HPS Security Feature Differences
The Cyclone V and Arria V families offer basic security functionality with ARM TrustZone® and Advanced Encryption Standard (AES) encryption.
The Arria 10 family improves on Cyclone V and Arrive V security with the following features:
- Recognition of secure fuse configuration
- Secure state control and status check of security features
- Secure boot options
- Varying levels of debug visibility
- Anti-tamper support
The Stratix 10 family includes the Secure Device Manager (SDM). The SDM implements the following functions:
- Device configuration
- Security features
- Booting the HPS
The SDM provides a robust, secure, and fully authenticated configuration scheme, allowing you to customize device configuration. Advantages of the SDM, compared to security features in earlier Intel SoC device families, include:
- Improved configuration time
- Improved response to single-event upset
- Reactive zeroization of data as a response to security breaches
- Key management and update
- Field upgrade support
This combination of features and flexibility enables you to create secure designs that protect sensitive intellectual property (IP) and data in both FPGA and SoC devices.
The following table summarizes the differences in the security features among the various SoC families.
Security Feature Location | Cyclone V SoC | Arria V SoC | Arria 10 SoC | Stratix 10 SoC |
---|---|---|---|---|
Security Fuses | N/A | N/A | Security Manager | SDM |
AES Decryption | N/A | N/A | Security Manager | SDM |
Authentication | N/A | N/A | Security Manager | SDM |
HPS Boot Reset | Reset Manager | Reset Manager | Security Manager | SDM |
Anti-tamper RAM Scramble | N/A | N/A | Security Manager | SDM |
Control of Secure Boot | N/A | N/A | Security Manager | SDM |