Intel® Quartus® Prime Standard Edition User Guide: Platform Designer

ID 683364
Date 12/15/2018
Public
Document Table of Contents

1.10.1. System Security Options

Table 11.  Security Options
Option Description
Secure Master sends only secure transactions, and the slave receives only secure transactions. Platform Designer treats transactions from a secure master as secure. Platform Designer blocks non-secure transactions to a secure slave and routes to the default slave.
Non-Secure The master sends only non-secure transactions, and the slave receives any transaction, secure or non-secure. Platform Designer treats transactions from a non-secure master as non-secure. Platform Designer allows all transactions, regardless of security status, to reach a non-secure slave.
Secure Ranges Applies to only the slave interface. Allows you to specify secure memory regions for a slave. Platform Designer blocks non-secure transactions to secure regions and routes to the default slave. The specified address ranges within the slave's address span are secure, all other address ranges are not. The format is a comma-separated list of inclusive-low and inclusive-high addresses, for example, 0x0:0xfff,0x2000:0x20ff
TrustZone-aware TrustZone-aware masters have signals that control the security status of their transactions. TrustZone-aware slaves can accept these signals and handle security independently.

The following applies to secure systems that mix secure and non- TrustZone* -aware components:

  • All AXI, AMBA* 3 AXI, and AMBA* 3 AXI-Lite masters are TrustZone* -aware.
  • You can set AXI, AMBA* 3 AXI, and AMBA* 3 AXI-Lite slaves as TrustZone* -aware, secure, non-secure, or secure range ranges.
  • You can set non-AXI master interfaces as secure or non-secure.
  • You can set non-AXI slave interfaces as secure, non-secure, or secure address ranges.