Security Overview for SDM-Based FPGA Devices

Download PDF
ID 794424
Date 2/29/2024
Public
Document Table of Contents
Document Table of Contents x
1. FPGA Device Security Overview 2. Device Security Features Overview 3. Device Security Resources 4. Revision History for the Security Overview for SDM-based FPGA Devices
2. Device Security Features Overview x
2.1. Hardware Root of Trust 2.2. Authentication 2.3. Attributes 2.4. Configuration Bitstream Encryption 2.5. Platform Attestation 2.6. Cryptographic Services 2.7. Physical Anti-Tamper Monitoring 2.8. Secure Debug
1. FPGA Device Security Overview
2. Device Security Features Overview
3. Device Security Resources
4. Revision History for the Security Overview for SDM-based FPGA Devices

2.1. Hardware Root of Trust

The foundational element of the security architecture of Altera® FPGA devices is a hardware root of trust called the Secure Device Manager (SDM). The Secure Device Manager (SDM) is a self-contained system-on-chip that securely manages the boot and configuration process, provides secure key storage, enforces security policies, and provides security services during runtime. The SDM executes firmware that is developed and signed by Altera® . The SDM firmware is integrated into configuration bitstreams by the Quartus® Prime Pro Edition software.

The SDM hardware and the capabilities it provides are different between Altera® FPGAs. Similarly, SDM firmware may be updated between different versions of Quartus® Prime Pro Edition software to provide additional capabilities or provide important security updates.

Level Two Title