FPGA non-volatile key and tamper bit protection

Hi,

Thank you for answering.

I'm sorry if my primary post isn't clear enough. I can access the EPCQ through its serial interface so it's really not the problem here.

My problem is :

Because I activated tamper-protection, FPGA only accepts encrypted configuration file. I need to program a key on FPGA to decrypt configuration file but I can't do this because JTAG is in secure mode. So I can't program FPGA with .ekp file.

I'm looking for a way to flash a key on FPGA, to be able to program FPGA with a configuration file.

Hi,

I have a 28nm device

Considering this part of AN556 :

I can only issue UNLOCK instruction using internal JTAG interface. My understanding is that interface can only be enabled by including a specific IP in FPGA design. Since I can't configure FPGA anymore, it is the same problem...

Regards

I just realized that I my primary post, I made a mistake. I talked about non-volatile key, which is not correct. I configured FPGA for a volatile key.

My issue still remains but I just wanted to correct my mistake and it seems I can't edit my post.

Hi,

• What are the process that you can do and you cannot do now?

What I can do : Flash FPGA configuration file in EPCQ

What I cannot do : Load a design into FPGA and program encryption key

• Can you program JTAG, AS?

I can program EPCQ with AS. I cannot program FPGA with JTAG because JTAG is in secure mode.

• Per my understanding, you cannot load the design into FPGA through due to you do not have the key? You can try to replace the flash and program again

Indeed I cannot load the design into FPGA but it has nothing to do with the flash.

My problem seems to be confusing so I will try to explain it again through a user case :

1. I try to load an unencrypted design into FPGA but it doesn't work. Why ?
2. Because I activated tamper bit protection (which is irreversible). What does tamper bit protection mean ?
3. It means that only encrypted FPGA configuration files are accepted. No worry ! I just have to encrypt my design. I do it but FPGA configuration step fails. Why ?
4. Because FPGA needs the encryption key to be able to decrypt the design. Let's try to program this key on FPGA. It fails. Why ?
5. Because JTAG is in secure mode. What does JTAG secure mode means ?
6. It means that I cannot program a device and I can only issue mandatory JTAG commands. Why is JTAG in secure mode ?
7. Because I activated it when I enabled tamper bit protection. Is there a way to disable JTAG secure mode ?
8. Yes ! There is one way : by issuing UNLOCK command. For 28nm devices (my device), you can only issue UNLOCK command through JTAG internal interface. How do I access JTAG internal interface ?
9. By adding a specific module in my FPGA design. Let's do this and configure FPGA with this new design. Configuration fails. Why ?
10. Back to step 1 : I cannot load a design into FPGA.

The question is : Considering this tamper bit activation, is there a way to configure FPGA ? Or a way to program a key ? Anything that could allow me to configure FPGA