| Disable
JTAG
|
Disables JTAG command and configuration of the
device. Setting this eliminates JTAG as mode of attack, but also
eliminates boundary scan functionality. |
- Off—inactive
- On—active until wipe of containing design
- On
sticky—active until next POR
- On
check—checks for corresponding blown fuse
|
| Force SDM clock to
internal oscillator
|
Disables an external clock source for the SDM. The
SDM must use the internal oscillator. Using an internal oscillator is
more secure than allowing an external clock source for
configuration. |
| Force encryption key
update
|
Specifies that the encryption key must update by
the frequency that you specify for the Encryption update ratio option. The default ration
value is 31:1. Encryption supports up to 20 intermediate keys. |
| Disable virtual
eFuses
|
Disables the eFuse virtual programming
capability. |
| Lock security
eFuses
|
Causes eFuse failure if the eFuse CRC does not
match the calculated value. |
| Disable HPS
debug
|
Disables debugging through the JTAG interface to
access the HPS. |
| Disable encryption key
in eFuses |
Specifies that the device cannot use an AES key stored in eFuses. Rather, you can provide an extra level of security by storing the AES key in BBRAM. |
| Disable encryption key
in BBRAM
|
Specifies that the device cannot use AES key stored in BBRAM. Rather, you can provide an extra level of security when you store the AES key in eFuses. |