DisplayPort Intel® Arria 10 FPGA IP Design Example User Guide

Download PDF
ID 683050
Date 2/01/2023
Public

A newer version of this document is available. Customers should click here to go to the newest version.

Document Table of Contents
Document Table of Contents x
1. DisplayPort Intel® FPGA IP Design Example Quick Start Guide 2. DisplayPort Design Examples 3. HDCP Over DisplayPort Design Example for Intel® Arria® 10 Devices 4. DisplayPort Intel® Arria® 10 FPGA IP Design Example User Guide Archives 5. Revision History for DisplayPort Intel® Arria® 10 FPGA IP Design Example User Guide
1. DisplayPort Intel® FPGA IP Design Example Quick Start Guide x
1.1. Directory Structure 1.2. Hardware and Software Requirements 1.3. Generating the Design 1.4. Simulating the Design 1.5. Compiling and Testing the Design 1.6. DisplayPort Intel® FPGA IP Design Example Parameters
1.5. Compiling and Testing the Design x
1.5.1. Regenerating ELF File
2. DisplayPort Design Examples x
2.1. Intel® Arria® 10 DisplayPort SST Parallel Loopback Design Features 2.2. Intel® Arria® 10 DisplayPort MST Parallel Loopback Design Features 2.3. Enabling Adaptive Sync Support 2.4. Intel® Arria® 10 DisplayPort SST TX-only or RX-only Design Features 2.5. Design Components 2.6. Clocking Scheme 2.7. Interface Signals and Parameters 2.8. Hardware Setup 2.9. Simulation Testbench 2.10. DisplayPort Transceiver Reconfiguration Flow 2.11. Transceiver Lane Configurations
2.4. Intel® Arria® 10 DisplayPort SST TX-only or RX-only Design Features x
2.4.1. Intel® Arria® 10 DisplayPort SST TX-only Design Features 2.4.2. Intel® Arria® 10 DisplayPort SST RX-only Design Features
3. HDCP Over DisplayPort Design Example for Intel® Arria® 10 Devices x
3.1. High-bandwidth Digital Content Protection (HDCP) 3.2. HDCP Over DisplayPort Design Example Architecture 3.3. Nios II Processor Software Flow 3.4. Design Walkthrough 3.5. Protection of Encryption Key Embedded in FPGA Design 3.6. Debug Guidelines
3.4. Design Walkthrough x
3.4.1. Set Up the Hardware 3.4.2. Generate the Design 3.4.3. Include HDCP Production Keys 3.4.4. Compile the Design 3.4.5. View the Results
3.4.3. Include HDCP Production Keys x
3.4.3.1. Store plain HDCP production keys in the FPGA (Support HDCP Key Management = 0) 3.4.3.2. Store encrypted HDCP production keys in the external flash memory or EEPROM (Support HDCP Key Management = 1)
3.4.3.1. Store plain HDCP production keys in the FPGA (Support HDCP Key Management = 0) x
3.4.3.1.1. HDCP Key Mapping from DCP Key Files 3.4.3.1.2. hdcp1x_tx_kmem.v and hdcp1x_rx_kmem.v files 3.4.3.1.3. hdcp2x_rx_kmem.v file 3.4.3.1.4. hdcp2x_tx_kmem.v file
3.4.3.2. Store encrypted HDCP production keys in the external flash memory or EEPROM (Support HDCP Key Management = 1) x
3.4.3.2.1. Intel KEYENC 3.4.3.2.2. Key Programmer
3.4.5. View the Results x
3.4.5.1. LED Functions
3.5. Protection of Encryption Key Embedded in FPGA Design x
3.5.1. Security Considerations
3.6. Debug Guidelines x
3.6.1. HDCP Status Signals 3.6.2. Modifying HDCP Software Parameters 3.6.3. Frequently Asked Questions (FAQ)
1. DisplayPort Intel® FPGA IP Design Example Quick Start Guide
2. DisplayPort Design Examples
3. HDCP Over DisplayPort Design Example for Intel® Arria® 10 Devices
4. DisplayPort Intel® Arria® 10 FPGA IP Design Example User Guide Archives
5. Revision History for DisplayPort Intel® Arria® 10 FPGA IP Design Example User Guide

3.5. Protection of Encryption Key Embedded in FPGA Design

Many FPGA designs implement encryption, and there is often the need to embed secret keys in the FPGA bitstream. In newer device families, such as Intel® Stratix® 10 and Intel Agilex, there is a Secure Device Manager block that can securely provision and manage these secret keys. Where these features do not exist, you can secure the content of the FPGA bitstream, including any embedded secret user keys, with encryption.

You can keep the user keys secure within your design environment, and ideally add to the design using an automated secure process. The following steps show how you can implement such a process with Intel® Quartus® Prime tools.
  1. Develop and optimize the HDL in Intel® Quartus® Prime in a non-secure environment.
  2. Transfer the design to a secure environment and implement an automated process to update the secret key. The on-chip memory embed the key value. When the key is updated, the memory initialization file (.mif) can change and the “quartus_cdb --update_mif” assembler flow can change the HDCP protection key without re-compiling. This step is very quick to run and preserves the original timing.
  3. The Intel® Quartus® Prime bitstream would then encrypt with the FPGA key before transferring the encrypted bitstream back to the non-secure environment for final testing and deployment.
It is recommended to disable all debug access that can recover the secret key from the FPGA. You can disable the debug capabilities completely by disabling the JTAG port, or selectively disable and review that no debug features such as in-system memory editor or Signal Tap can recover the key. Refer to AN556: Using the Design Security Features in Intel FPGAs. for further information on using FPGA security features including specific steps on how to encrypt the FPGA bitstream and configure security options such as disabling JTAG access.
Note: You can consider the additional step of obfuscation or encryption with another key of the secret key in the MIF storage.

Section Content
Security Considerations

Related Information
Level Two Title