Intel® Arria® 10 Hard Processor System Technical Reference Manual

ID 683711
Date 8/28/2023
Public
Document Table of Contents

8.1.3. Arria 10 HPS Secure Firewalls

You can use the system interconnect firewalls to enforce security policies for slave and memory regions in the system interconnect.

The firewalls support the following features:

  • Secure or non-secure access configurable per peripheral
  • Privileged or user access configurable for some peripherals
  • Per-transaction security
Each firewall contains the security configuration registers (SCRs) that set security policies and define which transactions are allowed to go through the firewall. If you want to generate an error any time a transaction is blocked in the firewall, then you must set the error_response bit in the global register of the noc_fw_ddr_l3_ddr_scr module at base address 0xFFD13400. If this bit is clear, transactions blocked by the firewall return random data.
Note: Future devices may not support the return of random data and may only support an error response for blocked firewall transactions. For designs that may be ported to future devices, Intel recommends you to set the error_response bit in the global register.

There are five main firewalls in the HPS:

  • Peripheral
  • System
  • HPS-to-FPGA
  • On-Chip RAM
  • SDRAM (which includes DDR and DDR L3 firewalls)