SemiWiki.com - Podcast EP303: How Lattice Semiconductor is Addressing Security Threats From the Ground Up with Mamta Gupta
Episode Date: August 15, 2025Dan is joined by Mamta Gupta, She leads the Security Product Marketing, Datacenter and the Communications Segment Marketing Teams at Lattice. She brings with her over 20 years of FPGA experience in pr...oduct development with special focus on security, aerospace and defense segments. Dan explores the growing area of cybersecurity… Read More
Transcript
Discussion (0)
Hello, my name is Daniel Nenny, founder of Semiwiki, the open forum for Semiconductor Professionals.
Welcome to the Semiconductor Insiders podcast series.
My guest today is Momta Gupta from Ladis Semiconductor.
She leads the security product marketing data center and communications segment marketing teams.
She brings with her over 20 years of FPGA experience in product development,
with special focus on security, aerospace, and defense segments.
Welcome to the podcast, Malta.
Thank you, Daniel.
Glad to be here.
Before we take a deep dive into FPGAs,
what initially drew you to the intersection of hardware and cybersecurity
and what makes security at the silicon level
such an important focus today?
So, Daniel, I have always been fascinated
how science, technology, and trust
they intersect. My education was in quantum physics. I have a master's in quantum physics. And that rigor, you know, prep me for the field of cryptography. So, you know, who knew? And then my first technology job was in aerospace and defense sector. And there in the mission critical systems, you know, we saw the importance of security by design.
especially at the hardware level.
And, you know, if you didn't have trustworthy chips,
then everything that was built on it,
software, data, or communications could be compromised.
So that experience and, you know, the rigor that I learned
through my education, they shape my belief
that silicon level security is essential.
And then now we see that as devices are becoming more and more connected, you know,
smart factories, autonomous vehicles or personal consumer electronics, attackers are now targeting the
lowest level of the stack, which is firmware. And then the microcontrollers who run that
firmware, so the silicon itself. That's why a silicon level protection is no longer
optional it needs to be considered as a bedrock for securing the full life cycle of a
device and when i say full life cycle from manufacturing to deployment to updates and even
decommissioning and just to add a little thing like why do i mention my education
about physics because that prepped me for my current role where i've been leading post quantum
strategy for that is for last three years and i've kept an eye on what was happening
with a quantum computer landscape and then got sensitized to how critical post-pondum
cryptography is. So it kind of, you know, when you look back, it all kind of jails.
Yeah, definitely. So, Momta, FPGAs are known for their flexibility and real-time adaptability,
right? They're programmable. Maybe for our listeners, less familiar with the technology,
how exactly do FPGA's help embedded security directly into the device? What capabilities make them
uniquely suited for this role.
So before I dive into what FPJS can do, let's do a contrast and, you know,
with the most traditional chips called ASICs or application specific ICs.
They are more common.
People are more used to them, but they are hardwired for specific tasks.
So once they're built, you can change their features.
And that can be a problem in security where threats and standards,
are always evolving. Now, FPGAs or field programmable gate arrays are a different kind of silicon chip, you know, they are reconfigurable hardware. So what do you mean by reconfigurable? You can program them. So they come to you as blank slates. And you can pretty much program them into any kind of a specific function. And then when it applies to security, so you could program them into doing,
secure boot or having you know encryption engines into them or doing attestation or
tamper detection and then you can also reprogram them so you can update them later in
the field so that means you get the performance and trust of of silicon of the
hardware but the flexibility of software so this is a very unique advantage of
FPGAs where they act as silicon you know they have that trust anchored
nature, but they give you the flexibility to be updated.
We see our data center customers using FPGAs
to enforce secure boot.
And then if the new crypto standards emerge
or the key lengths change, they upgrade the FPGA
to stay compliant without needing to redesign their hardware.
So FPGAs give you a lot of flexibility
to stay with the evolving threats in security.
Interesting. So with everything from smart factories to autonomous vehicles relying on connected
systems, what are the biggest security risks you're seeing at the hardware level? And how is
Lattis working to mitigate those threats? So we see two major risks, formware attacks and
supply chain attacks. So now, firmware attacks are really, I would use the word insidious,
because the adversaries are compromising the system even before the OS boots.
So they can bypass the rest of the system's defenses.
Once your firmware gets corrupted, it's very hard to then enforce any other security or a patch
to do that because now you have corrupted the route.
