System-Level Protections - 2020.2 English

Zynq UltraScale+ MPSoC Software Developer Guide (UG1137)

Document ID
UG1137
Release Date
2021-01-05
Version
2020.2 English

The system-level protection mechanism involves the following areas:

  • Zynq UltraScale+ MPSoC system software stack relies on the Arm Trusted Firmware (ATF). Protection can be enhanced even further by configuring the XMPU and XPPU to provide the system-level run-time security.
    • Protection against buggy or malicious software (erroneous software) from corrupting system memory or causing a system failure.
    • Protection against incorrect programming, or malicious devices (erroneous hardware) from corrupting system memory or causing a system failure.
    • Memory (DDR, OCM) and peripherals (peripheral control, SLCRs) are protected from illegal accesses by erroneous software or hardware to protect the system.
  • The Xilinx memory protection unit (XMPU) enforces memory partitioning and TrustZone (TZ) protection for memory and FPD slaves. The XMPU can be configured to isolate a master or a given set of masters to a developer-defined set of address ranges.
  • The Xilinx peripheral protection unit (XPPU) provides LPD peripheral isolation and inter-processor interrupt (IPI) protection. The XPPU can be configured to permit one or more masters to access an LPD peripheral. For more information, see the XPPU Protection of Slaves section of the Zynq UltraScale+ Device Technical Reference Manual (UG1085).