1.6.6 User Cryptoprocessor

PolarFire “S” grade devices include a dedicated cryptoprocessor and NRBG (referred to as the User Cryptoprocessor) for data security applications. It provides complete support for Commercial National Security Algorithm (CNSA) suite and beyond, and includes Side-Channel Analysis (SCA) resistant cryptographic countermeasures.

The User Cryptoprocessor in the “S” grade devices can be held in reset by tying its reset and other enable signals to zero. Here the reset and enable signals are directly driven from flash configuration cells which are immune to SEUs. Users can monitor AHB-slave and AHB-master interfaces, and BUSY signal for safety-critical design assurance purposes.

The User Cryptoprocessor is disabled using a SEU immune flash cell in the non “S” grade PolarFire devices. There is no way to read the status of that flash bit during runtime. If there is a requirement to monitor the status of User Cryptoprocessor at runtime then the only way to accomplish this is by using 'S' grade device and disable the User Cryptoprocessor by holding it in reset. In “S” grade devices the state of the User Cryptoprocessor can be monitored by monitoring AHB-slave and AHB-master interfaces, and BUSY signal using fabric logic.