And then, on the other hand, supply chain attacks happened before even the device
reaches the customer.
Somebody could tamper the hardware or send you a spoof device
or could embed a Trojan in it.
So the tampering could happen during manufacturing,
during shipments, and other distribution channels.
So these two attacks are very common.
Now, Lattuses, secure FPGAs are designed to mitigate
both we implement for firmware security you know we have a cyber resilience solution so we believe
that you know it's not a matter of whether you will be attacked or not we we put our you know
bet on that yes you will be attacked but the you know the system that will survive is a cyber
resilient system that can recover from that that can detect the attack that can protect itself and
And even if there is some compromise or something has happened, it can recover from it.
So we have these cyber resilient solutions where we do secure boot, we do hardware-based
attestation, we do platform firmware resiliency or PFR, and we protect the cryptographic keys.
And then we also enable to mitigate the supply chain attacks. We enable something called
life cycle security. That means the device is protected not only
you know, when it is booted. It is protected when it leaves our factory. And it is also
protected during firmware updates. It is protected during remote servicing, even decommissioning.
So there are, we have measures and solutions available that will allow
security to be implemented or solutions to be implemented to thwart all these supply chain attacks.
So hence, you know, then we can ensure that the platform remains trustworthy from manufacturing,
that when it leaves our factory, to when you are actually using and then ultimately decommissioning
to end of life, all the way through stock to finish, stays trustworthy.
You know, we've heard a lot about designing for security from the ground up.
What does that really look like in practice when working with OEMs or partners integrating Lattice?
FPGAs.
Yeah, this is a great question because what we realize or see a lot of times in the market
is that security conversations are happening reactively.
Oh, somebody breached my system or, you know, some regulation came up.
Now I have to go back and patch my security.
That is always more costly and more than half of the times is not that effective to actually secure yourself.
So you have to look at embedding security into the earliest design conversations.
And this is where we act as trusted partners for our customers, where we sit down with them, we co-architect and we define where their trust anchors should.
be placed, how their firmware should be verified, how should they stay agile so that they can
change their solution and stay in step with the evolving threats and regulations. Now when I say
trust anchor, what I mean is it's a component in the system, not typically embedded in
hardware that will serve as your starting point for verifying everything.
else. So it's like a root of a tree and hence it is also called root of trust. You know, if your
root of trust is strong, rest of the system, you can build a chain of trust on it and you can
build that security ground up and you can bubble up that trust. Even if your upper layers are
firmware, software, you can still bubble up hardware rooted trust up. But this can only happen
when you are designing security ground up.
Now, in a server, you know, we see placement of a route of trust to do secure firmware loading,
to do signed updates.
In telecommunication systems, you know, they use routes of trust to protect controls interfaces,
and they also secure their telemetry data.
So we work hand in hand with our customers to implement research.
against specific threats like rollback attacks.
We enforce key hierarchies and key ownership models.
We also sit down and map threat surfaces for them
so that we can give them just enough security
so that all of their threats are covered.
So we are not going to build a battle tank when you don't need it.
So that's where, you know, acting as partners with our customers
And more and more with our presence in the market
and with our robustness of multi-generational solutions,
security solutions, we have gained the trust
of our key customers and they co-architect with us.
And hence, the result is a system that is secure by design.
It's not a patched up after deployment.
So there has to be that mind shift or mindset shift.
We got to move on.
you know, I jokingly call it from bolt on to built in.
So you've got to start early and you've got to think about your trust anchors.
You've got to think, how are they protected?
How is your system?
How are you bubbling up the trust from a hardware route of trust?
And how can organizations balance securing the hardware layer while also updating software applications?
You know, while they're under pressure from evolving threats like AI and quantum computers,
And, you know, as we look ahead to the post-Quantum era, how is Lattis approaching the challenge of building quantum-resistant hardware security?
Yeah. Very, very timely point. The whole industry is grappling with these two emerging issues.
