Visible to Intel only — GUID: zqi1618790393314
Ixiasoft
1. HDMI Intel® FPGA IP Design Example Quick Start Guide for Arria® 10 Devices
2. HDMI 2.1 Design Example (Support FRL = 1)
3. HDMI 2.0 Design Example (Support FRL = 0)
4. HDCP Over HDMI 2.0/2.1 Design Example
5. HDMI Arria® 10 FPGA IP Design Example User Guide Archives
6. Revision History for HDMI Arria® 10 FPGA IP Design Example User Guide
2.1. HDMI 2.1 RX-TX Retransmit Design Block Diagram
2.2. Creating RX-Only or TX-Only Designs
2.3. Hardware and Software Requirements
2.4. Directory Structure
2.5. Design Components
2.6. Dynamic Range and Mastering (HDR) InfoFrame Insertion and Filtering
2.7. Design Software Flow
2.8. Running the Design in Different FRL Rates
2.9. Clocking Scheme
2.10. Interface Signals
2.11. Design RTL Parameters
2.12. Hardware Setup
2.13. Simulation Testbench
2.14. Design Limitations
2.15. Debugging Features
2.16. Upgrading Your Design
3.1. HDMI 2.0 RX-TX Retransmit Design Block Diagram
3.2. Hardware and Software Requirements
3.3. Directory Structure
3.4. Design Components
3.5. Dynamic Range and Mastering (HDR) InfoFrame Insertion and Filtering
3.6. Clocking Scheme
3.7. Interface Signals
3.8. Design RTL Parameters
3.9. Hardware Setup
3.10. Simulation Testbench
3.11. Upgrading Your Design
Visible to Intel only — GUID: zqi1618790393314
Ixiasoft
4.4. Protection of Encryption Key Embedded in FPGA Design
Many FPGA designs implement encryption, and there is often the need to embed secret keys in the FPGA bitstream. In newer device families, such as Stratix® 10 and Agilex™ 7, there is a Secure Device Manager block that can securely provision and manage these secret keys. Where these features do not exist, you can secure the content of the FPGA bitstream, including any embedded secret user keys, with encryption.
The user keys should be kept secure within your design environment, and ideally add to the design using an automated secure process. The following steps show how you can implement such a process with Quartus® Prime tools.
- Develop and optimize the HDL in Quartus® Prime in a non-secure environment.
- Transfer the design to a secure environment and implement an automated process to update the secret key. The on-chip memory embed the key value. When the key is updated, the memory initialization file (.mif) can change and the “quartus_cdb --update_mif” assembler flow can change the HDCP protection key without re-compiling. This step is very quick to run and preserves the original timing.
- The Quartus® Prime bitstream then encrypt with the FPGA key before transferring the encrypted bitstream back to the non-secure environment for final testing and deployment.
It is recommended to disable all debug access that can recover the secret key from the FPGA. You can disable the debug capabilities completely by disabling the JTAG port, or selectively disable and review that no debug features such as in-system memory editor or Signal Tap can recover the key. Refer to AN 556: Using the Design Security Features in Intel FPGAs for further information on using FPGA security features including specific steps on how to encrypt the FPGA bitstream and configure security options such as disabling JTAG access.
Note: You can consider the additional step of obfuscation or encryption with another key of the secret key in the MIF storage.
Related Information