BBRAM Readback Protections

Zynq UltraScale+ Device Technical Reference Manual (UG1085)

Document ID
Release Date
2.3 English

In previous generations of Xilinx devices, the AES key stored in battery-backed RAM (known as BBR) could be read out for validation. The BBR had a protocol mechanism in which the key was erased prior to being able to program and verify the key. Although these protocol protection mechanisms still exist, the readback path for the key has been removed. The Zynq UltraScale+ MPSoC does not allow read back of the AES key in its BBRAM. Instead, when the key is written, a CRC32 value of that key is provided. After the key has been written, the device verifies that the key in storage matches the provided CRC32 value. The device then provides a pass or fail result.