Hsinchu, August 28th, 2025 – PUFsecurity, a subsidiary of eMemory Technology Inc., today announced a strategic alliance with Carota Corporation, a global leader in over-the-air (OTA) solutions for connected devices. By integrating PUFsecurity’s Physically Unclonable Function (PUF)-based hardware root of trustwith Carota’s proven OTA platform, the companies will deliver end-to-end, hardware-anchored cybersecurity for the next generation of connected vehicles and AIoT, and the broader Software-Defined Anything (SDx) ecosystem.
Mitigating OTA Risks with PUF-Based HSM Edge Servers
As connected vehicles and AIoT devices increasingly rely on OTA software updates, they also face growing risks of data leakage, remote tampering, and supply-chain compromise. Conventional key deployment methods introduce vulnerabilities from mishandling or cloning.
Through this alliance, Carota will integrate the PUF-based Hardware Security Module (HSM) Edge Server into its OTA architecture. This enables secure identity recognition, key lifecycle management, software signing, firmware integrity verification, device–server binding, version auditing, sandbox testing, and privacy protection—all within a trusted execution environment. The result is a multi-layered defense from device to cloud, strengthening trust in OTA updates across software-defined ecosystems.
Launching New PUF-Based OTA Service for Smart Devices
Built on eMemory’s NeoPUF technology, the HSM generates a unique, unclonable chip fingerprint to serve as the basis for secure key generation. Its modular cartridge design allows flexible computational resource expansion to meet different device requirements, significantly enhancing resilience and stability in key management. By also integrating a PUF-based FIDO authentication mechanism, customers retain full control over key access rights, eliminating the risks of supplier leakage or internal mishandling common in traditional key deployment.
This “PUF-based OTA” service represents the first practical application of PUF technology in OTA scenarios. It not only strengthens current automotive and AIoT security, but also lays the groundwork for next-generation smart mobility and automation — including AI robots, drones, AGVs/AMRs, and even flying cars.
Shared Vision of Creating a Future-Proof OTA Security Paradigm Together
Dr. Tsung-Lin Lin, Special Assistant to the Chairman of PUFsecurity, stated:
“This collaboration is an important milestone in our vision of PUF-based Security-as-a-Service (SECaaS). By embedding hardware root of trust into Carota’s OTA platform, we are creating a sustainable cybersecurity ecosystem—spanning chip, module, and system levels—that addresses both current threats and the evolving needs of the software-defined era.”
Wo Po-Yi, CEO and Founder of Carota, commented:
“Carota’s mission is to deliver secure, efficient, and future-proof OTA solutions. Partnering with PUFsecurity allows us to embed security at the deepest hardware level, from identity authentication to update verification, ensuring our customers can trust every stage of the OTA lifecycle. This strengthens both automotive and AIoT ecosystems as they scale into the SDx era.” The alliance between PUFsecurity and Carota establishes a new PUF-based OTA security paradigm—combining hardware-anchored trust, cryptographic depth, and efficient OTA workflows. Together, the companies are setting the foundation for forward-looking, sustainable cybersecurity services across smart mobility, automation, and the expanding SDx ecosystem.
About PUFsecurity
PUFsecurity is a leading provider of hardware root-of-trust technologies, specializing in security IP solutions based on Physically Unclonable Function (PUF) technology. Leveraging eMemory’s NeoPUF and OTP technologies, PUFsecurity focuses on developing and deploying native key generation and full-stack security architectures to address the challenges of the quantum era: core IP solutions include PUFpqc (Post-Quantum Cryptography), PUFcc (Crypto Coprocessor), PUFrt (Root of Trust), and PUFhsm (Hardware Security Module). PUFsecurity is currently constructing a PUF-based Security-as-a-Service ecosystem to provide protection and authentication for the next generation of connected devices.
About Carota
Carota is a global one-stop provider of OTA upgrade and remote diagnostics solutions. Services include OTA subscription services, smart cockpit software development, remote diagnostics, OTA testing tools, and AI-powered fleet management solutions, mainly targeting connected vehicle and IoT industries, Carota’s customers span Greater China, Europe, North America, Japan, Korea, and Southeast Asia.
