The HWRoT secure boot can be achieved differently in systems with external DRAM based on specific requirements and whether the external DRAM is considered secure.
Note: 2019.1 development tools, or subsequent releases, are used.
• Non-bitstream partitions are authenticated and/or decrypted by the FSBL or XilSecure. In both cases, the external DRAM, which is the final destination, is considered secure.
°The FSBL will copy the partition data from external non-volatile memory to the specified DRAM address and then authenticate and/or decrypt in place.
°XilSecure, when called, will authenticate and/or decrypt at the destination DRAM address. The partition must be copied into external DRAM before calling XilSecure.
• Bitstream partitions can be loaded by the FSBL or XilFPGA.
°The bitstream partition can be authenticated and/or decrypted in external DRAM by XilSecure and then loaded, in plain-text form, using XilFPGA. In this scenario, the external DRAM is assumed secure since authentication and decryption occurs in external DRAM.
°The bitstream partition can be authenticated by XilFPGA while in external DRAM. Once authentication is complete, XilFPGA will read the partition into the device where it is decrypted by the AES engine and then loaded into the programmable logic. Since authentication is performed in external DRAM, the external DRAM is assumed to be secure.
° The FSBL or XilFPGA can be used to authenticate and decrypt the bitstream using the Secure OCM method. This method does not require the DRAM to be secure.