Intel® MAX® 10 FPGA Configuration User Guide

Download PDF
ID 683865
Date 3/27/2023
Public
Document Table of Contents
Document Table of Contents x
1. Intel® MAX® 10 FPGA Configuration Overview 2. Intel® MAX® 10 FPGA Configuration Schemes and Features 3. Intel® MAX® 10 FPGA Configuration Design Guidelines 4. Intel® MAX® 10 FPGA Configuration IP Core Implementation Guides 5. Dual Configuration Intel® FPGA IP Core References 6. Unique Chip ID Intel® FPGA IP Core References 7. Document Revision History for the Intel® MAX® 10 FPGA Configuration User Guide
2. Intel® MAX® 10 FPGA Configuration Schemes and Features x
2.1. Configuration Schemes 2.2. Configuration Features 2.3. Configuration Details
2.1. Configuration Schemes x
2.1.1. JTAG Configuration 2.1.2. Internal Configuration
2.1.1. JTAG Configuration x
2.1.1.1. JTAG Pins
2.1.2. Internal Configuration x
2.1.2.1. Internal Configuration Modes 2.1.2.2. Configuration Flash Memory 2.1.2.3. In-System Programming 2.1.2.4. Initialization Configuration Bits 2.1.2.5. Internal Configuration Time
2.1.2.2. Configuration Flash Memory x
2.1.2.2.1. Configuration Flash Memory Sectors 2.1.2.2.2. Configuration Flash Memory Programming Time
2.1.2.3. In-System Programming x
2.1.2.3.1. ISP Clamp 2.1.2.3.2. Real-Time ISP 2.1.2.3.3. ISP and Real-Time ISP Instructions
2.2. Configuration Features x
2.2.1. Remote System Upgrade 2.2.2. Configuration Design Security 2.2.3. SEU Mitigation and Configuration Error Detection 2.2.4. Configuration Data Compression
2.2.1. Remote System Upgrade x
2.2.1.1. Remote System Upgrade Flow 2.2.1.2. Remote System Upgrade Circuitry 2.2.1.3. User Watchdog Timer 2.2.1.4. Dual Configuration Intel® FPGA IP Core
2.2.1.2. Remote System Upgrade Circuitry x
2.2.1.2.1. Remote System Upgrade Circuitry Signals 2.2.1.2.2. Remote System Upgrade Circuitry Input Control 2.2.1.2.3. Remote System Upgrade Input Register 2.2.1.2.4. Remote System Upgrade Status Registers 2.2.1.2.5. Master State Machine
2.2.2. Configuration Design Security x
2.2.2.1. AES Encryption Protection 2.2.2.2. Unique Chip ID 2.2.2.3. JTAG Secure Mode 2.2.2.4. Verify Protect 2.2.2.5. JTAG Instruction Availability 2.2.2.6. Configuration Flash Memory Permissions
2.2.2.1. AES Encryption Protection x
2.2.2.1.1. Encryption and Decryption
2.2.2.2. Unique Chip ID x
2.2.2.2.1. Unique Chip ID Intel® FPGA IP Core
2.2.2.3. JTAG Secure Mode x
2.2.2.3.1. JTAG Secure Mode Instructions
2.2.2.6. Configuration Flash Memory Permissions x
2.2.2.6.1. Flash Region Access Control and Immutability
2.2.3. SEU Mitigation and Configuration Error Detection x
2.2.3.1. Configuration Error Detection 2.2.3.2. User Mode Error Detection 2.2.3.3. Error Detection Timing 2.2.3.4. Recovering from CRC Errors
2.2.3.2. User Mode Error Detection x
2.2.3.2.1. Error Detection Block 2.2.3.2.2. CHANGE_EDREG JTAG Instruction
2.2.3.3. Error Detection Timing x
2.2.3.3.1. Error Detection Frequency 2.2.3.3.2. Cyclic Redundancy Check Calculation Timing
2.3. Configuration Details x
2.3.1. Configuration Sequence 2.3.2. Intel® MAX® 10 Configuration Pins
2.3.1. Configuration Sequence x
2.3.1.1. Power-up 2.3.1.2. Configuration 2.3.1.3. Configuration Error Handling 2.3.1.4. Initialization 2.3.1.5. User Mode
2.3.1.1. Power-up x
2.3.1.1.1. POR Monitored Voltage Rails for Single-supply and Dual-supply Intel® MAX® 10 Devices 2.3.1.1.2. Monitored Power Supplies Ramp Time Requirement for Intel® MAX® 10 Devices
3. Intel® MAX® 10 FPGA Configuration Design Guidelines x
3.1. Dual-Purpose Configuration Pins 3.2. Configuring Intel® MAX® 10 Devices using JTAG Configuration 3.3. Configuring Intel® MAX® 10 Devices using Internal Configuration 3.4. Implementing ISP Clamp in Intel® Quartus® Prime Software 3.5. Accessing Remote System Upgrade through User Logic 3.6. Error Detection 3.7. Enabling Data Compression 3.8. AES Encryption 3.9. Intel® MAX® 10 JTAG Secure Design Example
3.1. Dual-Purpose Configuration Pins x
