Secure Device Manager - Intel Agilex Configuration User Manual

Figure 2. Intel Agilex Configuration Architecture Block Diagram

1.2.1. Secure Device Manager

The SDM comprises peripherals, cryptographic IP and sensors, boot ROM, triple-redundant lockstep processors, and other
blocks shown the block diagram below. The SDM performs and manages the following security functions:
• Configuration bitstream authentication: After power-on during startup, the SDM triple-redundant lockstep processors run
code from the boot ROM. The boot ROM code authenticates the Intel-generated configuration firmware and configuration
bitstream, ensuring that configuration bitstream is from a trusted source. All Intel Agilex support authentication.
• Encryption: Encryption protects the configuration bitstream or confidential data from unauthorized third-party access.
• Side channel attack protection: Side channel attack protection guards AES Key and confidential data under non-intrusive
attacks.
• Integrity checking: Integrity checking verifies that an accidental event has not corrupted the configuration bitstream. This
function is active, even if you do not enable authentication.
These security features are available in Intel Agilex devices that support advanced security.
Intel ® Agilex ™ Configuration User Guide
12
Intel Agilex FPGA
Secure Device Manager
SDM Pins Dual Purpose I/O
Configurable Network Interface
Configuration Network
Local Sector Local Sector
Manager (LSM) Manager (LSM)
Configuration Configuration
Sector Sector
Local Sector Local Sector
Manager (LSM) Manager (LSM)
Configuration Configuration
Sector Sector
® ™
1. Intel Agilex
Intel Agilex Blocks
(All Family Variants)
Configuration User Guide
UG-20205 | 2019.10.09
Send Feedback