2.2.2 Design Security
(Ask a Question)Design security helps protecting the intent of the owner of the design, such as keeping the design and associated bitstream keys confidential, preventing design changes (for example, insertion of Trojan Horses), and controlling the number of copies made throughout the device life cycle. Design security may also be known as IP protection. It is one aspect of anti-tamper (AT) protection. Design security applies to the device from initial production, includes any updates such as in-the-field upgrades, and can include decommissioning of the device at the end of its life, if desired. Good design security is a prerequisite for good data security.
The following table lists the main design security features supported in IGLOO 2.
| Features (all devices) | M2GL005, M2GL010, M2GL025, and M2GL050 | M2GL060, M2GL090, and M2GL150 |
|---|---|---|
| FlashLock® passcode security (256-bit) | Available | Available |
| Flexible security settings using Flash lock-bits | Available | Available |
| Encrypted/authenticated design key loading | Available | Available |
| Symmetric key design security (256-bit) | Available | Available |
| Design key verification protocol | Available | Available |
| Encrypted/authenticated configuration loading | Available | Available |
| Certificate-of-Conformance (C-of-C) | Available | Available |
| Back-tracking prevention (also known as Versioning) | Available | Available |
| Device certificate(s) (anti-counterfeiting) | Available | Available |
| Support for configuration variations | Available | Available |
| Fabric NVM and eNVM integrity tests | Available | Available |
| Information services (S/N, Cert., USERCODE, and others) | Available | Available |
| Tamper detection | Available | Available |
| Tamper response (includes Zeroization) | Available | Available |
| ECC public key design security (384-bit) | — | Available |
| Hardware intrinsic design key (SRAM-PUF) | — | Available |