Visible to Intel only — GUID: zor1616593125304
Ixiasoft
1. Intel Stratix 10 Device Security Overview
2. Authentication and Authorization
3. AES Bitstream Encryption
4. Device Provisioning
5. Advanced Features
6. Troubleshooting
7. Intel® Stratix® 10 Device Security User Guide Archives
8. Document Revision History for Intel® Stratix® 10 Device Security User Guide
3.3.1. Configuration Bitstream Encryption Using the Programming File Generator Graphical Interface
3.3.2. Configuration Bitstream Encryption Using the Programming File Generator Command Line Interface
3.3.3. Partially Encrypted Configuration Bitstream Generation Using the Command Line Interface
3.3.4. Partial Reconfiguration Bitstream Encryption
4.1. Using SDM Provision Firmware
4.2. Authentication Root Key Provisioning
4.3. Using QSPI Factory Default Helper Image on Owned Devices
4.4. Programming Key Cancellation ID Fuses
4.5. Security Setting Fuse Provisioning
4.6. AES Root Key Provisioning
4.7. Converting Owner Root Key, AES Root Key Certificates, and Fuse files to Jam STAPL File Formats
6.1. Using Quartus Commands in a Windows Environment Error
6.2. Generating a Private Key Warning
6.3. Adding a Signing Key to the Quartus Project Error
6.4. Generating Quartus Prime Programming File was Unsuccessful
6.5. Unknown Argument Errors
6.6. Bitstream Encryption Option Disabled Error
6.7. Specifying Correct Path to the Key
6.8. Using Unsupported Output File Type
Visible to Intel only — GUID: zor1616593125304
Ixiasoft
4.6.2.4. Querying Intrinsic ID PUF Activation Status
After you enroll the Intrinsic ID PUF, wrap an AES key, generate the flash programming files, and update the quad SPI flash, you power cycle your device to trigger PUF activation and configuration from the encrypted bitstream. The SDM reports the PUF activation status along with the configuration status. If PUF activation fails, the SDM instead reports the PUF error status. Use the quartus_pgm command to query the configuration status
Use the following command to query the activation status:
quartus_pgm -c 1 -m jtag --status --status_type=”CONFIG”
Here is sample output from a successful activation:
Response of CONFIG_STATUS Device is running in user mode 00006000 RESPONSE_CODE=OK, LENGTH=6 00000000 STATE=IDLE 00000000 Version C000000F MSEL=JTAG, nSTATUS=1, nCONFIG=1 80000002 CONF_DONE=0, INIT_DONE=1, CVP_DONE=0, SEU_ERROR=0, PROVISION_FW=1 00000000 Error location 00000000 Error details Response of PUF_STATUS 00001000 RESPONSE_CODE=OK, LENGTH=1 00000400 STATUS=PUF_ACTIVATION_SUCCESS, RELIABILITY_DIAGNOSTIC_SCORE=4