AN 886: Intel Agilex® 7 Device Design Guidelines

Download PDF
ID 683634
Date 10/09/2023
Public
Document Table of Contents
Document Table of Contents x
1. Introduction to the Intel Agilex® 7 Device Design Guidelines 2. System Specification 3. Device Selection 4. Security Considerations 5. Design Entry 6. Board and Software Considerations 7. Design Implementation, Analysis, Optimization, and Verification 8. Debugging 9. Embedded Software Design Guidelines for Intel Agilex® 7 SoC FPGAs
1. Introduction to the Intel Agilex® 7 Device Design Guidelines x
1.1. Design Flow 1.2. Introduction to the Intel Agilex® 7 Device Design Guidelines Revision History
2. System Specification x
2.1. Design Specifications 2.2. Install Intel® Quartus® Prime Software 2.3. IP Selection 2.4. Simulation 2.5. Preparing for Design Entry 2.6. I/O Summary 2.7. Using Intel Agilex® 7 HPS in your Device 2.8. System Specification Revision History
2.3. IP Selection x
2.3.1. Evaluate Available HPS IP 2.3.2. Select Soft/Hardened IP and I/O Interfaces
2.5. Preparing for Design Entry x
2.5.1. Coding Styles and Design Recommendations 2.5.2. Platform Designer
3. Device Selection x
3.1. Device Variant 3.2. PLLs and Clock Routing 3.3. Logic, Memory, and Multiplier Density 3.4. I/O Pin Count, LVDS SERDES Channels, and Package Offering 3.5. Speed Grade 3.6. Device Migration 3.7. Device Selection Revision History
4. Security Considerations x
4.1. Security Considerations Revision History
5. Design Entry x
5.1. Design Entry for SoC Devices 5.2. Design Entry for FPGA-only Devices 5.3. Design Entry for NoC 5.4. EMIF Considerations 5.5. Nios® Software Processor IP 5.6. Transceiver Planning 5.7. Reconfiguration 5.8. Design Entry Revision History
5.1. Design Entry for SoC Devices x
5.1.1. Firewall Planning 5.1.2. Boot And Configuration Considerations 5.1.3. HPS Clocking and Reset Design Considerations 5.1.4. Reset Configuration 5.1.5. HPS Pin Multiplexing Design Considerations 5.1.6. HPS I/O Settings: Constraints and Drive Strengths 5.1.7. Design Guidelines for HPS Interfaces 5.1.8. Interfacing between the FPGA and HPS 5.1.9. Implementing the Intel Agilex® 7 HPS Component
5.1.2. Boot And Configuration Considerations x
5.1.2.1. Selecting HPS Boot Options 5.1.2.2. Configuration Sources 5.1.2.3. Remote System Update (RSU)
5.1.3. HPS Clocking and Reset Design Considerations x
5.1.3.1. HPS Clock Planning 5.1.3.2. Early Pin Planning and I/O Assignment Analysis 5.1.3.3. Pin Features and Connections for HPS Clocks, Reset and PoR 5.1.3.4. Direct to Factory Pin Support for Remote System Update (RSU) Feature 5.1.3.5. Internal Clocks
5.1.4. Reset Configuration x
5.1.4.1. HPS Peripheral Reset Management 5.1.4.2. System Reset Considerations
5.1.7. Design Guidelines for HPS Interfaces x
5.1.7.1. Design Considerations for Selecting PHY Interfaces 5.1.7.2. USB Interface Design Guidelines 5.1.7.3. SD/MMC and eMMC Card Interface Design Guidelines 5.1.7.4. Design Guidelines for Flash Interfaces 5.1.7.5. UART Interface Design Guidelines 5.1.7.6. I2C Interface Design Guidelines
5.1.7.1. Design Considerations for Selecting PHY Interfaces x
5.1.7.1.1. HPS EMAC PHY Interfaces 5.1.7.1.2. RMII and RGMII PHY Interfaces 5.1.7.1.3. PHY Interfaces Connected Through FPGA I/O 5.1.7.1.4. Consider Device Driver Availability 5.1.7.1.5. MDIO 5.1.7.1.6. Signal Integrity
5.1.7.4. Design Guidelines for Flash Interfaces x
5.1.7.4.1. NAND Flash Interface Design Guidelines
