System Controller

The System Controller manages device programming, design security, key-management, and related operations. During the programming process, the System Controller authenticates and decrypts incoming bitstream, erases and writes the target flash memory segments, and responds to other external programming related protocols, such as key verification. The system controller has both a JTAG interface and a SPI interface.

The System Controller contains a dedicated cryptoprocessor, the Athena TeraFire® F5200ASR, for accelerating device specific cryptographic functions. All cryptographic algorithms are implemented using patented DPA-resistant techniques to minimize the probability of secret key extraction by an adversary using simple or differential power analysis (SPA or DPA), simple or differential electromagnetic analysis (SEMA or DEMA), or timing analysis (TA). This protection extends to the messages digested using any of the secure hash algorithms (SHA), even though they do not directly use a secret key, because they are used in the hash-based message authentication algorithm (HMAC) that does.

The System Controller also incorporates a non-deterministic random bit generator (NRBG), known as a true random number generator (TRNG). The integrated TRNG enables modern FPGA cryptographic protocols that provide protection against attacks such as replay attacks. It is also used for high-quality key, nonce, and initialization vector generation.

The system controller also provides system services such as reporting the device serial number, the JTAG USERCODE value, exporting the device certificate, and so on. For more information, see PolarFire FPGA and PolarFire SoC FPGA System Services User Guide.