MachXO3D – The Secure FPGA

使用硬件可信根和双引导特性强化安全控制应用

基于可靠的MachXO3架构——MachXO3D新增了不可更改的嵌入式安全模块,强化了控制功能,并将用户闪存升级到2700 kbit。

无比安全的FPGA——不可更改的安全模块提供硬件可信根和预验证加密功能,例如ECDSA、ECIES、AES、SHA、HMAC、TRNG、唯一安全ID和公钥/私钥生成。

片上双引导闪存——无需借助外部存储器进行双引导配置。片上双引导闪存可实现故障安全编程,以及灵活的现场升级。

特性

  • 将可信根集成到平台最先上电/最后断电的器件,简化了硬件安全的实现
  • 在产品的整个生命周期内保障安全,包括设备制造和运输、平台的生产、安装、运行和报废
  • 实现全面的保护,通过提供数据安全、设备安全、数据验证、设计安全和品牌保护等机制防范一系列威胁
  • 可编程逻辑与安全双引导配置模块相结合,为设计实现提供灵活性,并在设备部署后确保安全更新
  • 通过保护非易失性存储器、检测恶意代码以及出错时进行恢复,实现可靠的、符合NIST SP 800 193 PFR标准的安全机制。

跳转到

Security

MachXO3D is NIST-CAVP certified and complies with NIST SP 800-193 PFR Guidelines

Lattice has completed the National Institute of Standards and Technology (NIST) Cryptographic Algorithm Validation Program (CAVP) certification for the MachXO3D™ cryptographic functions listed below. NIST CAVP provides validation testing of FIPS-approved and NIST-recommended cryptographic algorithms and their individual components. Federal Information Processing Standards (FIPS) is the U.S. federal government’s standard for cryptographic software.

The MachXO3D establishes a hardware Root-of-Trust (ROT) to protect, detect and recover the device and other components from unauthorized firmware access throughout their systems’ lifecycle, from the point of manufacturing to end of life. These security functions are compliant with NIST SP 800-193 PFR guidelines and now certified with NIST-CAVP validation tests described in below table.

NIST-CAVP Certifications for MachXO3D™ cryptographic functions

Validation Number C998
Test Capabilities Description
AES-ECB Direction: Decrypt, Encrypt
Key Length: 128, 256
ECDSA KeyGen (186-4) Curve: P-256
Secret Generation Mode: Testing Candidates
ECDSA SigGen (186-4) Capabilities:
    Curve: P-256
    Hash Algorithm: SHA2-256
ECDSA SigVer (186-4) Capabilities:
    Curve: P-256
    Hash Algorithm: SHA2-256
HMAC DRBG Prediction Resistance: No
Capabilities:
Mode: SHA2-256
Entropy Input: 256
Nonce: 256
Personalization String Length: 0
Additional Input: 0
Returned Bits: 256
HAC-SHA2-256 MAC: 256
Key sizes < block size
KAS-ECC Function: Key Pair Generation
KAS-ECC CDH-Component Function: Key Pair Generation
SHA-256 Message Length: 8-65536 Increment 8

To see this certification on the NIST website, click here.

To learn more about NIST CAVP, click here.

产品系列表

MachXO3D器件选型指南
特性 MachXO3D-4300 MachXO3D-9400
LUT 4300 9400
分布式RAM(kbit) 34 73
EBR SRAM(kbit) 92 432
UFM (kbit) 367/11223 1088/26933
PLL 2 2
硬件化的安全模块 1 1
振荡器 1 1
片上双引导
兼容I3C的I/O 1 1
支持MIPI D-PHY2 支持 支持
内核电压 2.5 - 3.3V 2.5 - 3.3V
商用温度等级
工业温度等级
高性能/低功耗选项 HC / ZC HC / ZC

1. bank 3中的4对I/O具备I3C动态上拉特性。
2. 仅限HC器件。
3. 当禁用双引导时,镜像空间可以被用作额外的UFM。

0.5 mm引脚间距I/O数量
MachXO3D-4300 MachXO3D-9400
72 QFN (10 mm x 10 mm) 58 (HC / ZC) 58 (HC / ZC)
0.8 mm引脚间距I/O数量
MachXO3D-4300 MachXO3D-9400
256-ball caBGA (14 mm x 14 mm) 206 (HC / ZC) 206 (HC / ZC)
400-ball caBGA (17 mm x 17 mm) 335 (HC / ZC)
484-ball caBGA (19 mm x 19 mm) 383 (HC)