3.1.1. Guidelines: Dual-Purpose Configuration Pin 3.1.2. Enabling Dual-Purpose Pin
3.1.1. Guidelines: Dual-Purpose Configuration Pin x
3.1.1.1. JTAG Pin Sharing Behavior
3.2. Configuring Intel® MAX® 10 Devices using JTAG Configuration x
3.2.1. Auto-Generating Configuration Files for Third-Party Programming Tools Generating Third-Party Programming Files using Intel® Quartus® Prime Programmer 3.2.3. JTAG Configuration Setup 3.2.4. ICB Settings in JTAG Configuration
3.3. Configuring Intel® MAX® 10 Devices using Internal Configuration x
3.3.1. Selecting Internal Configuration Modes 3.3.2. .pof and ICB Settings 3.3.3. Programming .pof into Internal Flash
3.3.2. .pof and ICB Settings x
3.3.2.1. Auto-Generated .pof 3.3.2.2. Generating .pof using Convert Programming Files Generating Third-Party Programming Files using Intel® Quartus® Prime Programmer
3.4. Implementing ISP Clamp in Intel® Quartus® Prime Software x
3.4.1. Creating IPS File 3.4.2. Executing IPS File
3.6. Error Detection x
3.6.1. Verifying Error Detection Functionality 3.6.2. Enabling Error Detection 3.6.3. Accessing Error Detection Block Through User Logic
3.7. Enabling Data Compression x
3.7.1. Enabling Compression Before Design Compilation 3.7.2. Enabling Compression After Design Compilation
3.8. AES Encryption x
3.8.1. Generating .ekp File and Encrypt Configuration File 3.8.2. Generating .jam/.jbc/.svf file from .ekp file 3.8.3. Programming .ekp File and Encrypted POF File 3.8.4. Encryption in Internal Configuration
3.8.3. Programming .ekp File and Encrypted POF File x
3.8.3.1. Programming .ekp File and Encrypted .pof Separately 3.8.3.2. Integrate the .ekp into .pof Programming
3.9. Intel® MAX® 10 JTAG Secure Design Example x
3.9.1. Internal and External JTAG Interfaces 3.9.2. JTAG WYSIWYG Atom for JTAG Control Block Access Using Internal JTAG Interface 3.9.3. Executing LOCK and UNLOCK JTAG Instructions 3.9.4. Verifying the JTAG Secure Mode
4. Intel® MAX® 10 FPGA Configuration IP Core Implementation Guides x
4.1. Unique Chip ID Intel® FPGA IP Core 4.2. Dual Configuration Intel® FPGA IP Core
4.1. Unique Chip ID Intel® FPGA IP Core x
4.1.1. Instantiating the Unique Chip ID Intel® FPGA IP Core 4.1.2. Resetting the Unique Chip ID Intel® FPGA IP Core
4.2. Dual Configuration Intel® FPGA IP Core x
4.2.1. Instantiating the Dual Configuration Intel® FPGA IP Core
5. Dual Configuration Intel® FPGA IP Core References x
5.1. Dual Configuration Intel® FPGA IP Core Avalon® Memory-Mapped Address Map 5.2. Dual Configuration Intel® FPGA IP Core Parameters
6. Unique Chip ID Intel® FPGA IP Core References x
6.1. Unique Chip ID Intel® FPGA IP Core Ports
1. Intel® MAX® 10 FPGA Configuration Overview
2. Intel® MAX® 10 FPGA Configuration Schemes and Features
3. Intel® MAX® 10 FPGA Configuration Design Guidelines
4. Intel® MAX® 10 FPGA Configuration IP Core Implementation Guides
5. Dual Configuration Intel® FPGA IP Core References
6. Unique Chip ID Intel® FPGA IP Core References
7. Document Revision History for the Intel® MAX® 10 FPGA Configuration User Guide

2.2.2.1. AES Encryption Protection

The Intel® MAX® 10 design security feature provides the following security protection for your designs:

  • Helps protect against copying—the non-volatile key is securely stored in the Intel® MAX® 10 devices and cannot be read through any interface. Without this key, attackers are unable to decrypt the encrypted configuration image.
  • Helps resist reverse engineering—reverse engineering from an encrypted configuration file is very difficult and time consuming because the file requires decryption.
  • Helps defend against tampering—after you enable the JTAG Secure and Encrypted POF (EPOF) only, the Intel® MAX® 10 device can only accept configuration files encrypted with the same key. Additionally, configuration through the JTAG interface is blocked.

Section Content
Encryption and Decryption

Related Information
Level Two Title