熵碼科技(力旺電子子公司)與科絡達科技策略聯盟: 以PUF技術強化OTA資安防護,布局軟體定義設備時代
【新竹,2025年8月28日】力旺電子(eMemory Technology Inc)旗下熵碼科技(PUFsecurity Corporation)今日宣布,與全球車聯網與物聯網OTA(Over-The-Air)解決方案領導廠商科絡達(Carota Corporation)建立策略聯盟夥伴關係。科絡達長期為全球汽車品牌與 AIoT 領域提供穩定、高效且符合車用等級的 OTA 服務,累計升級超過 3.2億台智慧設備,雙方將攜手在科絡達OTA平台架構中導入熵碼科技PUF(Physically Unclonable Function)技術,藉由整合系統層級的 PUF-based HSM Edge Server 解決方案,消除內控風險及製造商洩密風險,全面提升遠端韌體更新與資料傳輸的資安保護層級,為車用及新興智慧載具提供從裝置端到雲端的多層次資安保障。
整合PUF-based硬體信任根 強化OTA軟體更新安全機制
科絡達於OTA 軟體更新領域,自主研發專利差分演算法大幅降低資料傳輸量,並確保跨車廠與跨平台的高相容性。熵碼科技此次將PUF-based HSM Edge Server引入合作,透過導入PUF技術,讓客戶能安心託管密鑰,不僅強化了科絡達OTA服務流程中的資料保護、身份驗證與韌體完整性驗證機制,協助汽車製造商更安全地推送韌體更新,同時安全擷取並儲存車輛運行數據與駕駛隱私資料,實現上下行的全面資安防護。
PUF-based HSM Edge Server解決方案奠基於母公司力旺電子的NeoPUF技術,能在晶片在製造過程中產生獨一無二且無法複製的「晶片指紋」,作為安全根密鑰的生成依據。其模組化卡匣設計可支援不同設備需求下的運算資源擴充,並且顯著提升密鑰管理韌性與穩定性。同時整合PUF-based FIDO驗證機制,讓客戶可完全掌握金鑰存取權限,從客端到局端(End to End)杜絕傳統金鑰佈署流程中因製造商洩密或內控不當風險造成的資安事件。
建立PUF-based OTA新典範,延伸至多元智慧設備
「PUF-based OTA」這項服務標誌著 PUF 技術首次應用於 OTA 實務場景,並將持續擴展至 AI Robot、AI Drone、AI AGV/AMR、AI Flying Car 等新世代智慧載具與自動化設備,為車聯網與 AIoT(Artificial Intelligence of Things)設備構築更嚴密的資安防線,並為軟體定義設備(Software-Defined Anything, SDX)時代奠定安全根基。
針對這類軟體定義設備的聯網AI終端裝置,與遠端OTA伺服器進行軟體、資料與設定更新時,PUF 技術可確保全程在可信任的環境下完成。原因在於,PUF技術能建立唯一身分識別及密鑰生成的資安架構,支援零信任驗證、軟體簽署、隱私資料保護、設備與伺服器綁定、軟體版本稽核、Sandbox測試等關鍵流程,解決SDX在生命周期中可能面臨的信任與驗證挑戰。
邁向SECaaS平台願景 打造PUF資安生態鏈
熵碼科技董事長特別助理林宗霖博士表示:「此次與科絡達的合作是實踐『PUF-based Security-as-a-Service(SECaaS)平台』願景的重要里程碑。我們的目標是建立一套以PUF技術為基礎、涵蓋從晶片、模組、系統到平台的完整資安生態體系,滿足未來SDX時代下持續演進的多元應用與資安需求。 科絡達執行長兼創辦人吳柏儀表示:「Carota 致力於提供穩定、高效且符合車用等級要求的OTA解決方案,安全性始終是我們不斷精進的重點之一。此次與PUFsecurity合作導入PUF-based HSM Edge Server,不僅強化了我們在客戶密鑰保管與託管的信任基礎,為客戶在車聯網與智慧載具的應用場景中提供更完整的資安支援。面對SDX的快速普及,我們也將持續深化與PUF-based資安生態系夥伴的合作,並延伸應用至 AI Robot、智慧物聯網設備、智慧物流與新能源車等領域,確保全球客戶在 SDX 時代能擁有可持續、更具前瞻性的OTA安全服務。」
關於熵碼科技(PUFsecurity)
熵碼科技為全球領先的硬體信任基礎技術提供者,專注於以PUF技術為核心的安全IP解決方案。憑藉母公司力旺電子的NeoPUF與OTP技術,熵碼聚焦於 NeoPUF 原生密鑰技術與全棧安全架構的開發與部署,致力於協助全球晶片與系統設計者迎接量子時代挑戰,打造真正可持續的資安防線,核心產品包括PUFPQC(Post-Quantum Cryptography)、PUFcc(Crypto Coprocessor)、PUFrt(Root of Trust)、PUFhsm(Hardware Security Module)等IP解決方案,布局打造PUF-based Security-as-a-Service生態系,為新一代連網設備提供保護與認證機制。
關於科絡達(Carota)
科絡達(Carota)為全球一站式 OTA(Over-The-Air)升級與遠程診斷解決方案供應商,提供 OTA 訂閱服務、智慧座艙軟體開發、遠程診斷、OTA 測試工具與AI影像車隊管理等多元產品。服務橫跨車聯網與物聯網領域,客戶遍及大中華區、歐美、日韓與東南亞等地。