3. Device Security Resources
Altera® provides several resources to help you choose and use device security features:
- Documentation resources are available on the Resource and Documentation Center and require an Intel.com account and non-disclosure agreement
- Secure (confidential) documents and resources are available on the Secure Asset Access – Developer Zone Premium (DZP) and require a confidential non-disclosure agreement and a Developer Zone Premium My Intel account. To request access, visit:
- Design examples are available through rocketboards.com
The primary resource is the Security Methodology User Guide. This document contains detailed descriptions of device security features and their implementations. This document is intended to help all parties understand the various aspects of device security features and be successful in their role. For example, security and FPGA platform architects should review this document to select the security features necessary to meet the security objectives of your end solution. Design engineers can find specific and useful information about processes and data formats. Other resources described below depend on and assume knowledge of the content in this document.
Individual device family Device Security User Guides contain instructions to help use Quartus® Prime Pro Edition software to implement security features on your Altera® FPGA or structured ASIC devices.
Several application-specific user guides include information about features that may be relevant across device families or primarily useful to different kinds of development teams:
- The Agilex™ 7 and eASIC™ N5X HPS Cryptographic Services User Guide contains information to assist HPS software engineers in the implementation and use of HPS software libraries to access cryptographic services provided by the SDM.
- The Black Key Provisioning Service User Guide contains detailed steps to set up the Black Key Provisioning service.
| Document Name | Document ID | Location |
|---|---|---|
| Security Methodology for Intel FPGAs and Structured ASICs User Guide | 724441 | Resource and Documentation Center |
| Stratix® 10 Device Security User Guide | 794313 | Resource and Documentation Center |
| Agilex™ 7 Device Security User Guide | 794315 | Resource and Documentation Center |
| eASIC™ N5X Device Security User Guide | 626836 | Resource and Documentation Center |
| Device Security User Guide for Agilex™ 5 FPGAs and SoCs | 815428 | Resource and Documentation Center |
| Agilex™ 5, Agilex™ 7, and eASIC™ N5X HPS Cryptographic Services User Guide | 728838 | Resource and Documentation Center |
| AN-968: Black Key Provisioning Service Quick Start Guide | 739071 | Resource and Documentation Center |
For some device families, a Security Tutorial is available to help you walk through a beginning-to-end example. In these tutorials, you learn how to create an Quartus® Prime Pro Edition project, apply security settings within Quartus, build secured bitstreams, and provision keys and other security settings to your device.
| Document Name | Document ID | Location |
|---|---|---|
| Stratix® 10 Device Security Tutorial | 792304 | Resource and Documentation Center |
Design examples are intended to demonstrate the use of Altera® device security features. You must carefully consider your security objectives and recommendations in Security Methodology while implementing your solution.
- The FPGA-First HPS Secure Boot design example demonstrates the use of the SDM to authenticate subsequent stages of the HPS software boot chain.
- The HPS-First HPS Secure Boot design example is similar, but securely boots the HPS software before configuring the FPGA fabric.
| Example Name | Location |
|---|---|
| Stratix® 10 SoC Secure Boot Demo Design (HPS First) | Rocketboards.org |
| Agilex™ 7 SoC Secure Boot Demo Design (FPGA First) | Rocketboards.org |
| Agilex™ 7 SoC Secure Boot Demo Design (HPS First) | Rocketboards.org |