Intel® FPGA Programmable Acceleration Card D5005 Board Management Controller User Guide

ID 683811
Date 11/04/2019

1.6. Secure Remote System Update

The Intel® FPGA PAC D5005 provides a mechanism to securely update Nios® II firmware, Intel® MAX® 10 image, or Intel® Stratix® 10 FPGA image over PCIe interface from the host called Remote System Update (RSU). RSU can be used for the following three updates:
  • Intel MAX 10 image update
  • Nios® II firmware image update
  • FPGA Interface Manager (FIM) image update

The Nios® II firmware is in charge of authenticating the image during the update process. The updates are pushed over the PCIe interface to the Intel® Stratix® 10 SX FPGA, which in turn writes to the Intel® Stratix® 10 FPGA SPI master and finally to the Intel® MAX® 10 FPGA SPI slave. A temporary flash area called staging area stores any type of authentication bitstream through SPI interface.

BMC ROT contains the cryptographic module which implements SHA2-256 bit Hash verification function to authenticate the keys and ECDSA-256P-256 signature verification to authenticate your AFU. Nios® II Firmware uses the cryptographic module to authenticate the user signed image in the staging area, if authentication passes, Nios® II Firmware copies the user image to user flash area. If the authentication fails Nios® II Firmware reports an error. Please refer to the Security User Guide for the Intel FPGA Programmable Acceleration Card D5005 for information on RoT and security features of the Intel® FPGA PAC D5005.