5.1.8. Interfacing between the FPGA and HPS x
5.1.8.1. Overview of HPS Memory-Mapped Interfaces 5.1.8.2. Recommended System Topologies 5.1.8.3. Recommended Starting Point for HPS-to-FPGA Interface Designs 5.1.8.4. Information on How to Configure and Use the Bridges
5.1.8.1. Overview of HPS Memory-Mapped Interfaces x
5.1.8.1.1. HPS-to-FPGA Bridge 5.1.8.1.2. Lightweight HPS-to-FPGA Bridge 5.1.8.1.3. FPGA-to-HPS Bridge 5.1.8.1.4. Interface Bandwidths
5.1.8.2. Recommended System Topologies x
5.1.8.2.1. System Level Cache Coherency 5.1.8.2.2. HPS Accesses to FPGA Fabric 5.1.8.2.3. MPU Sharing Data with FPGA 5.1.8.2.4. Examples of Cacheable and Non-Cacheable Data Accesses From the FPGA
5.2. Design Entry for FPGA-only Devices x
5.2.1. Clocking and Reset Design Considerations 5.2.2. I/O and Clock Planning
5.2.2. I/O and Clock Planning x
5.2.2.1. Making FPGA Pin Assignments 5.2.2.2. Early Pin Planning and I/O Assignment Analysis for the FPGA Device 5.2.2.3. I/O Features and Pin Connections 5.2.2.4. Clock and PLL Selection 5.2.2.5. PLL Feature Guidelines 5.2.2.6. Clock Control Features 5.2.2.7. I/O Simultaneous Switching Noise
5.2.2.3. I/O Features and Pin Connections x
5.2.2.3.1. I/O Signaling Type 5.2.2.3.2. Selectable Standards and Flexible I/O Banks 5.2.2.3.3. Dual-Purpose and Special Pin Connections 5.2.2.3.4. Intel Agilex® 7 I/O Features
5.2.2.5. PLL Feature Guidelines x
5.2.2.5.1. Clock Feedback Mode 5.2.2.5.2. Clock Outputs
5.3. Design Entry for NoC x
5.3.1. NoC Architecture Basics 5.3.2. NoC Design Flow 5.3.3. Configuring NoC IP 5.3.4. Instantiating NoC IP 5.3.5. NoC Assignments 5.3.6. NoC Physical Placement 5.3.7. Compilation 5.3.8. Simulation
5.4. EMIF Considerations x
5.4.1. Memory Interfaces 5.4.2. FPGA EMIF Design Considerations
5.5. Nios® Software Processor IP x
5.5.1. Nios® V 5.5.2. Nios® II
6. Board and Software Considerations x
6.1. Early System and Board Planning 6.2. Board Design Guidelines for Intel Agilex® 7 SoC FPGAs 6.3. Pin Connection Considerations for Board Design 6.4. Board Considerations Revision History
6.1. Early System and Board Planning x
6.1.1. SmartVID 6.1.2. Intel® FPGA Power and Thermal Calculator 6.1.3. Thermal Management and Design 6.1.4. Temperature Sensing for Thermal Management 6.1.5. Voltage Sensor 6.1.6. Device Power-Up 6.1.7. Power Pin Connections and Power Supplies 6.1.8. Planning for Device Configuration
6.1.7. Power Pin Connections and Power Supplies x
6.1.7.1. Decoupling Capacitors 6.1.7.2. PLL Board Design Guidelines 6.1.7.3. Transceiver Board Design Guidelines
6.1.8. Planning for Device Configuration x
6.1.8.1. Device Power Cycling and Reconfiguration 6.1.8.2. Configuration Scheme Selection 6.1.8.3. Configuration Features 6.1.8.4. Intel® Quartus® Prime Configuration Settings 6.1.8.5. Configuration Pin Connections
6.1.8.2. Configuration Scheme Selection x
6.1.8.2.1. Serial Configuration Devices 6.1.8.2.2. Intel® FPGA Download Cable
6.1.8.4. Intel® Quartus® Prime Configuration Settings x
6.1.8.4.1. Optional Configuration Pins 6.1.8.4.2. Dual Purpose Configuration Pins
6.1.8.5. Configuration Pin Connections x
6.1.8.5.1. Configuration Pin Voltage Level 6.1.8.5.2. Clock Trace Signal Integrity 6.1.8.5.3. JTAG Pins 6.1.8.5.4. MSEL Configuration Mode Pins 6.1.8.5.5. Other Configuration Pins
6.2. Board Design Guidelines for Intel Agilex® 7 SoC FPGAs x
6.2.1. Boundary Scan for HPS 6.2.2. Embedded Software Debugging and Trace
6.3. Pin Connection Considerations for Board Design x
