passed to an integrated formal verification platform, included as part of Prospect, which performs an exhaustive proof evaluation. Issues can be debugged using a specialized GUI and generated counter examples.
Prospect leverages 360™ DV Verify from OneSpin Solutions as its formal platform, and is versatile and able to operate with other formal tools. Prospect is shipping now. Pricing is available upon request.
Introducing Tortuga Logic and its Founders
Tortuga Logic, founded in 2013 and headquartered in San Diego, Calif., derives its name from the Spanish word for turtle, Tortuga. A turtle has a hard, impenetrable shell, which is what hardware should have in today's world, believes Dr. Oberg and his co-founders, computer scientists from the University of California, San Diego and University of California, Santa Barbara.
In addition to Dr. Oberg, the founders are chief operating officer Dr. Jonathan Valamehr, Dr. Ryan Kastner and Dr. Tim Sherwood, all experts in hardware security.
Dr. Oberg developed much of the company's intellectual property as part of his Ph.D. thesis. He holds a Bachelor of Science (B.S.) degree in Computer Engineering from U.C. Santa Barbara, and Master of Science (M.S.) and Ph.D. degrees in Computer Science and Engineering from U.C. San Diego.
Dr. Valamehr was formerly a computer architect, and leveraged emerging technologies and cross-disciplinary tools to build secure, high-speed microprocessors. He received Ph.D., M.S. and B.S. degrees in Electrical and Computer Engineering from U.C. Santa Barbara.
Dr. Kastner is a professor in the Jacobs School of Engineering at U.C. San Diego. His research focuses on computer system design with a focus on critical and real-time applications. Dr. Sherwood is a professor in the department of Computer Science at U.C. Santa Barbara, specializing in the development of novel computer architectures for security, monitoring, and control.
Tortuga Logic is a member of the EvoNexus technology startup incubator founded in 2009 by former Peregrine Semiconductor's Rory Moore who serves as CEO. Tortuga Logic's funding comes from angel investors and the National Science Foundation's Small Business Innovation Research (SBIR) program.
About Tortuga Logic
Tortuga Logic, Inc., based in San Diego, Calif., is part of the emerging Design-for-Security market and has the goal to solve security-specific problems, minimizing security breaches in hardware and systems by automating the process of verifying their security properties. It has developed a comprehensive Hardware Security Design and Analysis Toolkit, transforming the way hardware designers and system architects test the security of hardware designs. More information can be found at: www.tortugalogic.com Email: firstname.lastname@example.org