Differences Among Intel SoC Device Families

ID 683648
Date 8/22/2018
Public

HPS Security Feature Differences

The Cyclone V and Arria V families offer basic security functionality with ARM TrustZone® and Advanced Encryption Standard (AES) encryption.

The Arria 10 family improves on Cyclone V and Arrive V security with the following features:

  • Recognition of secure fuse configuration
  • Secure state control and status check of security features
  • Secure boot options
  • Varying levels of debug visibility
  • Anti-tamper support

The Stratix 10 family includes the Secure Device Manager (SDM). The SDM implements the following functions:

  • Device configuration
  • Security features
  • Booting the HPS

The SDM provides a robust, secure, and fully authenticated configuration scheme, allowing you to customize device configuration. Advantages of the SDM, compared to security features in earlier Intel SoC device families, include:

  • Improved configuration time
  • Improved response to single-event upset
  • Reactive zeroization of data as a response to security breaches
  • Key management and update
  • Field upgrade support

This combination of features and flexibility enables you to create secure designs that protect sensitive intellectual property (IP) and data in both FPGA and SoC devices.

The following table summarizes the differences in the security features among the various SoC families.

Table 6.  HPS Security Location Differences
Security Feature Location Cyclone V SoC Arria V SoC Arria 10 SoC Stratix 10 SoC
Security Fuses N/A N/A Security Manager SDM
AES Decryption N/A N/A Security Manager SDM
Authentication N/A N/A Security Manager SDM
HPS Boot Reset Reset Manager Reset Manager Security Manager SDM
Anti-tamper RAM Scramble N/A N/A Security Manager SDM
Control of Secure Boot N/A N/A Security Manager SDM