cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Explorer
Explorer
503 Views
Registered: ‎09-10-2019

Partial bit file compatibility in fabric with an encrypted static logic to be sent to ICAP/ICAPE3

Hello,

I'm developing a way to configure a PR using a clear partial bit stream file to ICAPE3 using Ultrascale+ with an encrypted static logic.

  • How can I check the compatibility inside the fabric with my encrypted static design? Kinda pr_verify inside the FPGA.

We develop the encrypted static bit stream file and we would like to allow the user to reconfigure his partition, nothing else.

Thank you,

0 Kudos
4 Replies
Highlighted
Moderator
Moderator
455 Views
Registered: ‎06-05-2013

Once the encrypted bitstream is loaded if it passes the decryptor then you will see bitstream is loaded with done pin high else CRC (or INIT) pin will do low and device configuration will fail.

Two use cases regarding encryption will not be supported when using new features within UltraScale devices:
a. If RSA authentication is selected for the initial configuration, then encrypted partial reconfiguration is not supported. RSA authentication is not supported for partial bitstreams.
b. If the initial configuration bitstream uses an obfuscated AES-256 key stored in either the eFUSE or BBRAM, then any encrypted partial bitstreams must use the same obfuscated key. Encrypted PR bitstreams using a different key than the initial bitstream is not supported.

In either of these two cases, an unencrypted partial bitstream may be delivered to the ICAP to partially reconfigure the device.
You can refer to UG909 for more details on same https://www.xilinx.com/support/documentation/sw_manuals/xilinx2019_1/ug909-vivado-partial-reconfiguration.pdf

Hope it helps.

Thanks
Harshit
-------------------------------------------------------------------------------------
For more information please refer to configuration resources https://forums.xilinx.com/t5/FPGA-Configuration/Configuration-Resources/m-p/753763/highlight/true#M5891
-------------------------------------------------------------------------
Don’t forget to reply, kudo, and accept as solution.
-------------------------------------------------------------------------
0 Kudos
Highlighted
Explorer
Explorer
448 Views
Registered: ‎09-10-2019

Thanks Harshit but that doesn't answer my question.

A valid CRC doesn't mean the bitstream is compatible with my static logic and won't corrupt my static logic.

I mentionned pr_verify too.

0 Kudos
Highlighted
Moderator
Moderator
436 Views
Registered: ‎06-05-2013

You can refer to design revision checks section in UG#909.

Basically there are no checks in the hardware to ensure the partial bitstream is compatible with the currently operating design. Loading a partial bitstream into a static design that was not implemented with that Reconfigurable Module revision can lead to unpredictable behavior.

We suggests that you prefix a partial bitstream with a unique identifier indicating the particular design, revision and module that follows. This identifier can be interpreted by your configuration controller to verify that the partial bitstream is compatible with the resident design. A mismatch can be detected, and the incompatible bitstream can be rejected, before being loaded into configuration memory. This functionality must be part of your design, and would be similar to or in conjunction with decryption and/or CRC checks,as described in PRC/EPRC: Data Integrity and Security Controller for Partial Reconfiguration (XAPP887).

Thanks
harshit
-------------------------------------------------------------------------------------
For more information please refer to configuration resources https://forums.xilinx.com/t5/FPGA-Configuration/Configuration-Resources/m-p/753763/highlight/true#M5891
-------------------------------------------------------------------------
Don’t forget to reply, kudo, and accept as solution.
-------------------------------------------------------------------------
0 Kudos
Highlighted
Explorer
Explorer
390 Views
Registered: ‎09-10-2019

Basically, I don't have any control over the partial bit file generation.

I was more thinking about reading the bit file sent inside the FPGA to check if the elements are contained inside the pBlock I defined for that partition. They still might corrupt the logic but that's already a good pre-check for us.

0 Kudos