Intel® FPGA Programmable Acceleration Card D5005 Board Management Controller User Guide

Download PDF
ID 683811
Date 11/04/2019
Public
Document Table of Contents
Document Table of Contents x
1. Intel FPGA Programmable Acceleration Card D5005 BMC Introduction 2. PLDM over MCTP SMBus 3. EEPROM Data Format 4. Revision History
1. Intel FPGA Programmable Acceleration Card D5005 BMC Introduction x
1.1. About this document 1.2. Overview 1.3. Root of Trust (RoT) 1.4. Power Sequence Management 1.5. Board Monitoring Through Sensors 1.6. Secure Remote System Update 1.7. FRUID EEPROM 1.8. MAC Address EEPROM
2. PLDM over MCTP SMBus x
2.1. SMBus Slave Address 2.2. SMBus Interface Speed 2.3. MCTP Packetization Support 2.4. Supported Command Sets 2.5. PLDM Topology and Hierarchy 2.6. Board Monitoring through I2C SMBus
1. Intel FPGA Programmable Acceleration Card D5005 BMC Introduction
2. PLDM over MCTP SMBus
3. EEPROM Data Format
4. Revision History

1.6. Secure Remote System Update

The Intel® FPGA PAC D5005 provides a mechanism to securely update Nios® II firmware, Intel® MAX® 10 image, or Intel® Stratix® 10 FPGA image over PCIe interface from the host called Remote System Update (RSU). RSU can be used for the following three updates:
  • Intel MAX 10 image update
  • Nios® II firmware image update
  • FPGA Interface Manager (FIM) image update

The Nios® II firmware is in charge of authenticating the image during the update process. The updates are pushed over the PCIe interface to the Intel® Stratix® 10 SX FPGA, which in turn writes to the Intel® Stratix® 10 FPGA SPI master and finally to the Intel® MAX® 10 FPGA SPI slave. A temporary flash area called staging area stores any type of authentication bitstream through SPI interface.

BMC ROT contains the cryptographic module which implements SHA2-256 bit Hash verification function to authenticate the keys and ECDSA-256P-256 signature verification to authenticate your AFU. Nios® II Firmware uses the cryptographic module to authenticate the user signed image in the staging area, if authentication passes, Nios® II Firmware copies the user image to user flash area. If the authentication fails Nios® II Firmware reports an error. Please refer to the Security User Guide for the Intel FPGA Programmable Acceleration Card D5005 for information on RoT and security features of the Intel® FPGA PAC D5005.

Level Two Title