Intel® Agilex™ Device Security User Guide

ID 683823
Date 1/20/2022
Public

A newer version of this document is available. Customers should click here to go to the newest version.

Document Table of Contents

4.8. Security Setting Fuse Provisioning

You use the Intel® Quartus® Prime Programmer to examine device security setting fuses and write them to a text-based .fuse file.

The .fuse file contains a list of fuse name-value pairs. The value specifies whether a fuse has been blown or the contents of the fuse field.

The following example shows the format of the .fuse file.
# Co-signed firmware                       = "Not blown"
# Device Permit Kill                       = "Not blown"
# Device not secure                        = "Not blown"
# Disable HPS debug                        = "Not blown"
# Disable Intrinsic ID PUF enrollment      = "Not blown"
# Disable JTAG                             = "Not blown"
# Disable PUF-wrapped encryption key       = "Not blown"
# Disable owner encryption key in BBRAM    = "Not blown"
# Disable owner encryption key in eFuses   = "Not blown"
# Disable owner root public key hash 0     = "Not blown"
# Disable owner root public key hash 1     = "Not blown"
# Disable owner root public key hash 2     = "Not blown"
# Disable virtual eFuses                   = "Not blown"
# Force SDM clock to internal oscillator   = "Not blown"
# Force encryption key update              = "Not blown"
# Intel explicit key cancellation          = "0"
# Lock security eFuses                     = "Not blown"
# Owner encryption key program done        = "Not blown"
# Owner encryption key program start       = "Not blown"
# Owner explicit key cancellation 0        = ""
# Owner explicit key cancellation 1        = ""
# Owner explicit key cancellation 2        = ""
# Owner fuses                              = 
 "0x00000000000000000000000000000000000000000000000000000
    00000000000000000000000000000000000000000000000000000
    0000000000000000000000"
# Owner root public key hash 0             = 
 "0x00000000000000000000000000000000000000000000000000000
    0000000000000000000000000000000000000000000"
# Owner root public key hash 1             = 
 "0x00000000000000000000000000000000000000000000000000000
    0000000000000000000000000000000000000000000"
# Owner root public key hash 2             = 
 "0x00000000000000000000000000000000000000000000000000000
    0000000000000000000000000000000000000000000"
# Owner root public key size               = "None"
# PTS counter                              = "0"
# PTS counter base                         = "0"
# QSPI start up delay                      = "10ms"
# RMA Counter                              = "0"
# SDMIO0 is I2C                            = "Not blown"
# SVN counter A                            = "0"
# SVN counter B                            = "0"
# SVN counter C                            = "0"
# SVN counter D                            = "0"
You modify the .fuse file to set the desired security setting fuses. A line that begins with # is treated as a comment line. To program a security setting fuse, you must remove the leading # and set the value to Blown. For example, to enable the Co-signed Firmware security setting fuse, you modify the first line of the fuse file to the following:
Co-signed firmware = "Blown"

You may also allocate and program the Owner Fuses according to your requirements.

The following fields are not writable through the .fuse file method; however, they are included during the examine operation output for verification:
  • Device not secure
  • Device permit kill
  • Disable owner root public key hash 0
  • Disable owner root public key hash 1
  • Disable owner root public key hash 2
  • Intel key cancellation
  • Owner encryption key program start
  • Owner encryption key program done
  • Owner key cancellation
  • Owner public key hash
  • Owner public key size
  • Owner root public key hash 0
  • Owner root public key hash 1
  • Owner root public key hash 2
  • PTS counter
  • PTS counter base
  • QSPI start up delay
  • RMA counter
  • SDMIO0 is I2C
  • SVN counter A
  • SVN counter B
  • SVN counter C
  • SVN counter D
You use the Intel® Quartus® Prime Programmer to program the .fuse file back to the device. If you add the i option, the Programmer automatically loads the provision firmware to program the security setting fuses.
//For physical (non-volatile) eFuses 
quartus_pgm -c 1 -m jtag -o "pi;programming_file.fuse" --non_volatile_key
//For virtual (volatile) eFuses 
quartus_pgm -c 1 -m jtag -o "pi;programming_file.fuse"

Did you find the information on this page useful?

Characters remaining:

Feedback Message