Both the BBRAM and eFUSE 256-bit symmetric keys can only be loaded onto a device through the JTAG interface using the Vivado Device Programmer tool. For UltraScale devices, this key loading path is write-only to the device. There is no physical data path to read back either key. When a key is written to the device via JTAG, a key integrity check is initiated by writing the expected CRC32 value via JTAG to the device. An actual CRC32 integrity check is calculated on the stored key by the device (internally) and compared to the expected CRC32 that was just received via the JTAG port. A pass/fail type result is then written out by the device to the JTAG port instead of the actual key data to signify integrity status. Removing the physical readback path for the key increases the security of the stored key.