DisplayPort Stratix® 10 FPGA IP Design Example User Guide

Download PDF
ID 683887
Date 4/10/2024
Public

Visible to Intel only — GUID: acy1619492117605

Ixiasoft

View Details

Document Table of Contents
Document Table of Contents x
1. DisplayPort Intel® FPGA IP Design Example Quick Start Guide 2. Parallel Loopback Design Examples 3. HDCP Over DisplayPort Design Example 4. DisplayPort Stratix® 10 FPGA IP Design Example User Guide Archives 5. Revision History for the DisplayPort Stratix® 10 FPGA IP Design Example User Guide
1. DisplayPort Intel® FPGA IP Design Example Quick Start Guide x
1.1. Directory Structure 1.2. Hardware and Software Requirements 1.3. Generating the Design 1.4. Simulating the Design 1.5. Compiling and Testing the Design 1.6. DisplayPort Intel® FPGA IP Design Example Parameters
1.5. Compiling and Testing the Design x
1.5.1. Regenerating ELF File
2. Parallel Loopback Design Examples x
2.1. Stratix® 10 DisplayPort SST Parallel Loopback Design Features 2.2. Stratix® 10 DisplayPort SST TX-only or RX-only Design Features 2.3. Design Components 2.4. Clocking Scheme 2.5. Interface Signals and Parameters 2.6. Hardware Setup 2.7. Simulation Testbench 2.8. DisplayPort Transceiver Reconfiguration Flow 2.9. Transceiver Lane Configurations
2.1. Stratix® 10 DisplayPort SST Parallel Loopback Design Features x
2.1.1. DisplayPort 2.0 UHBR10 (10 Gbps) Data Rate Support 2.1.2. DisplayPort 2.0 UHBR20 (20 Gbps) Data Rate Support 2.1.3. Enabling Adaptive Sync Support
2.2. Stratix® 10 DisplayPort SST TX-only or RX-only Design Features x
2.2.1. Stratix® 10 DisplayPort SST TX-only Design Features 2.2.2. Stratix® 10 DisplayPort SST RX-only Design Features
3. HDCP Over DisplayPort Design Example x
3.1. High-bandwidth Digital Content Protection (HDCP) 3.2. HDCP Over DisplayPort Design Example Architecture 3.3. Nios® V Processor Software Flow 3.4. Design Walkthrough 3.5. Protection of Encryption Key Embedded in FPGA Design 3.6. Debug Guidelines
3.4. Design Walkthrough x
3.4.1. Setting Up the Hardware 3.4.2. Generating the Design 3.4.3. Including HDCP Production Keys 3.4.4. Compiling the Design 3.4.5. Viewing the Results
3.4.3. Including HDCP Production Keys x
3.4.3.1. Storing Plain HDCP Production Keys in the FPGA (Support HDCP Key Management = 0) 3.4.3.2. Storing Encrypted HDCP Production Keys in the External Flash Memory or EEPROM (Support HDCP Key Management = 1)
3.4.3.1. Storing Plain HDCP Production Keys in the FPGA (Support HDCP Key Management = 0) x
3.4.3.1.1. HDCP Key Mapping from DCP Key Files 3.4.3.1.2. hdcp1x_tx_kmem.v and hdcp1x_rx_kmem.v files 3.4.3.1.3. hdcp2x_rx_kmem.v file 3.4.3.1.4. hdcp2x_tx_kmem.v file
3.4.3.2. Storing Encrypted HDCP Production Keys in the External Flash Memory or EEPROM (Support HDCP Key Management = 1) x
3.4.3.2.1. Intel KEYENC 3.4.3.2.2. Key Programmer
3.5. Protection of Encryption Key Embedded in FPGA Design x
3.5.1. Security Considerations
3.6. Debug Guidelines x
3.6.1. HDCP Status Signals 3.6.2. Modifying HDCP Software Parameters 3.6.3. Frequently Asked Questions (FAQ)
1. DisplayPort Intel® FPGA IP Design Example Quick Start Guide
2. Parallel Loopback Design Examples
3. HDCP Over DisplayPort Design Example
4. DisplayPort Stratix® 10 FPGA IP Design Example User Guide Archives
5. Revision History for the DisplayPort Stratix® 10 FPGA IP Design Example User Guide

3.5. Protection of Encryption Key Embedded in FPGA Design

Many FPGA designs implement encryption, and there is often the need to embed secret keys in the FPGA bitstream. In newer device families, such as Stratix® 10 and Agilex™ 7, there is a Secure Device Manager block that can securely provision and manage these secret keys. Where these features do not exist, you can secure the content of the FPGA bitstream, including any embedded secret user keys, with encryption.

You can keep the user keys secure within your design environment, and ideally add to the design using an automated secure process. The following steps show how you can implement such a process with Quartus® Prime tools.
  1. Develop and optimize the HDL in Quartus® Prime in a non-secure environment.
  2. Transfer the design to a secure environment and implement an automated process to update the secret key. The on-chip memory embed the key value. When the key is updated, the memory initialization file (.mif) can change and the “quartus_cdb --update_mif” assembler flow can change the HDCP protection key without re-compiling. This step is very quick to run and preserves the original timing.
  3. The Quartus® Prime bitstream would then encrypt with the FPGA key before transferring the encrypted bitstream back to the non-secure environment for final testing and deployment.
It is recommended to disable all debug access that can recover the secret key from the FPGA. You can disable the debug capabilities completely by disabling the JTAG port, or selectively disable and review that no debug features such as in-system memory editor or Signal Tap can recover the key. Refer to the Intel Stratix 10 Device Security User Guide for further information on using FPGA security features including specific steps on how to encrypt the FPGA bitstream and configure security options such as disabling JTAG access.
Note: You can consider the additional step of obfuscation or encryption with another key of the secret key in the MIF storage.

Section Content
Security Considerations

Related Information
Level Two Title