Secure Lockdown

Zynq UltraScale+ Device Technical Reference Manual (UG1085)

Document ID
UG1085
Release Date
2022-09-15
Revision
2.3 English

Secure lockdown is a device state that occurs when:

A tamper event occurs when tamper monitor and response bits 2 or 3 are set for a given tamper event source.

A failure occurs during secure boot. Very early in the secure boot process all failures will result in secure lockdown. Once image loading has started, failures will only result in secure lockdown if the SEC_LK_eFUSE is programmed (see This Figure).

Secure lockdowns are processed by the CSU ROM. The CSU ROM performs the following steps during a secure lockdown:

1.Tri-state the MIOs.

2.Zeroize the AES keys and reset the   AES-GCM core.

3.Reset the APUs.

4.Reset the RPUs.

5.Disable the SRST pin.

6.Enable LPD/FPD isolation.

7.Enable the JTAG security gates (if not already enabled).

8.Toggle PROG_B to PL (this will clear whatever configuration is in the PL).

9.Instruct PMU to perform its lockdown.

10.PMU runs MBIST on the LPD, FPD and PMU.

11.PMU waits for PL housecleaning to complete.

12.PMU puts all blocks in reset.

13.PMU runs SCAN clear on the LPD and FPD if the LPD_SC and FPD_SC eFUSEs are programmed.

14.Secure Lockdown complete is asserted.

15.Optional (disabled by eFUSE)

a.PMU set bootmode to JTAG.

b.(optional) PMU triggers internal POR.

c.(optional) PS reboots, enabling the BSCAN capabilities. See This Figure for more details.