manualshive.com logo in svg

Xilinx Zynq-7000, Примечание к применению

Xilinx Zynq-7000 - мощный программируемый микропроцессорный комплекс, объединяющий процессор ARM с логикой программируемых вентилей. Чтобы узнать больше о возможностях этого устройства, загрузите бесплатный руководство пользователя с manualshive.com. В нем содержится вся необходимая информация для работы с Xilinx Zynq-7000.

Поделиться
Скачать
background image

XAPP1309 (v1.0) March 7, 2017

 1

www.xilinx.com

Summary

The secure boot functionality for the Zynq®-7000 All Programmable (AP) SoC provides the 

capability to authenticate all partitions loaded at boot using RSA-2048 authentication. It also 

supports advanced encryption standard (AES) encryption of partitions that need confidentiality. 

The Zynq-7000 AP SoC immutable BootROM includes security functions to provide a hardware 

root of trust (HROT) to protect against early load attacks.

This application note discusses a method to add measured boot capability to Zynq-7000 AP 

SoCs used in a connected environment. A server provides remote attestation that the 

embedded systems boot with trusted software over a secure network. The method uses a 

trusted platform module (TPM) to enhance the HROT functionality. The TPM provides 

cryptographic functions in a cost-effective, tamper-resistant device which are an effective 

complement to Zynq-7000 SoC security functions.

Download the 

reference design files

 for this application note from the Xilinx website.

Introduction

In most current applications, Xilinx FPGAs and SoCs are programmed once at the factory and 

often not reconfigured for the life cycle of the device. A method to add functionality and/or 

reduce the total cost of ownership (TCO) of an embedded system is to support field updates. In 

Zynq-7000 AP SoCs, the SoC and programmable logic can be updated, so field updates can be 

very effective. Field updates are typically done over the Internet, which opens up attacks on an 

embedded system to anyone with network access. Measured boot and network security are 

critical in firmware updates.

Figure 1

 shows an example system environment that uses measured boot. A server manages 

the software load, update, and validation of fielded, embedded systems based on the 

Zynq-7000 AP SoC. The embedded systems connect to the server using Ethernet. In addition to 

updating software on the embedded systems, the server verifies that the correct, trusted 

software is loaded. This verification by the server, done at boot and run time, is remote 

attestation.

Application Note: Zynq-7000 AP SoC

XAPP1309 (v1.0) March 7, 2017

Measured Boot of Zynq-7000 All 
Programmable SoCs

Author: Lester Sanders

Содержание Zynq-7000

Страница 1: ...ation note from the Xilinx website Introduction In most current applications Xilinx FPGAs and SoCs are programmed once at the factory and often not reconfigured for the life cycle of the device A meth...

Страница 2: ...etwork update the software re run remote attestation and allow the client to connect to the network if the software can be trusted Isolating a corrupted embedded system from the network limits its abi...

Страница 3: ...ts are transmitted to the server for remote attestation The TPM cryptographically signs the SHA 1 values in PCRs so that partition measurements are not transmitted from the embedded system in plain te...

Страница 4: ...rd Two USB type A to USB mini B cables for UART and JTAG communication Micro Secure Digital microSD memory card 16 GB Ethernet cable Xilinx Software Development Kit 2017 1 Xilinx Vivado Design Suite 2...

Страница 5: ...p for the single client system used in the reference design The client in the Avnet IIoT drives a communication terminal The strongSwan attestation server runs from VirtualBox A browser is used to vie...

Страница 6: ...icroZed and includes the strongSwan client software Prior to booting WRPL the Zynq 7000 AP SoC runs the FSBL The FSBL runs pre boot authentication on the BootROM and FSBL The FSBL then executes PCR ex...

Страница 7: ...rust In Zynq 7000 AP SoCs the HROT is based on the first code executed by the ARM CPU0 at power on The code is stored in on chip metal masked ROM and is referred to as BootROM code BootROM code is imm...

Страница 8: ...tems which use measured boot Secure boot and measured boot functionality are complementary Connecting embedded systems to a network provides a method for firmware updates Embedded systems connected to...

Страница 9: ...ents RIMs and acts according to a predefined policy In the reference design this is referred to as the policy decision point PDP After running measured boot a server website provides a summary of meas...

Страница 10: ...remote attestation of a client is based on a quote A quote is measurement or evidence on the partitions booted In TPM 1 2 an SHA 1 digest is used as the measurement for partitions loaded In TPM 2 0 a...

Страница 11: ...n extend the SHA 1 digests into the TPM s PCRs The SHA 1 values are calculated in sha1 c Code to take ownership and activate the TPM is in slb9670_tpm_spi c The PCRs are extended in slb9670_spi_tpm c...

Страница 12: ...rd PTS formats for interoperability between applications and vendors The policy decision point PDP defines the action taken by the server after measurement verification A typical policy action is to l...

Страница 13: ...nager The process is defined on the strongSwan website Conclusion Zynq 7000 AP SoCs provide significant advantages in their ability to program both hardware and software on the same device Cost effect...

Страница 14: ...You may not reproduce modify distribute or publicly display the Materials without prior written consent Certain products are subject to the terms and conditions of Xilinx s limited warranty please re...

Отзывы:

Нет отзывов

Похожие инструкции для Zynq-7000

Intel D510MO Specification Update preview
D510MO
Бренд: Intel Страницы: 6
Aaeon UP-CHT01 User Manual preview
UP-CHT01
Бренд: Aaeon Страницы: 30
Beck IPC@CHIP DB54 Hardware Manual preview
IPC@CHIP DB54
Бренд: Beck Страницы: 24
Ublox NORA-W10 Series User Manual preview
NORA-W10 Series
Бренд: Ublox Страницы: 22
Fastfame 9W AP Series User Manual preview
9W AP Series
Бренд: Fastfame Страницы: 41
JETWAY HBJC390F841VAG34B Technical Manual preview
HBJC390F841VAG34B
Бренд: JETWAY Страницы: 44
ASROCK X58 EXTREME6 - Manual preview
X58 EXTREME6 -
Бренд: ASROCK Страницы: 293
Vox PMB-472LF User Manual preview
PMB-472LF
Бренд: Vox Страницы: 93
Benezan Electronics Beamicon2Basic Installation Manual preview
Beamicon2Basic
Бренд: Benezan Electronics Страницы: 18
Texas Instruments DEM-DSD1796 User Manual preview
DEM-DSD1796
Бренд: Texas Instruments Страницы: 24
Lantronix xPico Wi-Fi Series User Manual preview
xPico Wi-Fi Series
Бренд: Lantronix Страницы: 29
NXP Semiconductors Lite5200B User Manual preview
Lite5200B
Бренд: NXP Semiconductors Страницы: 138
Xilinx ZC702 Si570 Programming Overview preview
ZC702 Si570
Бренд: Xilinx Страницы: 40
DFI HU101 User Manual preview
HU101
Бренд: DFI Страницы: 96
Protek MB 80 Manual preview
MB 80
Бренд: Protek Страницы: 2
ASROCK G PRO User Manual preview
G PRO
Бренд: ASROCK Страницы: 25
Yamaha F40 Owner'S Manual preview
F40
Бренд: Yamaha Страницы: 92
Yamaha F40F Owner'S Manual preview
F40F
Бренд: Yamaha Страницы: 96

Бренды по названию

Популярные бренды

Загрузить еще бренды