Figure 2. Intel Stratix 10 Configuration Architecture Block Diagram
Configuration
Sector
Configuration
Sector
Configurable Network Interface
SDM Pins
Secure Device Manager
Dual Purpose IO
Intel Stratix 10 FPGA
Intel Stratix 10 SX Blocks
Intel Stratix 10 GX Blocks
Intel Stratix 10 TX Blocks
Intel Stratix 10 MX Blocks
Additional blocks in the
Intel Stratix 10 device variants:
SX: Includes Hard Processor System
MX: Includes High-Bandwidth Memory
TX: Includes High-Bandwidth XCVRs
GX: General Purpose FPGA
Configuration
Sector
Configuration
Sector
Configuration Network
Local Sector
Manager (LSM)
Local Sector
Manager (LSM)
Local Sector
Manager (LSM)
Local Sector
Manager (LSM)
1.2.1. Secure Device Manager
The SDM comprises peripherals, cryptographic IP and sensors, boot ROM, triple-
redundant lockstep processors, and other blocks shown the block diagram below. The
SDM performs and manages the following security functions:
• Configuration bitstream authentication: After power-on during startup, the SDM
triple-redundant lockstep processors run code from the boot ROM. The boot ROM
code authenticates the Intel-generated configuration bitstream, ensuring that
configuration bitstream is from a trusted source.
• Encryption: Encryption protects the configuration bitstream or confidential data
from unauthorized third-party access.
• Side channel attack protection: Side channel attack protection prevents AES Key
and confidential data under non-intrusive attacks.
• Integrity checking: Integrity checking verifies that an accidental event has not
corrupted the configuration bitstream. This function is active, even if you do not
enable authentication.
1. Intel
®
Stratix
®
10 Configuration Overview
UG-S10CONFIG | 2018.11.02
Send Feedback
Intel Stratix 10 Configuration User Guide
9