Actel has developed the new ProASIC3/E families of Flash FPGAs that offer enhanced performance, density, and features over the ProASICPLUS FPGAs. The ProASIC3/E devices also provide a secure, low-power, live-at-power-up, single chip solution.
The nonvolatile, Flash-based ProASIC3/E families require no boot PROM. They incorporate FlashLock technology, which provides a unique combination of reprogrammability and design security without external overhead. Only Flash FPGAs can offer these advantages. The devices have a dedicated nonvolatile FlashROM (FROM) memory of 1024 bits - a unique feature in the FPGA market. The FROM can be read, modified, and written using the JTAG (or UJTAG) interface; however, it can be read but not modified from the FPGA core.
Only Flash FPGAs contain on-chip user nonvolatile memory (NVM), and Actel's ProASIC3/E families are the only FPGAs that currently support this feature. The device architecture is shown in Figure 1.
FROM architecture and applications
Actel ProASIC3/E devices have 1 kbit of user-accessible, nonvolatile FROM on-chip. The FROM is logically organised as eight pages of 16 bytes (128 bits per page). Figure 2 shows the FROM logical level structure. The ACTgen core generator is used to configure FROM content. You can configure each page independently. ACTgen enables you to create and modify regions within a page; these regions can be from one to 16 bytes long.
The FROM content may be changed independently of the FPGA core content. It may be easily accessed and programmed via JTAG, depending on the security settings of the device. The ACTgen core generator enables each region to be independently updated. This enables you to change the FROM content on a per-part basis while keeping some regions 'constant' for all parts.
These features allow the FROM to be used in diverse system applications, for example: IP addressing (wireless or fixed); system-calibration settings; restoring configuration after unpredictable system power down; device serialisation and/or inventory control; subscription-based business models (eg, set-top boxes); secure key storage; asset management tracking; date stamping; version management.
FROM security
ProASIC3/E devices have an on-chip advanced encryption standard (AES) decryption core, combined with an enhanced version of the Actel Flash-based lock technology (FlashLock). Together, they provide unmatched levels of security in a programmable logic device. This security applies to both the FPGA core and FROM content.
ProASIC3/E devices use the 128-bit AES (Rijndael) algorithm to encrypt programming files for secure transmission to the on-chip AES decryption core. The same algorithm is then used to decrypt the programming file. This key size provides approximately 3,4 x 1038 possible 128-bit keys. The 128-bit FlashLock feature works via a FlashLock security Pass Key mechanism, where the user locks or unlocks the device with a user-defined key. If the device is locked with certain security settings, functions such as device read, write, and erase are disabled. This unique feature helps to protect against invasive and noninvasive attacks. Without the correct Pass Key, access to the FPGA is denied. During programming of the FROM and/or the FPGA core, you can generate the security header programming file, which is used to program the AES key and/or FlashLock Pass Key (which is not stored in the FROM). The security header programming file can also be generated independently of the FROM and FPGA core content.
ProASIC3/E devices with AES-based security allow for secure remote field updates over public networks such as the Internet, and ensure that valuable intellectual property remains out of the hands of IP thieves.
FROM design flow
The Actel Libero integrated design environment (IDE) software has extensive FROM support, including FROM generation, instantiation, simulation, and programming. In the design flow, there are three main steps:
1. FROM generation and instantiation in the design: The ACTgen core generator is the only tool that can be used to generate the FROM content. ACTgen has several user-friendly features. Instead of selecting each byte and assigning values, you can create a region within a page, modify the region, and assign properties to that region. The FROM user interface includes the configuration grid, existing regions list, and properties field. The properties field specifies the region-specific information and defines the data used for that region.
You can assign values to the following properties:
* Static fixed data - enables one to fix the data so that it cannot be changed during programming time.
* Static modifiable data - this option selected when the data in a particular region is expected to be static data (such as a version number, which remains the same for a long duration but could conceivably change in future).
* Read from file - this provides the full flexibility of FROM usage to the customer. If you have a customised algorithm for generating the FROM data, you can specify this setting. You can then generate a text file with data for as many devices you wish to program and load that into the FlashPoint programming file generation software.
* Auto increment/decrement - This scenario is useful when you specify the contents of FROM for a large number of devices in a series. You can specify the step value for the serial number and a maximum value for inventory control. During programming file generation, the actual number of devices to be programmed is specified and a start value is input to the software.
ACTgen generates the following files along with the netlist:
* MEM (memory initialisation) file - used for simulation.
* UFC (user flash configuration) file - FROM configuration.
* Log file - file type and file location.
2. Simulation of FROM design: The MEM file has 128 rows of 8 bits, each representing the contents of the FROM that is used for simulation.
3. Programming file generation for FROM design: FlashPoint is the programming software used to generate the programming files for ProASIC3/E devices. Depending on the applications, it can be used to generate a STAPL file with different FROM contents, and in each case optional AES decryption is available. In order to generate a STAPL file that contains the same FPGA core content and different FROM contents, the FlashPoint software needs an Array Map file for the core and UFC file(s) for the FROM. This final STAPL file represents the combination of the logic of the FPGA core and FROM content. FlashPoint generates the STAPL files that you can use to program the desired FROM page and/or FPGA core of the FPGA device contents. It supports the encryption of the FROM content and/or the FPGA Array configuration data. In the case of using the FROM for device serialisation, a sequence of unique FROM contents will be generated. When generating a programming file with multiple unique FROM contents, you can specify in FlashPoint whether to include all FROM content in a single STAPL file or generate a different STAPL file for each FROM. The programming software (FlashPro) handles the single STAPL file that contains the FROM content from multiple devices. It enables you to program the FROM content into a series of devices sequentially.
Custom serialisation using FROM
You can use FROM for device serialisation or inventory control by using the 'Auto Inc' region or 'Read From File' region. FlashPoint will automatically generate the serial number sequence with the 'Start Value', 'Max Value' and 'Step Value' provided. If you have a unique serial number generation scheme that you prefer, the Read From File Region allows you to import the file with your serial number scheme programmed into the region.
Conclusion
The ProASIC3/E families are the only FPGAs that offer on-chip FROM support. This overview presented information on the FROM architecture, possible applications, programming, access through the JTAG and UJTAG interface, and integration into your design. In addition, the Libero IDE tool set enables easy creation and modification of the FROM content. The nonvolatile FROM block in the FPGA can be customised, enabling multiple applications. Additionally, the security offered by the ProASIC3/E devices keeps both the contents of FROM and the FPGA design safe from system over-builders, system cloners, and IP thieves.
| Tel: | +27 11 315 8316 |
| Fax: | +27 11 315 1711 |
| Email: | [email protected] |
| www: | www.asic.co.za |
| Articles: | More information and articles about ASIC Design Services |
© Technews Publishing (Pty) Ltd | All Rights Reserved
printer friendly version