Secure Boot (For PolarFire SoC FPGA Only)

PolarFire SoC comes with two secure boot options to securely boot the application processors. For the default PolarFire SoC secure boot method, the system controller copies the Microchip secure boot loader from its private, secure memory area and load it into the 8 KB DTIM of the E51 monitor core. After that, the reset is released to the application CPUs and then the secure boot code starts execution. The default secure boot loader performs a signature check on the 128 KB eNVM, then run a hash on the eNVM image. If no errors are reported, the code jumps to the user application stored in the eNVM. If errors are reported, the system controller activates a tamper alarm that asserts a signal to the FPGA fabric. Users can then decide on a plan of action.

The second secure boot method allows users to place their own boot code in the secure non-volatile memory (sNVM) area of the chip. The sNVM is a 56 KB nonvolatile memory that can be protected by the built-in Physically Unclonable Function (PUF), that is, the unique PUF ID can serve as an initialization vector for an AES encrypt/decrypt operation performed by the side-channel resistant system controller co-processor. On power-up, the system controller copies the user code from sNVM and write it to the E51 monitor core DTIM. From there, user custom secure boot loader starts executing.