15.4.4.5 Bitstream Initialization
(Ask a Question)Bitstream initialization allows the user to setup bit stream generation parameters for use during:
- HSM job export
- Non-HSM job export
- Export of a programming bit stream in non-HSM flow
The bit stream can be initialized for use in the HSM programming flow and non-HSM programming flow. For use model details about HSM and non-HSM bitstreams, refer to the Secure Production Programming Solution (SPPS) User Guide .
Programming Data can have one or more bit stream entries that can be used by the same or different programing jobs.
Bitstream initialization is done with the init_bitstream Tcl command.
15.4.4.5.1 HSM Flow
(Ask a Question)The following sections describe how to initialize and use programming bitstreams for various situations in the HSM flow. Because all keys in the HSM flow are protected by the HSM, the U-HSM must generate bitstreams for all cases described below.
Initiater Bitstream
The Initiater bit stream in HSM is designed to program initial security and all other user-selected device features in an untrusted environment. Secure key loading is achieved using the device-supported Authorization Code protocol. Refer to the Secure Production Programming Solution (SPPS) User Guide for more information.
The Initiater bit stream can be generated to program project or per-device UEK1/UPK1/UEK2/UPK2/ UEK3/DPK values.
Project keys are inserted into the bit stream from the keyset file upon bit stream generation.
Per-device keys are generated and infused into the programming bit stream by the M-HSM during
device programming. Per-device key value is derived from respective base keys in the
keyset file and device device serial number (DSN). Per-device protocol and key types are
specified with the init_bitstream Tcl command parameters.
The Initiater bit stream programs security settings imported into Programming Data from Libero or according to SPM overwrite, if any.
UEK1/UEK2/UEK3 Update Bitstream
This type of bit stream is used for reprogramming Fabric and/or eNVM/sNVM depending on device type. The security component cannot be reprogrammed with this file type. This bit stream can be used if the device already has security programmed.
UEK1/UEK2/UEK3 Project Keys, No Security Lock
In this case, all devices in the project have the same UEK1, UEK2, or UEK3 values, and target device feature programming is allowed without FlashLock/UPK1 match. The Job Manager can generate a stand-alone programming file or a non-HSM programming job that does not require the M-HSM during programming.
UEK1/UEK2/UEK3 Project Keys, Security Locked
If the target device feature programming is locked, the M-HSM must perform a secured unlock of the device, because the plain text value of the lock key cannot be used in an untrusted environment. This type of bit stream can be used in an HSM programming job. UPK1 unlock is performed securely via the OTPK protocol. For more information, refer to the Secure Production Programming Solution (SPPS) User Guide .
UEK1/UEK2/UEK3 Per-Device Keys, No Security Locks, DSN is Known
If UEK1, UEK2, or UEK3 are per-device keys, target features are not locked, and DSN for the
target device(s) is known, the user has an option to generate a device-specific
programming bit stream that does not require the M-HSM during production. The bit stream
can be exported as a stand-alone bit stream file or a non-HSM programming job. In either
case, DSN must be provided in the export_bitstream Tcl command during
bit stream file generation or in the add_microsemi_device Tcl command
that adds target devices to the chain inside the programming job.
UEK1/UEK2/UEK3 Per-Device, All Other Cases
For all other cases related to per-device UEK1/UEK2/UEK3, the M-HSM and HSM programming job must be used. If target device features are locked by per-device UPK1, UPK1 unlock is performed securely via the OTPK protocol. For more information, refer to the Secure Production Programming Solution (SPPS) User Guide .
15.4.4.5.2 Non-HSM Flow
(Ask a Question)In non-HSM flow, the keyset file is not used. All key values are used from the Libero design security setting. There are two mechanisms to overwrite the user-defined design security keys (UPK1, UPK2, UEK1, UEK2, UEK3, and DPK):
- Security Overwrite—The security setting and key values set supersede the original Libero settings.
- Key Overwrite—The key values set supersede both the Libero and Security Overwrite setting.
The following sections describe non-HSM bitstream types that can be generated for production programming in a trusted environment.
Trusted Facility Bitstream
This bitstream type can program Fabric, eNVM, and non-authenticated plain text sNVM clients. The entire bitstream is encrypted with the KLK encryption key.
Master Bitstream
Similar to Trusted Facility, but also programs security and supports all types of sNVM clients. After custom security is programmed, all Microchip factory default key modes, including KLK, DFK, KFP, and KFPE key modes as well as User ECC keys (KUP and KUPE), become disabled.
UEK1/UEK2/UEK3 Update Bitstream
This bitstream type can reprogram Fabric and/or eNVM/sNVM device features. If the target device programming is protected by FlashLock/UPK1, plain text values of UPK1 are included in the exported bitstream file/programming job. when using the non-HSM flow.
15.4.4.5.3 Export Programming Bitstream File
(Ask a Question)Export of the programming bitstream file is available in non-HSM flow only. Export is handled by the export_bitstream_file Tcl command and can be performed in all supported programming file types.
Specifying the optional DSN parameter is applicable only for situations explained in "Non-HSM Flow". The exported bitstream file is created in a user-specified location.