Agilex™ 7 FPGAs and SoCs Device Overview

ID 683458
Date 10/09/2024
Public
Document Table of Contents

18. Device Security for Agilex™ 7 FPGAs and SoCs

Agilex™ 7 FPGAs and SoCs are built with robust security features and managed by the SDM. The devices prioritize the operations of the SDM over fabric and other microprocessor tasks.

The dedicated SDM manages and supports the following critical security features:

  • Manages FPGA configuration process and all security features
  • Performs authenticated FPGA configuration and HPS boot
  • Supports FPGA bitstream encryption, secure key provisioning, and PUF key storage
  • Supports platform attestation using the SPDM protocol
  • Manages runtime sensors and supports active tamper detection and responses
  • Provides access to hardened cryptographic engines as a service

In addition to the preceding list, the following table summarizes the three pillars of security with the advanced security features that Agilex™ 7 FPGAs and SoCs support.

Table 32.   Agilex™ 7 FPGAs and SoCs Advanced Security Features
Pillar of Security Device Security Features
Confidentiality, integrity, and availability
  • Encryption
  • Authentication
  • Attestation
  • Secure boot
  • User access to cryptographic functions
  • Secure debug
  • Vendor authorized boot
Key protection
  • Side channel mitigation
  • Physical anti-tamper detection and response
Secure manufacturing
  • Black key provisioning
  • Secure returned merchandise authorization (RMA)