解决方案示例

安全控制PLD

  • 使用双引导和硬件可信根增强安全控制PLD的功能,从而在产品的整个生命周期内轻松实现全面、灵活、可靠的硬件安全机制。

保障服务器安全

  • 硬件化的安全配置模块能够让MachXO3D起到保护、检测和恢复的作用,从而防范恶意攻击
  • FPGA架构的并行处理能力可以同时保护、检测和恢复多个平台固件
  • 符合NIST SP 800 193平台固件保护恢复(PFR)标准

实现信任链

  • 硬件可信根是保护整个系统的信任链的首个环节
  • 硬件化的器件配置引擎可在上电时加密验证MachXO3D的配置镜像
  • 嵌入式安全模块在上电时提供加密功能验证其他平台固件
  • MachXO3D可瞬时启动,是平台上最先安全启动的器件,也是信任链的有力保障

设计资源

Intellectual Property & Reference Designs

Simplify your design efforts by using pre-tested, reusable functions

Application Notes

Learn how to get the most from our line-up of FPGAs / development boards

Software

Complete Design Flows, High Ease of Use

开发套件和开发板

我们的开发板和开发套件能够简化您的设计流程

编程硬件

使用我们的编程硬件,轻松完成在系统编程和在线重配置

文档

快速参考
技术资源
资讯资源
下载
标题 编号 版本 日期 格式 文件大小
MachXO3D Family Data Sheet
FPGA-DS-02026 1.0 12/10/2019
MachXO3D Soft Error Detection (SED)/Correction (SEC) Usage Guide
FPGA-TN-02124 0.90 5/21/2019
Memory Usage Guide for MachXO3D Devices
FPGA-TN-02066 0.90 6/16/2019
MachXO3D Programming and Configuration Usage Guide
FPGA-TN-02069 0.9 5/21/2019
MachXO3D sysCLOCK PLL Usage Guide
FPGA-TN-02070 0.90 6/16/2019
MachXO3D sysI/O Usage Guide
FPGA-TN-02068 0.90 6/16/2019
MachXO3D Hardware Checklist
FPGA-TN-02104 0.9 5/21/2019
Implementing High-Speed Interfaces with MachXO3D Usage Guide
FPGA-TN-02065 0.90 6/16/2019
Using Hardened Control Functions in MachXO3D Devices Reference Guide
FPGA-TN-02119 0.90 8/5/2019
Using Hardened Control Functions in MachXO3D Devices
FPGA-TN-02117 1.1 8/28/2019
Power Decoupling and Bypass Filtering for Programmable Devices
TN1068 1.0 5/1/2004
MachXO3D 256-Pin caBGA Package Migration File
1.0 5/21/2019
MachXO3D-9400 Pinout
1.0 5/21/2019
MachXO3D 72-Pin QFN Package Migration File
1.0 5/21/2019
MachXO3D-4300 Pinout
1.02 6/1/2020
PCB Layout Recommendations for BGA Packages
FPGA-TN-02024 4.1 5/20/2019
标题 编号 版本 日期 格式 文件大小
MachXO3D Family Data Sheet
FPGA-DS-02026 1.0 12/10/2019
标题 编号 版本 日期 格式 文件大小
MachXO3D Embedded Security Block
This document would be provided through Technical Support Request after sign-in to Lattice web site. Please refer to Answer Database FAQ 5781 for detail instruction.
FPGA-TN-02091 5/21/2019 COM/SUPPORT
MachXO3D Soft Error Detection (SED)/Correction (SEC) Usage Guide
FPGA-TN-02124 0.90 5/21/2019
Memory Usage Guide for MachXO3D Devices
FPGA-TN-02066 0.90 6/16/2019
MachXO3D Programming and Configuration Usage Guide
FPGA-TN-02069 0.9 5/21/2019
MachXO3D sysCLOCK PLL Usage Guide
FPGA-TN-02070 0.90 6/16/2019
MachXO3D sysI/O Usage Guide
FPGA-TN-02068 0.90 6/16/2019
MachXO3D Hardware Checklist
FPGA-TN-02104 0.9 5/21/2019
Implementing High-Speed Interfaces with MachXO3D Usage Guide
FPGA-TN-02065 0.90 6/16/2019
Using Hardened Control Functions in MachXO3D Devices Reference Guide
FPGA-TN-02119 0.90 8/5/2019
