Security is a complex topic that covers multiple technical disciplines and areas of focus based on the threats a customer is trying to protect against, the sophistication of the adversary they are concerned about, and the environment the end product is deployed in. The Venn diagram below shows the different disciplines that encompass the term "Platform Security" and which Xilinx invests heavily in.
Assurance: Focuses on the known pedigree and heritage of the system solution provided by Xilinx. Silicon, software, firmware and soft-IP must be "Trojan-free". Supply chain security and risk management are key focus areas.
Information Assurance (IA): Information Assurance is focused on protecting the information, or data, the device is handling or processing. This is done through standard cryptographic techniques (e.g. authentication and encryption) as well as fault tolerant design methods. Fault tolerant design methods ensure that security is not compromised in the face of a fault.
Cybersecurity: While Information Assurance assures all information in all forms of media, Cybersecurity is focused on the protection of information in the cyber domain. This effectively makes Cybersecurity a subset of Information Assurance in most applications.
Anti-Tamper (AT): Focused on protecting the customers’ intellectual property (IP) that is deployed in their product and contained within the device either as hardware or software. Our customers invest heavily in their products, and Xilinx devices must protect those investments from cloning, reverse engineering or other types of attacks that can extract the IP resident in Xilinx devices.
As the Venn diagram accurately reflects, there are areas of uniqueness as well as significant areas of overlap between the disciplines. Looking holistically across all disciplines provides the best Defense in Depth approach.
Security must be considered throughout the entire product lifecycle in order to maximize the protection of a system. As an example, developing fault tolerant application level security solutions deployed on a device that does not boot securely, is like building a mansion on a foundation of sand. As can be seen from the pyramid, Xilinx and their customers have a shared responsibility to ensure the security of a system. It is also important to recognize that no system is completely immune to attack - with enough time, energy, resources and money, any system can be compromised. Security is all about managing risk, and how much investment a customer wants to make to manage that risk.
Xilinx employs world-class best practices to establish the trustworthiness of its Silicon, Software and Development Tools. An array of countermeasures are integrated into Silicon which aid in protecting against a myriad of attack vectors. The secure boot, or configuration, of our products employ a Hardware Root of Trust with Authenticity, Confidentiality, and Integrity built in.
The device, after booting securely, must maintain the security that has been established. Run-time protections are a shared responsibility between Xilinx, the customer, and the rich Xilinx ecosystem.
The base of the pyramid is established to ultimately protect the customer’s end application.
After careful consideration, Xilinx has decided to cancel all XSWG 2020 Events due to the global concern regarding the corona virus outbreak. We are taking this measure out of caution for the health and safety of our employees, customers, and partners. We greatly value these events and look forward to holding XSWG in 2021. Please check this page for updates times/locations for XSWG 2021 early next year.
The Xilinx Security Working Group (XSWG) is an annual multi-day FREE event in North America and Europe that brings together Xilinx customers from all markets, academic representatives, Xilinx Alliance partners, and government agencies and authorities to discuss the latest security topics.
The unique aspect about this working group is that an NDA is required. This allows Xilinx to present roadmap and detailed design information that would not normally be presented in such a forum. ALL PARTICIPANTS WILL REQUIRE A CURRENT NDA.
Not sure which one to attend? See below.
Event | Who should attend? |
XSWG: Xilinx Security Working Group (San Jose, CA) | Customers in commercial markets such as Communications, Data Center, Industrial, Automotive and Consumer |
XSWG: Xilinx Security Working Group (Longmont CO and Laurel, MD) | Aerospace and Defense customers |
XSWG: Xilinx Security Working Group (Munich, Germany) | Customers across all markets: Automotive, Industrial, A&D, Communications |
Cryptographic algorithm validation, via the NIST Cryptographic Algorithm Validation Program (CAVP) is an important aspect of the security solutions provided by Xilinx. The following table identifies the algorithm, and product, that has been validated with a link to the NIST website.
Vendor | Program Tier |
Location |
Helion Technology Limited |
Member | Cambridge GB |
Fidus Systems, Inc. |
Premier | Ottawa ON CA Fremont CA US Waterloo ON CA |
DornerWorks, Ltd. |
Premier | Grand Rapids MI US |
Bottom Line Technologies, Inc. |
Certified | Columbia MD US Ellicott City MD US |
Silex Insight |
Certified | Gent BE Louvain La Neuve BE |
Avnet |
Premier | Phoenix AZ US |
A2e Technologies |
Certified | Burlington MA US San Diego CA US Guadalajara MX |
Missing Link Electronics, Inc. |
Premier | San Jose CA US Neu-Ulm DE DE |
CAST, Inc. |
Certified | Woodcliff Lake NJ US São Paulo SP BR |
Logicircuit, Inc. |
Member | Alpharetta GA US |
Atessa, Inc |
Member | Pleasanton CA US |
The Athena Group, Inc. |
Member | Gainesville FL US |
Star Lab Corp. |
Member | Washington DC US |
Green Hills Software, Inc. | Member | Santa Barbara CA US |
Tortuga Logic, Inc. HW Security Solution and Verification |
Member | San Jose, CA US |
Idaho Scientific LLC |
Member | Boise ID US |
Graf Research |
Member | Blacksburg VA US |
SoC-e |
Certified | Erandio ES |
Extreme Engineering Solutions (X-ES) |
Member | Middleton WI US |
Curtiss-Wright |
Member | Kanata ON CA Ashburn VA US Newton PA US |
Rincon Research Corporation |
Member | Tucson AZ US |
intoPIX s.a. |
Member | Mont-Saint-Guibert BE |
Algotronix, Ltd. |
Member | Edinburgh GB |
WIND RIVER SYSTEMS, INC. |
Member | Alameda CA US |