Intel® Quartus® Prime Pro Edition User Guide: Programmer
ID
683039
Date
10/04/2021
Public
A newer version of this document is available. Customers should click here to go to the newest version.
1.1. Generating Primary Device Programming Files
1.2. Generating Secondary Programming Files
1.3. Enabling Bitstream Security for Intel® Stratix® 10 Devices
1.4. Enabling Bitstream Encryption or Compression for Intel® Arria® 10 and Intel® Cyclone® 10 GX Devices
1.5. Generating Programming Files for Partial Reconfiguration
1.6. Generating Programming Files for Intel® FPGA Devices with Hard Processor Systems
1.7. Scripting Support
1.8. Generating Programming Files Revision History
2.1. Intel® Quartus® Prime Programmer
2.2. Programming and Configuration Modes
2.3. Basic Device Configuration Steps
2.4. Specifying the Programming Hardware Setup
2.5. Programming with Flash Loaders
2.6. Verifying the Programming File Source with Project Hash
2.7. Using PR Bitstream Security Verification ( Intel® Stratix® 10 Designs)
2.8. Stand-Alone Programmer
2.9. Programmer Settings Reference
2.10. Scripting Support
2.11. Using the Intel® Quartus® Prime Programmer Revision History
2.9.1. Device & Pin Options Dialog Box
2.9.2. More Security Options Dialog Box
2.9.3. Output Files Tab Settings (Programming File Generator)
2.9.4. Input Files Tab Settings (Programming File Generator)
2.9.5. Bitstream Co-Signing Security Settings (Programming File Generator)
2.9.6. Configuration Device Tab Settings
2.9.7. Add Partition Dialog Box (Programming File Generator)
2.9.8. Convert Programming File Dialog Box
2.9.9. Compression and Encryption Settings (Convert Programming File)
2.9.10. SOF Data Properties Dialog Box (Convert Programming File)
2.9.11. Select Devices (Flash Loader) Dialog Box
2.7. Using PR Bitstream Security Verification ( Intel® Stratix® 10 Designs)
PR bitstream validation confirms that the persona does not use FPGA resources that are unauthorized by the .smsf.
Thereafter, the Programmer requires both the .pmsf and .smsf to generate the PR bitstream (.rbf) for this PR region, ensuring that the PR persona can only change bits that the persona owns. The Platform Owner can optionally release .smsf files to third-party Clients as part of the PR region collateral. The Platform Owner uses the .smsf to generate the PR bitstream from Client's .pmsf for this PR region.
PR Bitstream Security Validation in Programmer
The Platform Owner should follow these steps to license, enable, and use PR bitstream security verification:
- Obtain the license file to enable generation of .smsf files for PR regions during base compilation, and to perform PR bitstream security verification during PR bitstream generation in the Programmer. To obtain the license, login or register for a My-Intel account, and then submit an Intel® Premier Support case requesting the license key.
- To add the license file to the Intel® Quartus® Prime Pro Edition software, click Tools > License Setup and specify the feature License File.
- To enable PR security validation features, add the following line to the project .qsf:
set_global_assignment -name PR_SECURITY_VALIDATION on
- Compile the base revision.
- Following base compilation, view the Assembler reports to view the generated .smsf files required for bitstream generation for each PR region.
- The Client provides the .pmsf to the Platform Owner.
- The Platform Owner verifies the .pmsf, converts the .pmsf to .rbf, and configures the FPGA device with the .rbf.
- The platform owner converts the .pmsf to a PR bitstream. Providing the .smsf file to quartus_cmf instructs the tool to validate the .pmsf against that .smsf, and then to generate a bitstream only if the files are compatible.
quartus_cpf -c –-smsf=<smsf_file> <pmsf_file> <output_file>
Related Information