Secure Device Manager for Intel® FPGAs

Available with both Intel® Stratix® 10 and Intel® Agilex™ FPGAs, Secure Device Manager (SDM) is a hardware-enabled security and manageability module. SDM controls key device configuration settings for Intel® FPGAs and gives users control over the FPGA fabric, embedded IP blocks, and I/O blocks. The SDM operates on updateable firmware, making Intel® FPGAs patchable and updateable in response to the most common bitstream protocol vulnerabilities discovered by researchers. SDM is glitch resistant with physically uncloneable key protection, and provides more secure root key and device identity protection.

In the latest Intel® Agilex™ F-series and I-series FPGAs with 019 and 023 densities, the SDM is being updated to comply with FIPS 140-3 1.2 security requirements for crypto modules.

Download the white paper ›

Security Applications Run Fast on Intel® FPGAs

Intel offers broad ecosystem support for programmable FPGAs and SoCs with hardened encryption blocks in Intel® Agilex™ FPGAs.

FPGA Security Technical Specifications

Multiple entry points across the Intel® FPGA portfolio for data security give network builders the flexibility to find the right balance of performance, power, and features.

Intel® Agilex™ FPGAs

Intel® Agilex™ FPGA Series

F-Series

Flexible range of applications

I-Series

Bandwidth-intensive apps

M-Series

Compute-intensive apps

Up to 58 Gbps transceivers Up to 116 Gbps transceivers Up to 116 Gbps transceivers
PCIe Gen 4 PCIe Gen 5 PCIe Gen 5
DDR4 SDRAM DDR4 SDRAM DDR5 and Intel® Optane™ persistent memory
(Optional) Quad-core Arm Cortex-A53 SoC Quad-core Arm Cortex-A53 SoC Quad-core Arm Cortex-A53 SoC
  Compute Express Link (CXL) to Intel® Xeon® Scalable processors Compute Express Link (CXL) to Intel® Xeon® Scalable processor
    High-Bandwidth Memory

Intel® Stratix® 10 FPGAs

Intel® Stratix® 10 FPGA Series

GX Series

High-throughput systems

SX Series

Embedded performance and power efficiency

TX Series

5G communications, cloud computing, NFV

DX Series

Bandwidth-intensive, custom servers for CSPs

NX Series

Optimized for AI applications

28 Gbps NRZ transceivers 28 Gbps NRZ transceivers 28 Gbps NRZ transceivers or 58 Gbps PAM-4 transceivers 58 Gbps PAM-4 transceivers 58 Gbps PAM-4 transceivers
PCIe Gen 3 PCIe Gen 3 PCIe Gen 3 PCIe Gen 4 PCIe Gen 3
  Quad-core Arm Cortex-A53 Quad-core Arm Cortex-A53 Quad-core Arm Cortex-A53 Quad-core Arm Cortex-A53
      Up to 512 Gbps HBM2 DRAM SIP Up to 512 Gbps HBM2 DRAM SIP
    Dual mode modulation for backwards compatibility Intel® Ultra Path Interconnect (Intel® UPI) for direct connection to Intel® Xeon® Scalable processors AI Tensor Block with up to 143 INT8 TOPS at ~1 TOPS/W

Get Started with Intel® Agilex™ FPGAs


Contact your Intel representative for more information about Intel® Agilex™ F-Series and I-Series FPGA devices with hard crypto blocks.

Frequently Asked Questions

Field programmable gate arrays (FPGAs) are integrated circuits with logic that can be programmed or changed before or after deployment. FPGAs are often used to offload key workloads from other processors, like the CPU, to improve overall system performance. Multiple FPGAs can be deployed in a configuration, allowing for greater parallelization of workloads. In the context of data security, Intel® FPGAs also offer dedicated hardware blocks for data encryption, to help improve the performance and security of network traffic.

FPGAs can help harden a network from malware and other attacks by accelerating data encryption and making it more efficient. There are no specific threats that FPGAs are designed to defend against. However, Intel® FPGAs also offer embedded security and manageability features, like Secure Device Manager, that help prevent the FPGA from being compromised.

Telcos, CSPs, enterprise data centers, and virtually any business with a network can benefit from FPGA data security. FPGAs can be used to help secure data the moment it enters the network perimeter through remote waystations, Ethernet pipelines, VPN endpoints, or other channels. In many cases, it pays to encrypt data at every node in the fabric, and not just at the perimeter, to help defend against internal vectors of attack.