SSI Devices Secure Lockdown - 2023.2 English

Versal Adaptive SoC System Software Developers Guide (UG1304)

Document ID
Release Date
2023.2 English

In SSI devices, a tamper condition can occur in any SLR and the PLM running on that SLR shall detect the tamper condition and notify other SLRs that tamper has occurred. The PLM running on other SLRs shall initiate secure lockdown of their respective SLR. Notifying of other SLRs must be done without depending on the NoC path.

For this purpose, the SSI_INT lines that are connected across SLRs are used. Once the basic NoC Path has been setup during the boot, these lines are no longer used for synchronization commands and are used for SSI technology events communication between the SLRs.

The wire used for ERROR_OUT from each secondary SLR is now reserved to trigger secure lockdown to the primary SLR from secondary SLR.

From primary SLR, the SSI_INT_OUT lines which are used for event notification (once PLM to PLM communication is enabled) can be reused to notify secure lockdown to secondary SLRs. The pulse duration on these lines is used as a criterion for secondary SLRs to differentiate between an Event notification and a secure lockdown notification. The short pulse on these lines indicates an Event notification, whereas a long pulse indicates that a secure lockdown must be performed on the SLR.