You can improve the security of your Intel® Quartus® Prime Software installation by following these security recommendations:
• Install the latest tools that support your design.
• During installation, select only the minimum software components that you require.
• Install the latest version of the Intel® Quartus® Prime Standard Edition Software or the Intel® Quartus® Prime Pro Edition Software backward-compatible components that require connection to network or FPGA hardware device (FPGA Software Download Center, Additional Software tab):
• FLEXlm License Server Software
• Intel® Quartus® Prime Programmer and Tools, which includes Quartus Programmer, JTAG utilities, and USB-Blaster Drivers
• Turn off the following optional features that connect to the Internet:
• Check for software updates: Tools menu > Options, Internet Connectivity tab; Disable options under Startup.
• Crash reporter: Tools menu > Options, Internet Connectivity tab, Problem report; Disable Always send report to Intel when internal error occurs (command-line only)
• Talkback: Tools menu > Options, Internet Connectivity tab, TalkBack Options; Disable Turn on the Quartus® II software TalkBack feature option if you were using Quartus® II software edition 16.0 and below
• Install and run the Intel® Quartus® Prime Software or Quartus® II software under unprivileged system accounts (No root/administrator privileges).
• Set your firewall rules to block network connectivity for any of the Quartus® II software, Intel® Quartus® Prime software, or ModelSim* component:
• Allow traffic only to the FlexLM license server, or use a node-locked fixed license instead of a network floating license.
• Use System Console and related on-chip debug tools in a secure environment by opening ports (assigned when installing the server) only for inter-process communication on local machine.
• Only open Intel® Quartus® Prime projects and files from trusted sources. The Intel® Quartus® Prime Software incorporates scripting capabilities and supports automated script execution that can be exploited by a malicious actor that is able to control Intel® Quartus® Prime Software project files.
• Ensure all directories under your PATH environment variables are trusted. The Intel® Quartus® Prime software relies on the system environment variables to locate the 3rd party simulations tools.
• If you are using JTAG server, use SSH tunneling as recommended in Application Note 939.
NIL