When Program BBR Key... is selected you have the ability to browse to the recently generated NKY file in the project directory. After you add the NKY file you also have the ability to double check the key value and verify that this is the AES key you intend to program into the device. (See This Figure .)
Note: If the NKY file contains an KeyObfuscate field because the BITSTREAM.ENCRYPTION.OBFUSCATEKEY property was enabled prior to write_bitstream, then the obfuscated key flag in the eFUSE or BBRAM is automatically set by Vivado software during programming of the AES-256 key.
The Enable DPA_PROTECT check box enables the BBRAM Configuration Counting DPA Protection mechanism.
• DPA_COUNT specifies the initial load value for the configuration counter. Once the count reaches 0, the BBRAM is erased.
• DPA_MODE specifies under what conditions the DPA_COUNT should be decremented. The 2 choices are INVALID_CONFIGURATIONS, which is the typical DPA setting, and ALL_CONFIGURATIONS, which decrement the count on every configuration so that the device has a fixed number of configurations to be used.