So we are in a very pivotal moment on the security front. You know, on one side, quantum computers are
threatening or that threat is going to compromise our traditional public key
cryptography that is based on our traditional way of doing you know ECC and RSA and
ECDH all of that is going to be broken by quantum computers so quite a few people
come up and say hey but I'm using ECC-256 I'm going to move to 384 or you know
higher key lengths or I'm using
RSA 2K and I'm going to move to RSA 4K and my reply to them is look for in front of a
quantum computer these are like sheets of paper it's like bullet to a sheet of
paper so you have one sheet of paper or four sheets of paper it doesn't really matter
quantum computers can easily break traditional public key cryptography
hence there is a rising alarm in you know various cryptographic bodies like NIST
like NIST and even a nation-states, USA has taken a pretty hard stance that if we are going
to protect our national secrets, then there has to be a level of trust that will sustain
the attack from a quantum computer. Hence, the commercial arm of NSA, CNSA, has released
their 2.0 guidelines. Actually, it's not a guideline, it's a mandate, that if you are participating
and critical infrastructure in the U.S. market, you better be compliant to this new requirement,
which is the CNSA 2.O requirement. And it enforces that you will move away, you will decommission
public key, traditional public key cryptography, and you will move to the new algorithms they're
defining like Crystal Skyber or Crystall's Dilithium. You know, I'm showing my age here. Now they're called
ML-KEM or MLDSA or XMSS-LMS for, you know, hash-based stateful signatures,
AESG-CM, and SHA-3 from the symmetric side.
And this is what we have adopted.
We said, okay, we are going to become our offer solution to our customers
that will be fully CNSA-2.O compliance.
So we didn't cut any corners.
We are not offering, okay, here is a, here is one.
one algorithm if you implemented, let's say LMS,
you will get a checkmark against that CNSA 2.0 compliance.
No, we are going all in and we are fully compliant
to CNSA 2.0 requirements and we are supporting
all of these algorithms.
We are also updating our security flows like Secure Boot,
PFR, platform from their resiliency, as I mentioned before,
and SPDM, which is the CECDM,
which is the security protocol and data model for attestation.
It is becoming very, very common.
And all of our data center and telecommunication
customers are asking for SBDM support
for their secure, authenticated communication
between system components.
And the new SPDM spec that is in the works
will ask for post-quantum security.
And we are ready for it.
So this is the readiness for being ready for quantum computing.
And by the way, CNSA 2.0 for data center and telecommunication,
that deadline is 2026.
You've got to figure out your solutions by 2026.
So there is a lot of mad scramble going on in the market right now
in these two sectors to get, you know,
have some kind of a post-quantum solution put in place.
Now on the AI side, we are focusing,
on data provenance. Basically, AI is as good as the training data that you are feeding it. If the
data is corrupted or spoofed, the results of your AI are going to be unreliable. Hence, the data that is
being fed into these training models has to be verifiable. If somebody is trying to train based
on let's say sensor data that their pressure sensors are collecting in the pipelines or something
like that and they are training for predictive maintenance and all that and then suddenly they have
a set of data that is not coming from their sensors actually it is it is a spoof data made up data
how do you know that you know which data was actually collected by our sensors versus somebody just
imagine it.
So hence the data must be verifiable.
And this is where we are investing a lot of thought and action.
We are considering augmenting our route of trust devices
so that we can, so all of our root of trust devices
can use cryptographic hashes and signing at the hardware level
to ensure that data is properly signed and its integrity
and identity can be checked.
And we are also looking at something
called lightweight crypto, because now if you're
collecting the data at the edge,
you may have much lesser compute power
or compute budget available.
So you can't run big hash functions.
So you might be looking for something more lightweight.
So we are innovating in that area as well.
You know, many organizations still focus on, you know, most of their cybersecurity efforts on the software layer.
What's your message to IT leaders or CISOs about why Silicon Security deserves more attention and investment right now?
I've had these conversations so many times.
So let me be blunt.
If I have to give a message, I'll give this message.
that if your hardware or firmware gets compromised,
then no amount of patching will make your system safe again.
So ultimately, you know, yes, we can do virtual machines,
we can do software layers, but ultimately the trust starts at some piece of hardware,
which is running some kind of firmware in today's world.
And if that piece of hardware is not trusted, then it is very hard to build, you know, a very secure system just using the software layers.
So the silicon level security has to be the root of your entire cybersecurity stack.
You should ask, do I trust the device from which I am, you know, bubbling up the trust into my software layers?
Is this device trusted and secured the moment it powers on?
Can I verify its integrity before loading my software?
How is this device getting updated?
And, you know, so these are all hardware-rooted questions,
and they need hardware-rooted answers.
So CISOs should ask these questions.
And then ask for silicon-level protection
So that whatever they build on top, the apps, the data, policies, now they can be assured that it can operate in a known good environment.
