Security
The GR765 includes an Isolated SoC that can be used for system control and security functions up to providing the whole system with security by acting as a Hardware Security Module (HSM). This isolated subsystem operates independently and communicates with software running on the main system through a mailbox interface. Key features enabled by the system include authenticated boot of Operating System and software assets,unique device identification, hardware-based root of trust, and comprehensive key management and operations. The Isolated SoC supports secure message signing and verification, utilizing both symmetric and asymmetric cryptography,including Post-Quantum Cryptography (PQC). The subsystem include accelerators for crypto applications and the functionality is controlled by firmware that is under control of the system integrator. Example software is provided with theGR765. Application-specific requirements will necessitate firmware changes,with the integrator having the option to develop their own solution or license third-party solutions with security certifications.
Furthermore, the GR765 features logic for quantum-secure authenticated boot, implemented without any software components. The core combines ECDSA and ML-DSAsignature schemes to verify the authenticity and integrity of binary images loaded into the system during the boot sequence,
The architecture includes additional security features such as functional and timing isolation through features in the on-chip interconnect, processor memory management units, and an IO bridge with an IO Memory Management Unit and IO Physical Memory Protection functionality.
In NOEL-V RISC-V mode, the architecture also has support for the RISC-V Control Flow Integrity extensions.
eFPGA
The GR765 includes a radiation-hardened embedded FPGA (eFPGA) with 32k LUTs . Directly interfacing with SpaceFibre and WizardLink communication interfaces, the eFPGA can optimize data decimation tasks and offer efficient in-hardware processing. The eFPGA is also well-suited for implementing glue logic to connect with custom external interfaces. Being radiation-hardened there is no need to apply Triple Modular Redundancy (TMR) or scrubbing to the eFPGA designs. The GRLIB IP Library includes a collection of VHDL IP cores optimized for the eFPGA.
On-chip high-speed memory interconnect
The on-chip striped interconnect between the processor cores and the L2 cache and between the L2 cache and the DDR memory controller allow concurrent accesses to different L2 cache memory banks and DDR memory. This feature increases the bandwidth and minimizes interference between cores. The system can be configured in an isolated mode that makes useof the dedicated communication channels to remove inter-core interference for memory accesses and simplifies worst-case execution time (WCET) analysis.
SpaceFibre and SpaceWire
The SpaceWire router is also integrated with the SpaceFibre controller. SpaceWire data from/to multiple payloads can be aggregated in a single SpaceFibre High Speed Serial Link without software intervention.