Physical Security

Zynq UltraScale+ MPSoC: A FIPS 140-3 Primer (WP543)

Document ID
WP543
Release Date
2024-08-28
Revision
1.0.1 English

The cryptographic module should employ mechanisms to restrict unauthorized physical access to the module and to prevent unauthorized modifications of its state to protect its data components and SSPs within the cryptographic boundary. The requirements in this clause define the single-chip, multiple-chip embedded, and multiple-chip standalone embodiments of the cryptographic module. SL1 requirements are met with production-grade components with standard passivation. SL2 requires the addition of tamper-evident technology and mechanisms to prevent the direct observation of critical information about the internal operations of the module (opaqueness). SL3 requires the addition of strong or hard enclosures with mechanisms for detecting and responding to tampering attempts at removable covers and doors and for resistance to direct probing via openings or entry points. A tamper response should involve the immediate zeroization of all the unprotected SSPs of the module upon detection. SL4 extends the SL3 requirements to require the use of detection and response mechanisms to the entire enclosure.

Compared to its predecessor, FIPS 140-3 moved the requirement for uniquely numbered or independently identifiable tamper-evident seals to SL3. Also, all cryptographic modules should either implement EFP features or undergo rigorous EFT at SL3. At SL4, the modules should implement EFP features and mechanisms for protection against fault induction. Both EFP features and EFT testing aim to ensure that the security of the module will not be compromised when the module is forced to function (accidental or induced) outside its specified normal operating range. Another change in FIPS 140-3 is that any tamper-evident material used for opaqueness should either be opaque or translucent within the visible spectrum.

With a wide range of security functions built into the Zynq UltraScale+ MPSoC (e.g., CSU for secure installation/boot of software and installation of cryptographic keys, hardware-based protection units for memory (XMPU) and peripherals (XPPU), etc.), many of these requirements can be easily met. The AMD application notes Developing Tamper-Resistant Designs with Zynq UltraScale+ Devices (XAPP1323), Isolation Design Flow for UltraScale+ FPGAs and Zynq UltraScale+ MPSoCs (XAPP1335), and Isolation Methods in Zynq UltraScale+ MPSoCs (XAPP1320) provide detailed information on these security features and how to use them.

In addition, the AMD SecMon IP provides tamper monitoring and response functions (e.g., JTAG port monitoring and BBRAM key zeroization). It does this by taking advantage of the active security features described in Developing Tamper-Resistant Designs with Zynq UltraScale+ Devices (XAPP1323) and combines them into a single IP block. SecMon can also be leveraged to provide the foundation for system-level zeroization response due to extensibility via additional system tamper event inputs. Because SecMon is part of the overall user design functionality, it must be integrated at the system level by the OEM.

Other physical security requirements are the responsibility of the OEM because the OEM provides the coatings and enclosures for the underlying cryptographic devices and functions.