1.4. Secure Remote System Update
The BMC supports Secure RSU for the Intel® MAX® 10 BMC Nios® firmware and RTL image and Intel® Arria® 10 FPGA image updates with authentication and integrity checks. The Nios® firmware is in charge of authenticating the image during the update process. The updates are pushed over the PCIe interface to the Intel® Arria® 10 GT FPGA, which in turn writes it over the Intel® Arria® 10 FPGA SPI master to Intel® MAX® 10 FPGA SPI slave. A temporary flash area called staging area stores any type of authentication bitstream through SPI interface.
The BMC RoT design contains the cryptographic module which implements SHA2 256 bit hash verification function and ECDSA 256 P 256 signature verification function to authenticate the keys and user image. Nios® firmware uses the cryptographic module to authenticate the user signed image in the staging area. If authentication passes, the Nios® firmware copies the user image to user flash area. If the authentication fails, the Nios® firmware reports an error. Please refer to the Intel FPGA Programmable Acceleration Card N3000 Security User Guide for information on RoT and security features of the Intel® FPGA PAC N3000.