Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide

Security

LowRISC acquires NewAE Technology

Founded in 2018 at the University of Cambridge Computer Lab, not-for-profit company lowRISC has acquired NewAE Technology, Inc., a privately-held designer and manufacturer of broadly accessible silicon security analysis tools.

Image by copyright Shutterstock

The acquisition brings added momentum to lowRISC, whose OpenTitan project – a collaboration between lowRISC, Google, Western Digital, Seagate and other commercial and academic partners – has created the first transparent, high-quality reference design and integration guidelines for silicon root of trust (RoT) chips. As an open source project, OpenTitan enables the larger community to proactively audit, evaluate and dramatically improve the security properties of the chip design. With the addition of NewAE Technology's advanced hardware security analysis tools, OpenTitan's community of partners will now be able to conduct side-channel power analysis and fault injection attacks to uncover vulnerabilities in physical security implementations of their own silicon.

Advertisement
ODU RT 2

"NewAE's groundbreaking and accessible tools have the potential to be central to security testing of embedded silicon throughout the ecosystem," said Gavin Ferris, CEO of lowRISC. "With its open-design approach to hardware and its commitment to transparency and security, NewAE strategically complements our own open source silicon design focus, helping create transparent silicon worthy of being trusted. We look forward to continuing to support and expand upon NewAE's current product offerings, bolstering evaluation of OpenTitan's own security, and ensuring that open source hardware can be hardened against the most serious attacks."

Founded in 2014, NewAE Technology built the first commercially supported open source toolchain for advanced hardware security evaluation, including side-channel analysis and fault injection. Its signature product, ChipWhisperer, is an open source toolchain that provides a standardized capture tool for testing new analysis algorithms in real time along with countermeasures to expose weaknesses that exist in embedded systems. As such, this acquisition will enable lowRISC to develop and evaluate digital countermeasures in the open source, disrupting the market of traditionally niche security analysis tools with an approachable, accessible hardware security tool.

"LowRISC's acquisition of NewAE brings together two philosophically-aligned organisations committed to secure, open source silicon development and adoption, bringing transparency to what has traditionally been a very locked down ecosystem," said Dominic Rizzo, OpenTitan's Project Director. "NewAE's offerings will  fundamentally change the nature of OpenTitan silicon development by enabling engineers and designers in our community to be more aware of side-channel and fault-injection attacks, allowing us all to build more secure systems."

Advertisement
ADS S &P RT

Side-channel and fault-injection attacks enable attackers to break into and extract information from a secure device. Because these attacks are often non-invasive, they are difficult to detect and some of the most challenging to mitigate. With a side-channel attack, bad actors can obtain cryptographic keys by observing a device's power consumption to extract critical secrets. Fault-injection attacks occur when an attacker injects a fault into a device to disrupt its intended behavior and access information.

"NewAE and lowRISC's shared belief in open source hardware made lowRISC a natural home for ChipWhisperer and related projects," said Colin O'Flynn, CEO, NewAE Technology, Inc. "This alignment brings to the OpenTitan project expertise in precise analysis tools that visualize weaknesses in silicon that would be vulnerable to side-channel and fault-injection attacks. This lets us focus not just on security tooling, but also on an entire stack of embedded security solutions."

Advertisement
Babcock LB
Home Secretary announces major policing reforms

Security Events

Home Secretary announces major policing reforms

21 November 2024

An ambitious programme of reform to policing has been unveiled by the UK's Home Secretary, marking the start of a new partnership between government and policing.

Recruitment bias preventing STEM professionals returning to work

Aerospace Defence Security Space

Recruitment bias preventing STEM professionals returning to work

21 November 2024

Bias in the recruitment system is still preventing talented STEM professionals on a career break from returning to employment, according to a new survey by STEM Returners.

Base Materials

Defence Security

Base Materials' Subtec 11500 first with DNV TAC

20 November 2024

Leicester based Base Materials has become the first syntactic foam subsea buoyancy manufacturer to receive DNV type approval (TAC) on its Subtec 11500 material and Approval of Manufacture (AoM) for the complete range of Subtec materials.

TEKEVER gets €70m funding boost

Defence Security

TEKEVER gets €70m funding boost

20 November 2024

Provider of AI-centric Unmanned Aerial Systems (UAS), TEKEVER, has raised €70 million in a funding round led by Baillie Gifford, the investment manager and early backer of Airbnb, Spotify and SpaceX and the NATO Innovation Fund (NIF), a standalone venture capital fund, backed by 24 NATO allies, that deploys €1 billion in deep tech to advance ...

Advertisement
ODU RT 2
Allen-Vanguard and Metis Aerospace to deliver advanced counter-drone capabilities

Defence Security

Allen-Vanguard and Metis Aerospace to deliver advanced counter-drone capabilities

18 November 2024

Allen-Vanguard, a provider of customised solutions for defeating Radio Frequency (RF) based terrorist and extremist threats, has entered a strategic collaboration with domain knowledge experts in passive RF detection, Metis Aerospace.

UK and allies warn of cyber attack vulnerabilities

Defence Security

UK and allies warn of cyber attack vulnerabilities

13 November 2024

The UK and international allies issued an alert yesterday, showing an increase in cyber attackers initially exploiting previously unknown vulnerabilities to compromise enterprise networks.

Advertisement
ADS S &P RT