AN 556: Using the Design Security Features in Intel FPGAs

ID 683269
Date 5/21/2021
Public
Document Table of Contents

Verification During JTAG Secure Mode

Non-mandatory JTAG instructions are disabled when the tamper protection bit is enabled in 28-nm FPGAs. When executing KEY_VERIFY during the tamper protection bit is programmed, TDI points to the BYPASS register. Due to this, executing the KEY_VERIFY instruction when the tamper protection bit has been set results in 0x0 (hex) being returned.

To check if the tamper protection bit has been programmed in a device, shift a user defined pattern in when executing the KEY_VERIFY instruction and check that the TDO pattern received has a 0 shifted in.

In 20-nm FPGAs, KEY_VERIFY instruction can be executed during JTAG Secure mode. To perform verification during JTAG secure mode for 20-nm FPGAs, you can expect 0x0 (hex) value being returned when executing USERCODE instruction.

Verification During JTAG Secure Mode Example

Shift in 0x15A (1 0101 1010 in binary). If the tamper protection bit has been programmed, since KEY_VERIFY=BYPASS, you should expect 0 1011 0100 where the last 0 is the content of the BYPASS register.