Skip to main content

EnforcIT® Security Monitor

The Heart of Security

Every system has unique security, power, performance, safety, and business requirements. While many of these requirements can be addressed with the right selection of hardware and software, security is a requirement that spans nearly all parts of a system. Security is therefore both a strategic and technological problem for program managers and developers. Since it is generally unfeasible to solve security problems using a single technology, using mature security products based on established expertise is a far more effective approach. EnforcIT Security Monitor addresses complex security, performance, safety, and business requirements by providing a configurable, multilayered security IP block for Smart-Fusion®2 and IGLOO®2 FPGAs. Built using nearly a decade of FPGA security experience and built into the heart of the lowest-power and most secure FPGAs on the market, EnforcIT Security Monitor allows the end-user to configure additional layers of tamper protections and tamper response penalties through a single soft IP block.

Intelligent Security

EnforcIT Security Monitor is a single, low-resource, soft IP block capable of monitoring and responding to an assortment of internal security flags and system conditions. Taking full advantage of the tamper detectors and responses built into the FPGA silicon, it can report threats, act autonomously, or some combination thereof. Once implemented it acts as an intelligent security controller for the hardware security mechanisms packaged with the SmartFusion2 and IGLOO2.

When configured for reporting, EnforcIT Security Monitor can report to the FPGA a variety of internal security flags and system conditions. When configured to act autonomously, EnforcIT Security Monitor can respond to FPGA threats and take action, mitigating further attack by protecting or destroying critical data and design.

Configurable Security

The EnforcIT Security Monitor IP block is made up of a JTAG monitoring core, a clock frequency monitor core, a system heartbeat, and a watch-­dog timer, all working together to ensure the FPGA is not under attack. Each of these four components can emit individual tamper responses. Under tamper, the user can configure various responses up to and including device zeroization.

Each component in EnforcIT Security Monitor can be independently configured for tamper monitoring and customized for response. The entire IP block utilizes less than 5 percent of the SmartFusion 2 FPGA in a typical configuration and is easily customized by the end-user, minimizing impact to development schedules without compromising on security or performance.

Trusted Security

EnforcIT Security Monitor was built using nearly a decade of FPGA protection development experience. It can be used as part of the layered solution in NSA's Commercial Solutions for Classified (CSfC) Program. This and other Mercury cryptography, software, and hardware products including WhiteboxCRYPTO and EnforcIT are built in the U.S. in one of Mercury's trusted facilities.



Seamless Interface

Seamlessly interfaces with SmartFusion®2 SoC and IGLOO®2 FPGAs.


Configurable alarm actions include zeroize, lockdown, chip reset, and more.

Safety Controls

Safety controls permit the user to delay or cancel automatic responses.

Customizable Security

Customizable clock, JTAG, and timeout monitoring. Logic integrity and fault detection. Runtime IP version reporting.


For advanced security needs, contact about enhancing EnforcIT® Security Monitor with additional FPGA security IP cores including FIPS 140-2 certified Suite B cryptography, secure memory controllers, secure logging, authentication, and more.