Self-tests

Zynq UltraScale+ MPSoC: A FIPS 140-3 Primer (WP543)

Document ID
WP543
Release Date
2024-08-28
Revision
1.0.1 English

The cryptographic module should run pre-operational and conditional tests by itself without any external intervention to verify that it runs as expected. Before the module starts outputting any data via the data output interface, it should have successfully passed all pre-operational self-tests to ensure it functions correctly. The pre-operational self-tests include tests for the cryptographic algorithm if the module contains a hardware component, including the hybrids types (see requirements in Cryptographic Module Specification). If the module has a software/firmware component, tests for software/firmware integrity are also necessary. For example, the AES cryptographic algorithm test is a type of known-answer test (KAT). Also, the clause requires self-tests for bypass mechanisms and for other critical functions provided by the module. Conditional self-tests should be executed whenever they are required by a security function that is about to be invoked. At SLs 3 and 4, FIPS 140-3 introduces the requirement for error logs to be kept with information, at a minimum, for the most recent error event upon a failing self-test so it can be examined by an authorized operator. If a module fails a self-test, it should enter an error state and either output an error message or allow the operator to determine that the module has entered an error state implicitly through an unambiguous procedure documented in the standard.

The hardened cryptographic functions of the Zynq UltraScale+ MPSoC do not automatically execute pre-operational KATs at the power-up of the device. However, a KAT can be added to the RSA-authenticated FSBL user code. The conditional test requires that an approved authentication mechanism is used when software is loaded. The Zynq UltraScale+ MPSoC's RSA authentication is approved and is run at boot time on all partitions loaded. The RSA authentication can be run periodically during runtime. If included, SecMon IP is continually performing configuration memory health checks in the background as well as internal watchdog checks. In addition to cryptographic and security self-tests, AMD provides extensive built-in self tests (BIST) and device driver self-test software, which can be run at start-up or periodically for testing the overall health of the system and SecMon IP.