At the center of the device security is the configuration security unit (CSU). The CSU is composed of two main blocks as shown in This Figure. On the left is the secure processor block (SPB) that contains a triple redundant processor for controlling boot operation. It also contains an associated ROM, a small private RAM, the physically unclonable function (PUF), and the necessary control/status registers required to support all secure operations. The component on the right is the crypto interface block (CIB) and contains the AES-GCM, DMA, SHA-3, RSA, and PCAP interfaces.
Runtime access to the CSU can be controlled via the Xilinx peripheral protection unit (XPPU). The CSU has a number of responsibilities, including the following.
•Tamper monitoring and response.
•Secure key storage and management.
•Cryptographic hardware acceleration.