FortiTrust
Hardware Root of Trust
What Is FortiTrust?
FortiTrust provides a complete, high-assurance hardware Root of Trust (RoT) framework built on FortifyIQ’s intrinsically secure cryptographic engines. It delivers secure boot, key management, attestation, and lifecycle controls with exceptionally high PPA efficiency.
These fully customizable Roots of Trust are designed for a wide range of applications. They are hardened against side-channel and fault injection attacks, ensuring strong security even in highly constrained or hostile environments, or where insider attacks are a threat.
Contact Us
These fully customizable Roots of Trust are designed for a wide range of applications. They are hardened against side-channel and fault injection attacks, ensuring strong security even in highly constrained or hostile environments, or where insider attacks are a threat.
The portfolio spans variants optimized for IoT, cloud, chiplets, balanced designs, and edge-AI, providing flexible integration and performance scaling to match system needs. FortifyIQ RoTs are Caliptra-compliant and support classical and post-quantum cryptography for secure key management and on-the-fly encryption.
FortifyIQ RoTs are fully Caliptra-compatible and support classical and post-quantum cryptography for secure key management and on-the-fly encryption. They deliver all of Caliptra’s security benefits while avoiding its practical drawbacks, such as the large area footprint, rigid configuration, and integration complexity of the reference implementation. They support Caliptra‑compliant integration flows while delivering outstanding PPA in the cryptography module, making the root of trust suitable for a wide range of devices and silicon designs.
FortifyIQ Differentiators for RoT
Caliptra‑compatible, delivering all the benefits of Caliptra while avoiding its overhead, with dramatically smaller area, simple per‑device configuration, and outstanding PPA
Security Boutique, including tuning for the device’s optimal PPA balance, and optional radiation-induced fault hardening for high-altitude systems. Customization is flexible up to tape-out.
Built on FortiCryptoBox cores (AES, HMAC, PKA, PQC)
Minimal area and power despite full-featured secure services
Configurable to customer requirements (boot modes, key hierarchy, PPA)
Soft-macro & node-agnostic
Validated high assurance in internal lab, via FortiEDA, showing robust resistance to side-channel and fault injection attacks
Unified API across software and hardware for AES, HMAC, ECC/RSA, and PQC, enabling seamless migration between SW and HW implementations without changing the security stack, preserving secure‑boot, attestation, key‑management, and lifecycle flow
Features
- Secure boot and measured boot
- Key generation, storage, and attestation
- Lifecycle and debug control
- Fault and side-channel-hardened cryptographic operations
- Per‑device configurability, including PPA tuning and security parameter
- Interface and API compatibility for SW HW migration
Use Cases
- Automotive ECUs and domain controllers
- Industrial control systems
- Routers, gateways, and telecom equipment
- Aerospace and satellite platforms
- Consumer electronics requiring long-term trust
Available Products
FortiTrust Roots of Trust (HW)
-
FIQ-RoT00B
General Purpose – Balanced -
FIQ-RoT01B
Edge AI – Balanced -
FIQ-RoT02F
Data Centers – Balanced
-
FIQ-RoT03C
IoT – Compact -
FIQ-RoT04B
Chiplet – Balanced
Integration Simplicity
FortiTrust integrates as a modular RoT subsystem with standard interfaces, and can be tailored for different architectural requirements.
Certification & Assurance Readiness
Designed for FIPS 140-3/4, SESIP 5, and CC EAL6+ (AVA_VAN.5).
Why Choose FortifyIQ for RoT
FortiTrust provides high-assurance, evaluation-ready trust anchors with industry-leading PPA efficiency.
