How to use FPGA SoCs for secure and connected hard real-time systems
workloads include a linear algebra routine derived from LINPACK, a fast Fourier transform, a neural net algorithm for pattern evaluation, and an improved version of the Livermore loops benchmark. JPEG compression, an XML parser, ZIP compression, and a 256-bit secure hash algorithm (SHA-256) form the basis of the integer workloads. The MPFSO95T models of these SoC FPGAs, like the MPFS095TL- FCSG536E, can deliver up to 6,500 Coremarks at 1.3 watts (Figure 3).
and immunity from Meltdown and Spectre attacks. Security begins with secure supply chain management, including the use of hardware security modules (HSMs) during wafer testing and packaging. The use of a 768- byte digitally signed x.509 FPGA certificate embedded in every FPGA SoC adds to supply chain assurance. Numerous on-chip tamper detectors are included in these FPGA SoCs to ensure secure and reliable operation. If tampering is detected, a tamper flag is issued that enables the system to respond as needed. Some of the available tamper detectors include: ■ Voltage monitors ■ Temperature sensors ■ Clock glitch and clock frequency detectors
■ Configure L1 and L2 as deterministic memory ■ DDR4 memory subsystem ■ Disable/enable branch predictors ■ In-order pipeline operation More processing with less energy In addition to their system operation benefits, including support for hard, real-time processing, these FPGA SoCs are highly energy efficient. The EEMBC CoreMark-PRO benchmark is an industry standard for comparing the efficiency and performance of MCUs in embedded systems. It was designed specifically to benchmark hardware performance and to replace the Dhrystone benchmark. The CoreMark-PRO workloads include a diversity of performance characteristics, instruction-level parallelism, and memory utilization based on four floating-point workloads and five common integer workloads. The floating-point
Figure 2. The RISC-V subsystem includes several processor and memory elements. Image source: Microchip Technology
The RISC-V MCU subsystem uses a five-stage single-issue, in-order pipeline. It’s not vulnerable to Spectre or Meltdown exploits that can afflict out-of-order architectures. All five MCUs are coherent with the memory subsystem, supporting a mix of deterministic asymmetric multi- processing (AMP) mode real-time systems and Linux. Capabilities of the RISC-V subsystem include (Figure 2): ■ Run Linux and hard real-time operations
(GPIO) and Peripheral Component Interconnect Express (PCIe) 2. The overall architecture is designed for reliability. It includes single- error correction and double- error detection (SECDED) on all memories, differential power analysis (DPA), physical memory protection, and 128 kilobits (Kbits) of flash boot memory (Figure 1). Microchip offers its Mi-V (pronounced ‘my five’) ecosystem of third-party tools and design resources to support the implementation of RISC-V systems. It’s built to speed the adoption of the RISC-V instruction set architecture (ISA) for hardened RISC-V cores and for RISC-V soft cores. Elements of the Mi-V ecosystem include access to: ■ Intellectual property (IP) licenses ■ Hardware ■ Operating systems and middleware ■ Debuggers, compilers, and design services
the FPGA SoC include several debugging capabilities like passive run-time configurable advanced extensible interface (AXI) and instruction trace. AXI enables designers to monitor data that’s being written to or read from various memories and to know when it’s being written or read.
Security considerations
The safety-critical and hard real-time applications for these FPGA SoCs require strong security in addition to high energy efficiency and powerful processing capabilities. The basic security functions of these FPGA SoCs include differential power analysis (DPA) resistant bitstream programming, a true random number generator (TRNG), and a physically unclonable function
■ JTAG active detector ■ Mesh active detector
Security is further ensured with 256-bit advanced encryption standard (AES-256) symmetric block cipher correlation power attack (CPA) countermeasures, integrated cryptographic digest capabilities to ensure data integrity, integrated PUF for key storage, and zeroization capabilities for the FPGA fabric and all on-chip memories.
(PUF). They also include standard and user-defined secure boot, physical memory protection that provides memory access restrictions related to the machine’s privilege state, including machine, supervisor, or user modes,
Figure 4. The automotive temperature MPFS250T- 1FCSG536T2 comes in a 16 x 16mm package with a ball count of 536 and a 0.5mm pitch. Image source: Microchip Technology
Figure 3. The MPFS095T FPGA SoC (orange line) delivers 6500 Coremarks at 1.3 watts. Image source: Microchip Technology
The hardened RISC-V MCUs in
we get technical
16
17
Powered by FlippingBook