- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I'm referring Intel® MAX® 10 FPGA Configuration User Guide.
In my understanding, once we program AES key and turn on "Allow encrypted POF only" option, configuring CRAM through JTAG will be prevented, and configuration can be done only from the encrypted(by correct key) config image programmed in CFM.
However, can we still erase and re-program the AES key (AES key is not OTP) without knowing currently programmed AES key, correct?
If so, how can we prevent hackers from replacing AES key by their own key? Do we need to turn on "JTAG secure" option to disable JTAG itself?
Thank you
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Yes, you need to turn on jtag secure mode to prevent the access of JTAG by third party to do full erase on the device.
Regards,
Bruce
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Thank you for the quick response. Let me confirm.
Once JTAG secure mode is enabled, even the internal developer who knows AES key can't update CFM.
And if we want to update CFM, we need to implement internal logic to issue UNLOCK instruction to JTAG core like below
MAX10 JTAG Secure Unlock | Design Store for Intel® FPGAs
Is my understanding correct?
Thank you,
Wakasugi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Yes, you are right.
Regards,
Bruce
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I see, Thank you.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page