AN 556: Using the Design Security Features in Intel FPGAs

ID 683269
Date 5/21/2021
Document Table of Contents
Give Feedback

Serial Flash Loader Support with Encryption Enabled for Single FPGA Device Chain

To use the Serial Flash Loader IP core with the encryption feature enabled in a single FPGA device chain, follow these steps:
  1. Start the Intel® Quartus® Prime software.
  2. Instantiate the Serial Flash Loader IP core in your FPGA top-level design.
  3. Compile your design with one of the following options. An unencrypted .sof is generated.
    1. On the Processing menu, click Start Compilation; or
    2. On the Processing menu, point Start and click Start Assembler.
  4. Follow these steps to convert a .sof to a .jic file:
    1. On the File menu, choose Convert Programming Files.
    2. In the Convert Programming Files dialog box, scroll to the JTAG Indirect Configuration File (.jic) from the Programming file type field.
    3. In the Configuration device field, specify the serial configuration device.
    4. In the File name field, browse to the target directory and specify an output file name.
    5. Highlight the .sof data in the Input files to convert section.
    6. Click Add File.
    7. Select the .sof file that you want to convert to a .jic file.
    8. Click OK.
    9. Click on the .sof file name to encrypt the .sof file.
    10. Highlight Flash Loader and click Add Device.
    11. Click OK. The Select Devices page appears.
    12. Select the target FPGA that you are using to program the serial configuration device.
    13. Click OK.
  5. Program the serial configuration device with the encrypted .jic file.
  6. Program the key into the FPGA device.
    Note: To program the key to a single FPGA device, follow the steps in Programming Single-Device Volatile or Non-Volatile Key using Intel Quartus Prime Software.
  7. The encrypted FPGA is then configured by the programmed serial configuration device.
    Note: To program the key with a .jam file, you must convert the .jic file to a .jam file.