Bitstream Encryption And Internal Configuration Access Port (Icap); Vbatt - Xilinx Virtex-4 Configuration User Manual

Fpga

Hide thumbs Also See for Virtex-4:

User manual (339 pages)

User manual (176 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

page of 114

/ 114
Contents
Table of Contents
Bookmarks

Table of Contents

A mismatch between the key in the encrypted bitstream and the key stored in the device

causes configuration to fail with the INIT pin remaining High and the DONE pin

remaining Low. A mismatch between the key and bitstream can result in a high current on

Note:

Bitstream Encryption and Internal Configuration Access Port (ICAP)

The Internal Configuration Access Port (ICAP) primitive provides the user logic with

access to the Virtex-4 configuration interface. The ICAP interface is similar to the

SelectMAP interface, although the restrictions on readback and reconfiguration for the

SelectMAP interface do not apply to the ICAP interface after configuration. Users can

perform readback and reconfiguration through the ICAP interface even if bitstream

encryption is used. Unless the designer wires the ICAP interface to user I/O, this does not

offer attackers a method for defeating the Virtex-4 AES encryption scheme. ICAP is not

supported with an encrypted bitstream in the LX, SX, and FX12 devices.

Users concerned about the security of their design should not:

•

-or-

•

Like the other configuration interfaces, the ICAP interface does not provide access to the

key register.

BATT

The encryption key memory cells are volatile and must receive continuous power to retain

their contents. During normal operation, these memory cells are powered by the auxiliary

voltage input (V

the key after V

nano amperes), a small watch battery is suitable for this supply. (To estimate the battery

life, refer to V

specifications.) At less than a 100 nA load, the endurance of the battery should be limited

only by its shelf life.

cannot be used for any purpose other than retaining the encryption keys when V

removed.

Virtex-4 FPGA Configuration User Guide

UG071 (v1.12) June 2, 2017

CCINT

Do not use or monitor BUSY when loading an encrypted bitstream.

SelectMAP-32 mode is not supported with encrypted bitstreams.

Wire the ICAP interface to user I/O

Not instantiate the ICAP primitive.

), although a separate V

CCAUX

is removed. Because V

CCAUX

DC Characteristics in the

BATT

does not draw any current and can be removed while V

BATT

www.xilinx.com

Bitstream Encryption

power input is provided for retaining

BATT

draws very little current (on the order of

BATT

Virtex-4 FPGA Data Sheet

CCAUX

and the battery

is applied. V

BATT

CCAUX

Table of Contents

Bitstream Encryption And Internal Configuration Access Port (Icap); Vbatt - Xilinx Virtex-4 Configuration User Manual

Bitstream Encryption and Internal Configuration Access Port (ICAP)

Related Manuals for Xilinx Virtex-4

Related Content for Xilinx Virtex-4

Table of Contents