Security IP Products

Helios Processing System (HPS)

What Problem Does Helios Processing System (HPS) Solve?

Modern computer processors lack the security to prevent software and hardware attacks, including:

  • Memory-Corruption Class Attacks, which account for 56% of MITRE critical common vulnerabilities and 70% of all Microsoft patches over the past 12 years.
  • Return-Oriented Programming (ROP), Jump-Oriented Programming (JOP), and Call-Oriented Programming (COP) Attacks, which leverage existing executable code fragments (“gadgets”) to bypass security controls
  • Downgrade, Key Extraction, and Unauthorized Firmware Attacks, which allow the bypass of secure boot mechanisms
  • Intellectual Property (IP) Theft Attacks, which target sensitive embedded firmware, often through reverse engineering techniques such as debug interface exploitation, bus snooping, or memory interposing
  • Cache Timing and Side-Channel Attacks, which allow for the extraction of critical security primitives and key material
Diagram of AMD Versal Prime chip architecture showing components like dual-core application processor, real-time processor, programmable logic, DSP engines, memory controllers, Ethernet cores, crypto engine, and PCIe interface.

How HPS Works

A Helios Processing System (HPS) integrates Helios Memory Guard (HMG) with a processor to provide a fully integrated and validated secure processor IP package.  For load-time security, instructions and data are decrypted and authenticated against the software developer’s and/or original equipment manufacturer’s keys. For runtime security, HPS decrypts and authenticates every instruction and data cache line—in hardware—using ephemeral keys that roll on every write. Additionally, HPS enforces cryptographic isolation and authentication of instructions and data, ensuring instructions cannot be authored by an adversary at runtime.

Benefits

  • Efficient, Customizable Processing: Power efficient compute configurable to your embedded or enterprise performance needs
  • Software Exploitation Prevention: Prevents adversaries from using memory corruption exploits to perform arbitrary code execution
  • Full Lifecycle Technology Protection: Maintains confidentiality and integrity of Intellectual Property (IP) and Critical Program Information (CPI) through its full lifecycle
  • Tamper Resistant: Resistant to reverse engineering threats—including Differential Power Analysis (DPA)
  • Transparent to User/Developer: Maintains compatibility with existing software design and development practices, requiring no modification to the compilation process
  • Supports Common Operating Stacks: Can run VxWorks, Linux, FreeRTOS, bare metal software, and others
  • Zero Trust Enablement: Provides a cryptographically secure platform for running a device’s trusted computing base, which is integral to ZT implementations
  • Set and Forget, Simple Maintenance: No annual maintenance contracts or requirements, implementation of future updates are optional

Features

  • Pre-Integrated RISC-V Processors:NOEL-V and RPX-105 cores available, with configurations of up to 16, 64-bit RISC-V cores (RV64GC, RV22, or RV23) with virtual memory support via integrated MMU.
  • Cache Line Separation and Authentication: Provides hardware-enforced cryptographic authentication and separation for CPU instruction and data caches
  • Inline Memory Encryption: Encrypts and authenticates instructions and data separately during runtime
  • Data-at-Rest Encryption: Encrypts and signs data for provisioning and decrypts and authenticates during load
  • Hardware-Enforced Secure Boot: Performs hardware-enforced secure boot  
  • NIST Compliant, SCA Resistant Cryptography:  Uses CNSA 2.0 and FIPS 140-3 approved crypto algorithms with Side Channel Analysis (SCA) countermeasures
  • Binary Compatible with RISC-V ISA: Leverages standard RISC-V ISA, allowing the use of standard toolchains and software ecosystems

Deliverables

  • IP_XACT Package (VHDL)
  • Hardware Development Kit  - RTL
    - Product Documentation
  • Hardware Verification Suite
  • Software Development Kit
    -     Pre-built compilers
    - Debuggers
    - Packager (Software Encryption Utility with FIPS-validated Hardware Security Module (HSM support)
  • Reference Designs 
  • Technical Support

Frequently Asked Questions

Compatibility

+
What FPGAs can Helios be used with?
+
Can HMG be used in custom ASIC designs?
+
Is Helios compatible with other CPU Instruction
Set Architectures (ISAs)?

Security

+
Who generates the keys used by Helios?
+
Which encryption algorithms are used by Helios?
+
Which RISC-V security extensions are
included in available HPSs?

Performance

+
What is the performance impact of Helios security features?
+
How does Helios perform as a processor?
Learn More about Helios Memory Guard >

Request More Info

Schedule a Time To Talk

Frequently Asked Questions

No items found.
Company
Who We AreWhat We DoCareersNewsContact Us
Security IP
Helios Cyber Secure Processor
Immunity Inline Memory Encryption
Immunity Side Channel Resistant Crypto Cores
BusCop MIL-STD-1553B Cyber Security
Integrated Security solutions
Keystone Security Architecture (Agent and Broker)
Copyright © 2025 Idaho Scientific
Terms and Conditions
Privacy Policy