6.3.1. Board-Related Intel® Quartus® Prime Settings 6.3.2. Signal Integrity Considerations 6.3.3. Board-Level Simulation and Advanced I/O Timing Analysis
6.3.1. Board-Related Intel® Quartus® Prime Settings x
6.3.1.1. Unused Pins
6.3.2. Signal Integrity Considerations x
6.3.2.1. High-Speed Board Design 6.3.2.2. Voltage Reference Pins 6.3.2.3. Simultaneous Switching Noise 6.3.2.4. I/O Termination
7. Design Implementation, Analysis, Optimization, and Verification x
7.1. Selecting a Synthesis Tool 7.2. Device Resource Utilization Reports 7.3. Intel® Quartus® Prime Messages 7.4. Timing Constraints and Analysis 7.5. Area and Timing Optimization 7.6. Preserving Performance and Reducing Compilation Time 7.7. Designing with Intel® Hyperflex™ 7.8. Simulation 7.9. Power Analysis 7.10. Power Optimization 7.11. Design Implementation, Analysis, Optimization, and Verification Revision History
7.4. Timing Constraints and Analysis x
7.4.1. Recommended Timing Optimization and Analysis Assignments
7.10. Power Optimization x
7.10.1. Device and Design Power Optimization Techniques 7.10.2. Intel® Quartus® Prime Power Optimization Techniques
7.10.1. Device and Design Power Optimization Techniques x
7.10.1.1. Device Speed Grade 7.10.1.2. Clock Power Management 7.10.1.3. Memory Power Reduction 7.10.1.4. I/O Power Guidelines
8. Debugging x
8.1. On-Chip Debug Overview 8.2. On-Chip Debugging Tools 8.3. Debugging Revision History
8.1. On-Chip Debug Overview x
8.1.1. Planning Guidelines for Debugging Tools
9. Embedded Software Design Guidelines for Intel Agilex® 7 SoC FPGAs x
9.1. Overview 9.2. Golden Hardware Reference Design (GHRD) 9.3. Define Software Requirements 9.4. Define Software Architecture 9.5. Selecting Software Tools 9.6. Choosing the Bootloader Software 9.7. Selecting an Operating System for Your Application 9.8. Assembling Your Software Development Platform for Linux* 9.9. Assembling your Software Development Platform for Partner OS or RTOS 9.10. Driver Considerations 9.11. Boot And Configuration Considerations 9.12. System Reset Considerations 9.13. Flash Considerations 9.14. Develop Application 9.15. Test and Validate 9.16. Embedded Software Design Guidelines Revision History
9.5. Selecting Software Tools x
9.5.1. Selecting Software Build Tools 9.5.2. Selecting Software Debug Tools 9.5.3. Selecting Software Trace Tools
9.7. Selecting an Operating System for Your Application x
9.7.1. Using Linux* or RTOS 9.7.2. Using the Bootloader as a Bare-Metal Framework 9.7.3. Using Symmetrical vs. Asymmetrical Multiprocessing (SMP vs. AMP) Modes
9.8. Assembling Your Software Development Platform for Linux* x
9.8.1. Golden System Reference Design (GSRD) for Linux* 9.8.2. Source Code Management Considerations
9.11. Boot And Configuration Considerations x
9.11.1. Configuration Sources 9.11.2. Configuration Flash 9.11.3. Configuration Clock 9.11.4. Selecting HPS Boot Options 9.11.5. HPS Boot Sources 9.11.6. Remote System Update (RSU)
9.13. Flash Considerations x
9.13.1. Flash Programming Method 9.13.2. Using a Single flash for Both FPGA Configuration and HPS Mass Storage
1. Introduction to the Intel Agilex® 7 Device Design Guidelines
2. System Specification
3. Device Selection
4. Security Considerations
5. Design Entry
6. Board and Software Considerations
7. Design Implementation, Analysis, Optimization, and Verification
8. Debugging
9. Embedded Software Design Guidelines for Intel Agilex® 7 SoC FPGAs

