There are a number of functional blocks involved in the secure boot process, including the following.
•Dedicated hardware state machines
•Platform management unit (PMU)
•Configuration and security unit (CSU)
The high level boot flow summary is shown in This Figure.
Once power is valid to the device, the dedicated hardware state machines perform a series of mandatory and optional tasks. The device includes test logic used by the developer for device verification and test. The test interfaces power up in a known secure state. The registers in the PMU are zeroized, which means zeros are written to them, and the zeros are readback to confirm they were written correctly. Optionally, a logic built in self test (LBIST) can be performed during boot. This option is enabled by programming the LBIST_EN eFUSE. LBIST is commonly used in functional safety applications, see Functional Safety for more details on what circuits of the device are covered via LBIST.
Note: Extra boot time is required when running LBIST.
Finally, the dedicated hardware sends the PMU immutable ROM code through the SHA-3/384 engine and compares the calculated cryptographic checksum to the golden copy stored in the device. If the cryptographic checksums match, the integrity of the PMU ROM is validated and the reset to the PMU is released. If any of these tasks fail, an error flag is set in the JTAG error status register (readable through JTAG). To prevent the error message from being readable through the JTAG error status register, the ERR_DIS eFUSE can be programmed.
The PMU performs a number of mandatory and optional security operations as listed in Table: PMU Security Operations. See Platform Management Unit for more information.
Once these security operations are complete, the PMU sends the CSU immutable ROM code through the SHA-3/384 engine and compares the calculated cryptographic checksum to the golden copy stored in the device. If the cryptographic checksums match, the integrity of the CSU ROM is validated and the reset to the CSU is released. If any of these tasks fail, an error flag is set in the JTAG error status register (readable through JTAG). The error message can be prevented from being read through the JTAG error status register by programming the ERR_DIS eFUSE. In the event of a PMU error, the default operation of the device is to continue the boot process and release the reset to the CSU. Once the design comes online, it can read the status of all the error messages from inside the device and determine whether or not to continue to operate. To make the device automatically go into lockdown when an error occurs during the boot process, the PBR_BOOT_ERROR eFUSE can be programmed.
The CSU is the center of the secure boot process. It enforces the hardware root of trust or encrypt only secure boot steps when they are enabled. The CSU also maintains the security state of the device by prohibiting the transition from a secure state to an unsecure state, or from an unsecure state to a secure state without a full POR. Once the FSBL (and, if applicable, the PMUFW) has been loaded securely, the CSU zeroizes the storage elements of the cryptographic engines and releases the reset to the specified processing unit (APU or RPU).