Device Provisioning

Zynq UltraScale+ Device Technical Reference Manual (UG1085)

Document ID
UG1085
Release Date
2022-09-15
Revision
2.3 English

Before the device can boot with the root of trust, a minimum amount of user information must be programmed or provisioned into the device. At a minimum, the hardware root of trust must be enabled and a hash of the user public key must be programmed into the device. This Figure shows the critical eFUSEs that must be programmed.

Figure 12-9:      Device Provisioning

X-Ref Target - Figure 12-9

X18923-device-provisioning.jpg

The generation of the primary and secondary key pairs is a user decision. Utilizing Xilinx tools, a hash of the each of the PPKs is obtained and programmed into the eFUSE locations on the device. If desired, the secondary public key identification (ID) can be programmed to a non-zero value.

 

IMPORTANT:   The Zynq Ultrascale+ MPSoC supports two PPKs. Both PPK hash values shall be programmed before fielding a system.

Finally, the hardware root of trust must be enabled by programming the fifteen (15) RSA enable eFUSEs. While programming, any one of the fifteen forces every boot to be authenticated. It is recommended that all 15 are programmed. The enable eFUSEs are implemented redundantly as a countermeasure against advanced physical modification attacks such as those using a focused ion beam (FIB).