Video and Vision Processing Suite Intel® FPGA IP User Guide

ID 683329
Date 8/08/2022
Public

A newer version of this document is available. Customers should click here to go to the newest version.

Document Table of Contents

33.2. Considering Design Security

When designing the systems based on video and vision processing IPs always conduct a security review of your final design to ensure it meets your security goals.
You can apply these precautions to production or deployed systems. Not all precautions apply to all designs or IPs.
  1. Remove the JTAG interface from your designs.
  2. To guarantee video data integrity, restrict access to memory allocated to the frame buffer.
  3. Control access to areas of memory to prevent unauthorized transactions or corruption by other IPs in the design.
  4. Ensure that you correctly configure the IP via the I²C interface and that the input video is valid.
  5. Protect the bitstreams for your design using the security features built-in to Intel Quartus Prime.
  6. Enable a password for the design’s ARM processor.
  7. Protect access to your design through development kit ports.
  8. Restrict debugging access by tools such as Signal Tap.
  9. Encrypt information on SD cards, FPGA bitstreams, and within DDR memory devices.
  10. Apply security features to stored video data.
  11. Consider using an HDCP encryption scheme.
  12. Consider the boot sequence and boot security aspects of your own design.
  13. Implement Intel’s FPGA bitstream encryption technology to further protect the FPGA design content of your products. For information on FPGA bitstream encryption technology, refer to Using the Design Security Features in Intel FPGAs.