4. Security Considerations

Table 20.  Security Considerations Checklist
Number Done? Checklist Item
1   Consider whether your design requires device security features to be enabled. If so, plan to provide power to the VCCFUSEWR_SDM rail for authentication fuse management.
2   Consider whether your design requires bitstream encryption, and whether the encryption keys are stored in Battery-Backed RAM (BBRAM). If so, plan to provide power to the VCCBAT pin using a battery on the board.
3   Consider whether your design requires bitstream encryption, and whether the encryption keys are wrapped by IID PUF and stored in QSPI. If so, configuration mode needs to be Active Serial x4 (Normal or Fast mode) and the QSPI memory needs to be large enough to support the configuration and have memory space available (64 kB) for the PUF helper data.
4   Consider whether your design requires Black Key Provisioning or Attestation. If so, ensure there is no pull-down resistor on the TCK pin. An optional 10-kΩ pull-up resistor may be used to aid in noise suppression.
5   Consider whether your design requires Attestation. If so, configuration mode needs to be Active Serial x4 (Normal or Fast mode) and the QSPI memory needs to be large enough to support the configuration and have memory space available (128 kB) for the authority certificates.
6   Consider whether your design requires Physical Anti-Tamper, and whether the optional external response pins are to be used. If so, plan to use the correct SDM Optional Signal pins for TAMPERDETECTION and TAMPERRESPONSESTATUS.
Note: Physical Anti-Tamper is available only on non-VID parts.
7   Consider licensing terms that best suit your requirements for the available device variants.
Intel Agilex® 7 devices provide flexible and robust security features to protect sensitive data, intellectual property, and the device itself under both remote and physical attacks. Intel Agilex® 7 devices provide two main categories of security features:
  • Authentication—Authentication ensures that the device firmware and optionally the configuration bitstream are from a trusted source. Authentication is fundamental to Intel Agilex® 7 security in that any other Intel Agilex® 7 security features cannot be enabled without first enabling owner authentication. Device firmware authentication is always performed. Additionally, integrity verification of device firmware and bitstream is always performed in order to prevent an Intel Agilex® 7 device from loading a bitstream with unexpected changes, such as from corruption or malicious attack.
  • Encryption—Encryption protects confidential information in the owner configuration bitstream and reduces the threat of intellectual property theft.

When designing a system with an Intel Agilex® 7 device that utilizes the device security features, you must consider provisions for authentication key storage, permissions, and cancellation. You may also need to consider encryption key storage and management. The hash of the owner root public key is always stored in eFuses on an Intel Agilex® 7 device, and both Intel firmware key cancellation and owner authentication key cancellation are managed through eFuses as well. Therefore, it is important to provide appropriate power to the VCCFUSEWR_SDM pin. For more information about powering on VCCFUSEWR_SDM , refer to Intel Agilex® 7 Pin Connection Guidelines.

If bitstream encryption is enabled on the Intel Agilex® 7 device, you need to store the encryption key on the device. The encryption key may be stored in eFuses, Battery-Backed RAM (BBRAM) or QSPI. Storing the encryption key in eFuses is permanent, while storing the encryption key in BBRAM allows for key wipe or reprovisioning. If the design requires encryption key storage in BBRAM, a non-volatile battery must be connected to the VCCBAT pin. For more information about connecting a battery to the VCCBAT pin, refer to the Intel Agilex® 7 Pin Connection Guidelines. Storing the encryption key in QSPI requires the encryption key being wrapped using Intrinsic ID PUF. The use of Intrinsic ID technology requires a separate license agreement with IntrinsicID.  Intel® Quartus® Prime Pro Edition software restricts PUF operations, including enrollment and key wrapping, without the appropriate license.

If Attestation or Black Key Provisioning (BKP) is enabled on the Intel Agilex® 7 device, you need to use updated SDM firmware and use updated guidelines for TCK (JTAG clock).
  • You must update to the SDM firmware delivered with Intel® Quartus® Prime Pro Edition software version 21.3 and beyond.
  • For the TCK pin, ensure there is no pull-up down resistor on the TCK pin. Optionally, you may connect the TCK pin to the V CCIO_SDM supply using a 10-kΩ pull-up resistor to help with noise suppression.
Note: The existing guidance in the Intel Agilex® 7 Device Family Pin Connection Guidelines to connect TCK to a 1-kΩ pull-down resistor is included for noise suppression. The change in guidance to a 10-kΩ pull-up resistor is not expected to affect the device functionally.

For more information about connecting the TCK pin, refer to Intel Agilex® 7 Device Family Pin Connection Guidelines.


Section Content
Security Considerations Revision History

Related Information
Level Two Title