15.4.5.2 Creating a FlashPro Express or SmartDebug Job

After creating a FlashPro Express or SmartDebug job, the user specifies the type of hardware setup:

JTAG Chain – supported in the current release of the Job Manager

15.4.5.2.1 Configuring a JTAG Chain

The following device types can be added to a JTAG chain:

  • Microchip device targeted for programming
  • Microchip bypass device not targeted for programming
    • Non-Microchip bypass device

Each device has a user-defined name that is unique within the JTAG chain. Microchip devices can be programmed using a bit stream generated by a Programming Data entry or by using existing programming bit stream files (STAPL) loaded from disk.

Adding a Microchip Device for Programming by Generated Bitstream

If a Microchip device is programmed by a bit stream generated from Programming Data, the bit stream must be specified in the Programming Data and bit stream name parameters in the add_microsemi_prog_device Tcl command (see Tcl Interface for details).

The "DSN" parameter is used in the HSM flow to create a device-specific update programming file, see UEK1/UEK2/UEK3 Update Bitstream. Actual bit stream is generated while exporting the programming job, see HSM Task Export.

Adding a Microchip Device for Programming by Existing Bitstream File

A Microchip device can be programmed using the existing bit stream file generated outside the Job Manager.

Important: If an external bit stream file has been loaded in the device, it cannot be programmed using HSM, and tickets cannot be created.

Use the add_microsemi_prog_device Tcl command pointing to the target bit stream file on disk specifying the path to the file with the "bitstream_file" parameter.

Adding a Microchip Bypass Device

A Microchip bypass device can be added by specifying the device name or pointing to the device programming file.

Refer to the add_microsemi_bypass_device Tcl command for more information.

Adding a Non-Microchip Bypass Device

A non-Microchip device can be added to the JTAG chain with the add_non_microsemi_bypass_device Tcl command.

JTAG bypass parameters can be specified either by pointing to the BSDL file accepted by the command or by explicit parameter specification. Refer to the add_non_microsemi_bypass_device Tcl command for more information.

15.4.5.2.2 Export of Non-HSM Programming Job

A non-HSM Programming Job is exported from the Job Manager with the export_prog_job Tcl command. All bitstreams generated from Programming Data entries are created during command execution.
Important: A Programming Job that has one or more HSM tasks is considered to be HSM type and cannot be exported using the export_prog_job command. For more information, see the HSM Tasks section.

15.4.5.2.3 HSM Tasks

The HSM task in the HSM flow allows flexibility in organizing the manufacturing process. It is possible to utilize multiple Contract Manufacturers simultaneously, or the entire manufacturing volume can be split onto smaller chunks for overbuild protection. For example, after creating a Programming Job, the OE can create and export an HSM Task for each manufacturer in production.

HSM tasks add HSM data to the Programming Job. For each HSM task, the user creates job tickets and specifies programming actions for each ticket. Overbuild protection and other protocol-specific information is specified during ticket creation.

For more information about the HSM use model and flow description, refer to the Secure Production Programming Solution (SPPS) User Guide .

Job Tickets

The HSM Task Ticket (Job Ticket in this document) is used to enforce security policies on the manufacturing side and encrypt sensitive information used by device security protocols.

A Job Ticket is created per device in the Programming Job. Each device can have one or more ticket. The Job Ticket is created per the user-selected programming action.

A new Job Ticket is created with the new_hsmtask_ticket Tcl command. The max_device parameter is used to limit the number of devices a programming action can be executed on.

Job Request

A Job Request is exported from the Job Manager Project after creation of all tickets within the HSM Task. The Job Request is then sent to and processed by FlashPro Express or IHP using its M-HSM.

A Job Request is created with the hsmtask_m_request Tcl command.

Job Reply

A Job Reply returns ticket generation information created by the FlashPro Express/IHP. This information is cryptographically bound to the physical M-HSM/U-HSM module that processed the Job Request. After performing this handshake protocol, the HSM Job exported from this HSM Task can only be used with that particular module. This prevents HSM Task replication on the manufacturing side.

A Job Reply is generated by FlashPro Express or IHP and can be imported into the requesting U-HSM Task with the hsmtask_m_reply Tcl command.

HSM Task Export

An HSM Task (HSM Job in this document) can be exported with the export_hsmtask Tcl command. This command executes the part of export done during the non-HSM job export and adds HSM-specific information to the job export container. This data includes job tickets, encryption keys, protocol data, and other HSM-specific information. The HSM job can only be exported after importing the Job Reply.

Job Status

Job Status can be generated by FlashPro Express or IHP during job execution or after ending the job. A Job Status file is generated and sent to the customer.

An HSM Programing Job being executed on the manufacturing side can be ended when all target devices are programmed, or the job can be terminated at any time.

The Job Manager uses Job Status to:

  • Validate job end status, which is cryptographically protected proof that the job has ended and can no longer execute programming actions controlled by its tickets
  • Display the number of devices that can be handled by each ticket
  • Ensure that the correct bit stream is programmed into each device by validating the CoCs.