Using Hardened Control Functions in MachXO3D Devices
FPGA-TN-02117 1.1 8/28/2019
Power Decoupling and Bypass Filtering for Programmable Devices
TN1068 1.0 5/1/2004
PCB Layout Recommendations for BGA Packages
FPGA-TN-02024 4.1 5/20/2019
标题 编号 版本 日期 格式 文件大小
MachXO3D 256-Pin caBGA Package Migration File
1.0 5/21/2019
MachXO3D-9400 Pinout
1.0 5/21/2019
MachXO3D 72-Pin QFN Package Migration File
1.0 5/21/2019
MachXO3D-4300 Pinout
1.02 6/1/2020
标题 编号 版本 日期 格式 文件大小
Using MachXO3D ESB to implement ECDSA Generation/Verification - Source Code
1.0 5/21/2019
Using MachXO3D ESB to implement SHA256 - Source Code
1.0 5/21/2019
Using MachXO3D ESB to implement AES128/256 Encryption/Decryption
FPGA-RD-02056 1.0 5/21/2019
Using MachXO3D ESB to implement HMAC SHA256 - Documentation
FPGA-RD-02052 1.0 5/21/2019
Using MachXO3D ESB to implement HMAC SHA256 - Source Code
1.0 5/21/2019
Using MachXO3D ESB to implement ECIES Encryption/Decryption
FPGA-RD-02055 1.0 5/21/2019
Using MachXO3D ESB to implement ECIES Encryption/Decryption - Source Code
1.0 5/21/2019
Using MachXO3D ESB to implement ECC Key Pair Generation
FPGA-RD-02057 1.0 1/10/2020
Using MachXO3D ESB to implement ECC Key Pair Generation - Source Code
1.0 5/21/2019
Using MachXO3D ESB to implement ECDSA Generation/Verification
FPGA-RD-02053 1.0 5/21/2019
Using MachXO3D ESB to implement AES128/256 Encryption/Decryption - Source Code
1.0 5/21/2019
Using MachXO3D ESB to implement SHA256
FPGA-RD-02054 1.0 5/21/2019
SPI to WISHBONE Configuration Interface Bridge - Documentation
FPGA-RD-02191 1.0 5/16/2020
I2C to WISHBONE Configuration Interface Bridge - Documentation
FPGA-RD-02190 1.0 5/16/2020
I2C to WISHBONE Configuration Interface Bridge - Source Code
FPGA-RD-02190 1.0 5/16/2020
SPI to WISHBONE Configuration Interface Bridge - Source Code
FPGA-RD-02191 1.0 5/16/2020
标题 编号 版本 日期 格式 文件大小
Lattice MachXO3D OrCAD Capture Schematic Library (OLB)
1.0 5/21/2019
标题 编号 版本 日期 格式 文件大小
MachXO3D Product Brief
I0268 1.0 5/21/2019
标题 编号 版本 日期 格式 文件大小
BG484 XO3D
1.0 5/21/2019
BG256 XO3D
1.0 5/21/2019
BG400 XO3D
1.0 5/21/2019
标题 编号 版本 日期 格式 文件大小
全面保障硬件安全
WP0018C 1.0 5/21/2019
标题 编号 版本 日期 格式 文件大小
[BSDL] LCMXO3D-9400C CABGA256
1.0 5/21/2019
[BSDL] LCMXO3D-9400C CABGA484
1.0 5/21/2019
[BSDL] LCMXO3D-9400C QFN72
1.0 5/21/2019
[BSDL] LCMXO3D-4300C CABGA256
1.0 5/21/2019
[BSDL] LCMXO3D-4300C QFN72
1.0 5/21/2019
[BSDL] LCMXO3D-9400C CABGA400
1.0 5/21/2019
标题 编号 版本 日期 格式 文件大小
Lattice MachXO3D
1.0 5/21/2019 IBS 38.3 MB


支持

Like most websites, we use cookies and similar technologies to enhance your user experience. We also allow third parties to place cookies on our website. By continuing to use this website you consent to the use of cookies as described in our Cookie Policy.