Tamper Monitoring and Response

Versal ACAP Technical Reference Manual (AM011)

Document ID
AM011
Release Date
2022-04-26
Revision
1.4 English

Versal ACAPs provide a range of anti-tamper features to help secure applications and manage potential security threats. The Versal ACAP hardware provides features that not only detect security intrusions but also allow a response with selected penalties. This tamper resistance protection needs to be effective during all four phases of the system start-up.

  • Phase 1: Pre-boot (PMC hardware, power-up and reset)
  • Phase 2: Boot setup (RCU, initialization and boot header processing)
  • Phase 3: Load platform (PPU, boot image processing and configuration)
  • Phase 4: Post-boot (PPU, platform management and monitoring services)

Sensitive data can include the software and configuration data that sets up the functionality of the device logic, critical data, or parameters that might be included in the boot image (for example, initial memory contents and initial state). It also includes external data that is dynamically transported in and out of the device during the post-boot operation.

The primary function of the RCU post-boot is to monitor the system for tamper events. There are different monitoring functions that can be configured, including:

  • System Monitor (SYSMON) triggering limits for voltage and temperature alarms are user-defined and configured.
  • RCU can act as a centralized tamper monitor.
  • System extensible using MIO to trigger an external tamper event.
  • Detection of power supply glitches.
  • Detection of activity on debug ports (such as JTAG).