Intel® Cyclone® 10 GX Core Fabric and General Purpose I/Os Handbook

ID 683775
Date 10/31/2022
Public
Document Table of Contents

7.5.2. Security Modes

Table 81.  Security Modes Available in Intel® Cyclone® 10 GX Devices
Note: For additional details on these instructions or how to burn the fuse for each mode, contact your Intel technical support. Alternatively, you can use the Qcrypt tool to enable all of these design security modes. The Qcrypt tool provides an impermanent solution compared to the burning the fuse which has the one-time programming limitation.
Security Mode JTAG Instruction Security Feature
JTAG Secure24 EXT_JTAG_SECURE Allows only mandatory IEEE Std. 1149.1 BST JTAG instructions. See Table 82.
Tamper Protection OTP_VOLKEY_SECURE Allows only configuration file encrypted with the correct key to be loaded into the Intel® Cyclone® 10 GX device. Unencrypted or wrong encryption key will result in configuration failure.
JTAG Bypass EXTERNAL_JTAG_BYPASS Disables all the direct control from external JTAG pins. Compared to the JTAG Secure mode, devices in JTAG Bypass mode allow access to external JTAG pins through internal JTAG core.
Key Related Instruction Disable KEY_EXT_JTAG_DISABLE Disables all JTAG instructions related to AES key issued from the external JTAG pins.
Volatile Key Lock VOLKEY_LOCK Locks the volatile key being zeroed-out or reprogrammed. However, you can erase the volatile key using KEY_CLR_VREG instruction. You can issue the VOLKEY_LOCK instruction only after volatile key is programmed into the device.
Volatile Key Disable VOLKEY_DISABLE Disables any future volatile key programming. If there is an existing volatile key programmed into the device, it will not be used to decrypt the configuration file.
Non-Volatile Key Disable OTP_DISABLE Disables any future non-volatile key programming. If there is an existing non-volatile key programmed into the device, it will not be used to decrypt the configuration file.
Test Disable Mode TEST_DISABLE Disables all test modes and all test-related JTAG instructions. This process is irreversible and prevents Intel from carrying out failure analysis.
24 Enabling the JTAG Secure or Test Disable mode disables the test mode in Intel® Cyclone® 10 GX devices and disables programming through the JTAG interface. This process is irreversible and prevents Intel from carrying out failure analysis.

Did you find the information on this page useful?

Characters remaining:

Feedback Message