Altera FPGAs
Altera FPGAs: Easily Improving Supply Chain Security
Security design has evolved from a “nice to have” to a set of strict standards for any products with a digital component because so many devices are connected nowadays. Certain industries, such as government, avionics, automotive, medical, and industrial, have had security requirements in place for a while. The Cyber Resilience Act, which the EU adopted in late 2024, is one example of how attention is now shifting to all connected items. Instead of spending all of their time on the design, design engineers will need to invest important time in understanding how to defend their goods.
Altera has had industry-leading security features built in for more than ten years, which is fortunate for people who use FPGAs. Intel clients may get a high level of security simply by turning them on. Even tiny Altera devices can contribute to high resistance to common dangers for design engineers considering an FPGA for their next project.
The security requirements of today fall into three broad categories: supply chain security, data security, and design security. These requirements go beyond simply supporting encryption.
Design security takes into account the need to keep complete control over your product at all times. This often focusses on the system’s most intelligent device and takes the shape of system security by design. An intelligent device must be able to safely start up and establish the root of trust (ROT) for both the system it is connected to and itself when the system is powered on. After ROT is formed, Altera devices’ numerous design security features become accessible. Agilex devices, for instance, come with the most recent version of Secure Device Manager (SDM), a versatile security subsystem that initiates ROT first before offering security services to the entire system.
A high-level block diagram of the SDM that is part of the Agilex 7 family is displayed in Figure 1 below. This extremely powerful subsystem runs the Altera FPGAs security features from power on by using redundant processors. Tamper detection, single event upset monitoring, safe management of cryptographic keys and operations, secure FPGA and HPS configuration, and many other duties fall within the purview of the SDM.
Please refer to Altera’s Security Overview for SDM-Based FPGA Devices for a more thorough examination of the SDM’s capabilities, or see the Configuration User Guide for technical details specific to the Agilex 7 and Agilex 5 product families (section 1.2.1 and 1.2.1, respectively).
How can you be sure your system hasn’t been compromised once it’s been deployed? This is where Attestation, another unique SDM feature, comes in handy. Attestation offers a related service where the system must authenticate its identity and status to show it has not been altered, whereas authentication verifies and authorises an Altera FPGAs or software image to switch on. This can be used at any moment as a “gate” to allow the owner to make changes to the system or as a test to initiate a mitigation plan in the event that attestation is unsuccessful.
The second need category, data security, aims to protect all data that the system handles or transmits. As previously stated, the SDM is equipped with a cryptographic engine that can use a variety of techniques to assist safeguard any “sensitive” data that may be impacted by the FPGA fabric or FPGA-embedded ARM HPS. These cryptographic services include HMAC-based signature creation and verification for integrity and authentication, as well as Secure Data Object Storage (SDOS), which offers cryptography for data storage. AES, HMAC, SHA-2, and ECDSA algorithms can be used in the different cypher, integrity, and authentication functions required. Similar functions are provided that can work on any data referred to by the HPS or FPGA fabric.
A MACsec IP solution that can operate at up to 200 Gbps per instance (half-duplex) is also available on a few Agilex 7 devices. The accessible AES hard accelerator block is employed in this function and may also be utilised in other IP systems. Its support up to 800 Gbps of MACsec bandwidth in Agilex 7 devices with up to 4 instances.
The requirements for supply chain security begin with the parts you select for your design and extend throughout the product’s production, delivery, upkeep, and end-of-life. To solve flaws in the ecosystem around the production of electronics, Altera has expanded its security capabilities.
For instance, dealing with a third-party Original Design Manufacturer (ODM) who may be utilised to program device keys raises frequent concerns about confidentiality. Black key provisioning, which Altera supports in order to handle this situation, securely conceals your device keys wherever they are programmed when used in conjunction with the SDM. Similar to a digital fingerprint, it physically unclonable function (PUF) is another feature that helps safeguard your device from within. The internal PUF key can never truly leave the device with extremely secure manufacturing process, guaranteeing its safety and protection of valuable assets. Additionally, the PUF key serves as evidence that you are in possession of an authentic Altera product rather than a fake one.
Other features of supply chain security include:
- Secure remote update: IP that allows you to safely update your software and FPGA images once your system has been made available to clients.
- Collect system data for debugging without granting access to internal IP, data, or system control. This is known as secure debugging.
- Transfer of ownership: Either assign ownership to a third party or establish multi-tenant ownership.
- The end of life Decommissioning: Use cryptography to remove the device’s special secrets and stop it from being setup.
Synopsis and Conclusion
For more than ten years, Altera devices have had security features, and since the Secure Device Manager (SDM) was released in 2016, they have been adding ever-more-advanced features. The SDM’s adaptability, durability, and updateability have allowed clients to create far more secure solutions.
