The functional blocks in a secure boot process are:
- Dedicated hardware state machines in the PMC
- PMC ROM code unit (RCU)
- PMC Platform processing unit (PPU)
The following figure shows the high-level boot flow summary.
After the power is applied to the device, the dedicated hardware state machines perform a series of mandatory tasks. First, all test interfaces (for example, JTAG) initialize to a known secure state. Second, all registers in the PMC are zeroized (reset + verification of reset state). Before execution of the PMC BootROM, the dedicated hardware hashes the immutable BootROM code using the SHA-3/384 engine and compares the calculated cryptographic hash against a golden copy stored in the device. If the hashes match, the integrity of the BootROM is validated, and the PMC RCU is released from reset. If the hash comparison fails an error is flagged. The default action is to log and continue until the PLM can determine what action to take. However, eFUSEs can be programmed to halt the secure boot process immediately and go into a secure lockdown state when an error occurs.
Once released, the PMC RCU becomes the center of the secure boot process. It is responsible for all mandatory and optional security operations, as well as the secure loading of the PLM. A list of all security checks at this phase are listed in the following table. Optional checks are enabled by programming eFUSEs.
Security Operation | Description | Optional? |
---|---|---|
Zeroize PMC RAM | The PMC RAM has zeros written to it and read back to confirm the write was successful | No |
User-defined environmental monitoring | Temperature and voltage are monitored to ensure operation within user-defined limits | Yes |
Known answer tests | Known answer tests are performed on the cryptographic engines used for loading the PLM prior to them being used | Yes |
NoC configuration (SSI technology devices only) | Configuration of the NoC on SSI technology devices | No |
The RCU also enforces the secure boot modes (A-HWRoT or S-HWRoT), if enabled. Once a device is configured in A-HWRoT or S-HWRoT boot mode, you cannot go back to an unsecure boot mode.
After all checks pass, the RCU securely loads the PLM (authenticated and, if desired, encrypted). Once loaded, the PLM can check the error messages from inside the device to determine what security actions, if any, are necessary.
The PLM runtime configuration registers area (RTCA) is a reserved space in the PMC RAM that stores status information about the Versal adaptive SoC including the secure boot state. The SECURE_BOOT_STATE register shows if the device was booted with encryption or authentication and what secure countermeasures were enabled.