So I would say, ask where your trust anchors lie and ask if they are protected with the latest cryptography.
Have they been updated to CNSA 1.0? Now are they ready for CNSA 2.0?
You know, so all of these questions will make your system more robust.
It will give you visibility into where your trust is actually coming from.
Okay, Momtap, final question.
Looking ahead, what innovations or threats do you think will shape the next five years of hardware-based security
and how is lattice preparing to stay ahead of them?
Five years.
In this fast-changing AI-driven world, five years.
is going to prove a very long time.
But I believe our next five years are going to be shaped by three forces, especially the
security landscape.
The use of AI to scale cyber attacks, arrival of the quantum risk, and the sweeping changes
in how nation states and governments look at their cybersecurity as a national asset, as a national,
you know, they equate cyber security with national security. Hence, you will see sweeping changes
in global security regulations. Today, normally, you know, nation states tend to stay out of it
and let the business manage and let the market drive it. But you will see more and more stringent
regulations being very prescriptive. And we are getting a taste of it in CNSA 2.2. Now, let's go through
these one by one. You know, I talked about AI to scale cybertax. So what's happening there is that
attackers are now using AI to find vulnerabilities faster. And so AI is just accelerating
and doing it better than what we were doing already. So they are using AI to attack faster,
to find vulnerabilities faster. And then again, and then we see, as I talked about, the data
corruption for AI, that, you know, they could corrupt the data. They don't have to come in and
corrupt your security at the corporate. They could corrupt the data that you're collecting
to train your AI and they could really harm your long-time results, business results, and even
national security. And then quantum computing, of course, will render today's public key
encryption obsolete. So, you know, we encrypt data and we just forget about it. Oh, it's all
encrypted, protected. But no, now you have to go back and look, okay, what did I keep where? And now I
have to probably either re-secure it with post-quantam thing or I will have to put another level of
security somehow so that it stays protected. And then when governments are responding with
mandates, like in EU, the Cyber Resilience Act and, you know, the CNSA 2DOTO, as we talked about,
the zero trust policies, you will be asked for platform accountability.
In EU Cyber Resilience Act, I have never seen this kind of teeth as they have put in there.
They could find you multiple percentages of your annual revenue.
If the fault is found in your system, that has compromised the cyber resiliency of a wider network or system, they could really hurt your bottom line.
So this platform accountability, we have to get ready for it.
And hence, I see a lot of concern coming from these kind of strict regulations.
So now, how is that is preparing for it?
So we are focusing on a lot of innovation.
First of all, we are, every 18 months,
we are introducing a new generation of root of trust devices.
We are constantly upgrading our technology.
We are staying at the cutting edge.
We are wholeheartedly adopting these new PQC algorithms.
We are not cutting corners.
We are saying, okay, if CNSA 2.0 wants you to have lattice-based and hash-based
you know, AESG, CM, and SHAA.
For different use models, we are an FPGA provider.
We have a very diverse base of customers.
We are going to support all of these.
We're not going to pick and choose.
Our customers should have the flexibility to pick and choose.
So that's where we are investing.
We are also building in crypto agility.
So there is a concern in the market
that these PQC algorithms are going to evolve.
The math is very new.
So to hedge the bets, people want to know either you can support hybrid
cryptography, which is current public key plus PQC, or you can have the
crypto agility to actually update the algorithm.
And we have a patent-pending innovation where we can actually securely update the algorithm.
So we are investing in that.
We are also exploring innovations like, you know, QRNG.
quantum random number generation that could provide stronger entropy sources for future key
generation. And then on the other end, so this is one end of like really bleeding edge. And then
you go on the other end, as I talked about the lightweight crypto for devices at the edge, you
need to secure devices that are collecting the data that will train your AI. And then all the
standards. We're keeping a very close eye on like standards like SPTM and DICE that are ensuring zero
trust. So we are making sure that we stay abreast of any new specification that comes out and we
support it in our devices and we stay ahead of the curve. That is our philosophy and we are backing
it up with our investment and our product releases. So yes, we are heavily invested and
preparing for what's coming for next five years.
Great conversation. Thank you, Momta. It's a pleasure to meet you and I hope to have you
back again sometime. Thank you, Daniel. It was a pleasure talking to you.
That concludes our podcast. Thank you all for listening and have a great day.