Access to the PUF is restricted by the CSU. The CSU offers the PUF as a CSU service. The PUF can be accessed through the CSU registers. The CSU supports the user commands listed in Table: CSU User Commands.
This Figure shows a block diagram of how the PUF is connected inside the CSU.
The PUF undergoes a registration process when a key is initially loaded into the device. The registration process initializes the PUF so that a KEK is created. The registration software can then use the KEK to encrypt the user key and program the eFUSEs. Alternatively, the encrypted user key can be output for inclusion into a boot image. The registration software also programs the helper data into the eFUSEs. Alternatively, the helper data can be output for inclusion into a boot image. The helper data and the encrypted user key must be stored in the same location (i.e., both in eFUSE or both in the boot image).
When the device powers on, the CSU bootROM examines the authenticated boot image header. The boot image header contains information on whether the PUF is used, where the encrypted key is stored (eFUSE or boot image), and where the helper data is stored (eFUSE or boot image). The CSU then initializes the PUF, loads the helper data, and regenerates the KEK. This process is called regeneration. Once the KEK is regenerated, the CSU bootROM can use it to decrypt the user key, which is then used to decrypt the rest of the boot image.