Visible to Intel only — GUID: bhc1410500737675
Ixiasoft
Overview of the Design Security Feature
Hardware and Software Requirements
Steps for Implementing a Secure Configuration Flow
Steps to Enable Tamper-Protection Bit Programming
Supported Configuration Schemes
Security Mode Verification
Serial Flash Loader Support with Encryption Enabled
Serial Flash Loader Support with Encryption Enabled for Single FPGA Device Chain
JTAG Secure Mode for 28-nm and 20-nm FPGAs
Document Revision History for AN 556: Using the Design Security Features in Intel® FPGAs
Generating Single-Device .ekp File and Encrypting Configuration File using Intel® Quartus® Prime Software
Generating Single-Device .ekp File and Encrypting Configuration File using Command-Line Interface in Intel® Quartus® Prime Software
Generating Multi-Device .ekp File and Encrypting Configuration File using Intel® Quartus® Prime Software
Programming Volatile or Non-Volatile Key using Intel® FPGA Ethernet Cable and Intel® Quartus® Prime Software
Programming Single-Device Volatile or Non-Volatile Key using Intel® Quartus® Prime Software
Programming Single-Device Volatile or Non-Volatile Key using the Command-Line Interface in Intel® Quartus® Prime Software
Programming Multi-Device Volatile or Non-Volatile Key using Intel® Quartus® Prime Software
Programming Multi-Device Volatile or Non-Volatile Key using the Command-Line Interface in Intel® Quartus® Prime Software
Programming Key using JTAG Technologies
Visible to Intel only — GUID: bhc1410500737675
Ixiasoft
Non-Volatile and Volatile Key Storage
Intel FPGAs offer both volatile and non-volatile key storage. The volatile key storage registers are reprogrammable and erasable. The contents of the key registers are retained between power-cycles with a coin-cell battery. Non-volatile key registers are fuse-based and are one-time programmable.
Note: Examples of lithium coin-cell type batteries that are used for volatile key storage purposes are BR1220 (–30°C to 80°C) and BR2477A (–40°C to 125°C).
Option | Volatile Key | Non-Volatile Key |
---|---|---|
Key Length | 256 bits | 256 bits |
Key Programmability | Reprogrammable and erasable key | One-time programmable key |
External Battery | Required | Not required |
Key Programming Method 3 | On-board | Both on-board and off-board 4 |
Design Protection 5 | Secure against copying, reverse engineering, and tampering |
3 Key programming is carried out through JTAG interface. You need to use valid MSEL pin settings for the JTAG interface.
4 Programming the non-volatile key fuses uses the standard voltage sources used by the FPGA during normal operation. No additional voltage rails are necessary for programming non-volatile key.
5 Volatile key tamper-protection is only available for Arria® II, Arria® V, Cyclone® V, Stratix® V, Intel® Arria® 10, and Intel® Cyclone® 10 GX devices.