Designed against every major silicon security standard
The zeroRISC root-of-trust IP is designed against six silicon security standards: FIPS 140-3 Level 3, DICE DMTF DSP0267, TPM 2.0, NIST SP 800-193, OpenTitan v2.1, and ISO/SAE 21434.
FIPS 140-3: Cryptographic Module Physical Security
FIPS 140-3 (based on ISO/IEC 19790) is the federal standard governing cryptographic module validation in the United States. Level 3 adds physical security requirements on top of Level 2's tamper-evidence requirements: modules must include tamper-detection and tamper-response mechanisms, and authentication must use multi-factor identity-based authentication.
The zeroRISC IP is designed against FIPS 140-3 Level 3 requirements throughout its architecture — the physical security posture, cryptographic algorithm selection, and operator authentication model are all built to Level 3 from first principles. The design validation documentation included in the license package covers this scope.
What this means for OEM tape-out
- The cryptographic module design has been validated against Level 3 requirements — the audit work on the IP itself does not need to be repeated
- Algorithm validation records (AES, SHA, ECDSA, DRBG) are part of the documentation package
- Physical security mechanisms are pre-designed — OEM addresses package-level security per their product requirements
- CMVP product module submission for your end device is your team's process — zeroRISC does not file or manage CMVP on your behalf
DICE: Device Identity Composition Engine
The DMTF Device Identity Composition Engine specification (DSP0267) defines the architecture for hardware-rooted device identity that survives across firmware updates and software compromises. It describes how a Unique Device Secret is combined with firmware measurements to derive layered identity keys and attestation certificates.
The zeroRISC attestation engine implements DSP0267 v1.2.0. The Unique Device Secret is provisioned in OTP at manufacturing and never exported. CDI derivation uses HKDF-SHA256 with the firmware hash as the context input. Certificates are signed with ECDSA-P384.
TPM 2.0: Platform Configuration Register Attestation
The Trusted Computing Group TPM 2.0 specification defines a standardized interface for a trusted subsystem that manages cryptographic keys, performs attestation, and maintains measurement logs in Platform Configuration Registers (PCRs). Many embedded and IoT device OEMs target TPM 2.0 profile attestation interoperability.
The zeroRISC root-of-trust maps to the TPM 2.0 discrete platform profile. The DICE attestation certificate chain can be presented through a TPM-compatible attestation protocol, enabling integration with existing TPM 2.0-aware attestation infrastructure (e.g., Azure Attestation, Google Cloud Attestation).
NIST SP 800-193: Platform Firmware Resiliency
NIST Special Publication 800-193 defines guidelines for platform firmware resiliency, organized around three functions: Protect (prevent unauthorized modification), Detect (identify corruption), and Recover (restore to an authenticated state).
zeroRISC IP contribution to each pillar
- Protect: Lifecycle state machine prevents firmware modification after PROD lock. OTP-backed configuration storage is immutable post-provisioning.
- Detect: DICE attestation chain measures each firmware stage at boot. Measurement mismatch results in a failed certificate chain that the remote verifier rejects.
- Recover: RMA lifecycle state re-enables controlled debug access for firmware recovery under authenticated authorization.
ISO/SAE 21434: Automotive Cybersecurity Engineering
ISO/SAE 21434 defines requirements for cybersecurity engineering throughout the automotive product lifecycle, including threat analysis and risk assessment (TARA), security goals, cybersecurity concepts, and product development from concept through decommissioning.
For automotive silicon OEMs, the root-of-trust IP directly satisfies security goals around hardware identity establishment, secure boot chain integrity, and lifecycle management — all key elements of TARA findings for ECU and gateway devices.
Request the Standards Compliance Summary
Full compliance mapping document — FIPS scope, DICE test vectors, TPM profile mapping — available after NDA.