9.13.8 Programming Security Settings
FlashPoint allows you to configure device security levels of high, medium, or none. For SmartFusion devices, security options are presented as radio buttons, and the Clear Security option is used instead of none.
To program security settings on a device:
- If you select the option to program security settings on the Generate Programming File page, the wizard opens the Security Settings page. The available security options depend on the selected device family.
- Set the security level for FPGA and
FlashROM (see the table below for a description of the security levels).
Table 9-15. FPGA and FlashROM Security Levels Security Level Security Option Description High Protect with a 128‑bit Advanced Encryption Standard (AES) key and a Pass Key Access to the device is protected by both an AES Key and a Pass Key. The Write and Verify operations for the FPGA Array use a 128‑bit AES‑encrypted bitstream. From the JTAG interface, the Write and Verify operations for FlashROM also use a 128‑bit AES‑encrypted bitstream. Readback of FlashROM content through the JTAG interface is protected by the Pass Key. Readback of FlashROM content from the FPGA Array is allowed. Medium Protect with Pass Key The Write and Verify operations for the FPGA Array require a Pass Key. From the JTAG interface, the Read and Write operations for FlashROM content require a Pass Key, while Verify operations do not. Readback of FlashROM content from the FPGA Array is allowed. None No security The Write and Verify operations for the FPGA Array do not require keys. The Read, Write, and Verify operations for FlashROM content also do not require keys. For SmartFusion devices, this option is selected by clearing the Security Settings checkbox. - After selecting a security level, enter the Pass Key and, if required, the AES Key. You can generate a random key by clicking the Generate Random Key button.
The Pass Key protects all the Security Settings for the FPGA Array and/or FlashROM.
The AES Key decrypts FPGA Array and/or FlashROM programming file content. Use the AES Key if you intend to program the device at an unsecured site or if you plan to update the design at a remote site in the future.
You can also customize the security levels by clicking the Custom Level button. For more information, see the Custom Security Levels section.