Power-On Reset Digest Check

The device may be configured to perform automatic digest checks while powering up the user design (after power-on reset) to check the integrity of the selected non-volatile memories. The user can specify which digest to check. If any of the selected digest checks fails, a tamper event is generated to fabric for user action. The power-on digest check can be enabled and monitored using PF_TAMPER macro.

Figure 1. Power-On Reset Digest Check Controls

For example, if the first-stage boot code for a soft CPU is stored in the sNVM or eNVM (for PolarFire SoC FPGA only), then the power-on reset digest check could be used to automatically provide a high level of assurance that the code had not been changed, either through a natural or malicious event, since the digest was stored.

A read-endurance limit specifies how many times a digest of the FPGA fabric can be run before the long term reliability of the FPGA configuration data could be affected. For more information about the FPGA configuration memory endurance limits, see respective PolarFire FPGA Datasheet or PolarFire SoC Advance Datasheet. Therefore, depending upon how the system is deployed and used (for example, how often it is powered-up), the on-demand digest check may be more appropriate for testing the integrity of the FPGA fabric.