EP4SE360F35I4 Datasheet, PDF(400/432 Page) Altera Corporation – This section provides a complete overview of all features relating to the Stratix IV device family, which is the most architecturlly advanced

English

English German Russian Spanish Italian Polish Chinese Japanese Korean French Portuguese	Language :

EP4SE360F35I4 Datasheet, PDF (400/432 Pages) Altera Corporation – This section provides a complete overview of all features relating to the Stratix IV device family, which is the most architecturlly advanced

◁

10â64

Chapter 10: Configuration, Design Security, and Remote System Upgrades in Stratix IV Devices

Design Security

This section provides an overview of the design security feature and its

implementation on Stratix IV devices using the advanced encryption standard (AES).

It also covers the new security modes available in Stratix IV devices.

As Stratix IV devices continue play a role in larger and more critical designs in

competitive commercial and military environments, it is increasingly important to

protect the designs from copying, reverse engineering, and tampering.

Stratix IV devices address these concerns with both volatile and non-volatile security

feature support. Stratix IV devices have the ability to decrypt configuration bitstreams

using the AES algorithm, an industry-standard encryption algorithm that is FIPS-197

certified. Stratix IV devices have a design security feature that utilizes a 256-bit

security key.

Stratix IV devices store configuration data in SRAM configuration cells during device

operation. Because SRAM is volatile, the SRAM cells must be loaded with

configuration data each time the device powers up. It is possible to intercept

configuration data when it is being transmitted from the memory source (flash

memory or a configuration device) to the device. The intercepted configuration data

could then be used to configure another device.

When using the Stratix IV design security feature, the security key is stored in the

Stratix IV device. Depending on the security mode, you can configure the Stratix IV

device using a configuration file that is encrypted with the same key, or for board

testing, configured with a normal configuration file.

The design security feature is available when configuring Stratix IV devices using FPP

configuration mode with an external host (such as a MAX II device or

microprocessor), or when using fast AS or PS configuration schemes. The design

security feature is also available in remote update with fast AS configuration mode.

The design security feature is not available when you are configuring your Stratix IV

device using JTAG-based configuration. For more information, refer to âSupported

Configuration Schemesâ on page 10â67.

1 When using a serial configuration scheme such as PS or fast AS, configuration time is

the same whether or not you enable the design security feature. If the FPP scheme is

used with the design security or decompression feature, a Ã4 DCLK is required. This

results in a slower configuration time when compared with the configuration time of

a Stratix IV device that has neither the design security nor the decompression feature

enabled.

Stratix IV Device Handbook

Volume 1

September 2012 Altera Corporation

▷