​​Lattice Sentry PFR Platform Root of Trust (PRoT) Reference Design​

​​Enhanced Bitstream Security and User-mode Security Functions​

Our system is going under maintenance starting February 14, 2025 at 6:00 PM Pacific and ending February 15, 2025 at 12:00 AM Pacific. During this window, the website may not be reachable. For immediate assistance, please contact techsupport@latticesemi.com.

Lattice Mach-NX and MachXO5-55TD devices are low-density FPGAs with enhanced security features with on-chip dual boot flash. The enhanced bitstream security and user-mode security functions enable the Mach-NX and MachXO5-55TD devices to be used as a Root-of-Trust hardware solution.

The Lattice Mach-NX and MachXO5-55TD FPGAs function as RoT devices. The design of the Mach-NX device consists of the SoC Function Block (SFB) module, which integrates a RISC-V processor connected to a set of peripherals through the AMBA bus. Meanwhile, the Lattice MachXO5-55TD device contains the Embedded Security Function Block (ESFB) module, which provides the Security CPU, Crypto services, and Secure Flash Controller. The RoT functionality includes the User RISC-V processor, UART, and SMBus Mailbox. The Sentry PFR will incorporate the necessary system-level interfaces and control functionality. Available PFR IP blocks encompass QSPI Streamer, QSPI Monitor, I3C interface, I2C filter, LTPI, SGPIO, and GPIO functions. The user RISC-V processor connects to a set of peripherals via the AMBA bus. Software running on the processor manages both the general and PFR solution peripherals and handles all events at runtime to execute system functionalities.

Features

  • Ensuring that Platform Firmware code and critical data remain in a state of integrity and are protected from corruption​
  • ​​Root of Trust for Detection (RTD) is responsible for firmware and critical data corruption detection Detect when Platform Firmware code and critical data have been corrupted, or otherwise changed from an authorized state​
  • ​​Root of Trust for Recovery (RTRec) is responsible for recovery of firmware and critical data when corruption is detected Restore Platform Firmware code and critical data, if any corruption has been detected, or when forced to recover through an authorized mechanism​
  • ​​Root of Trust for Update (RTU) is responsible for authenticating firmware updates and critical data changes to support platform protection​
  • ​​This reference design supports Mach-NX 484 BGA device for Sentry 2.2 and MachXO5-55TD 400 BGA device for Sentry 4.0.​

​To learn more about this product design and request the reference design code, click here to contact us.​

Block Diagram

​Lattice Sentry 2.2 PFR Platform Root of Trust (PRoT) Reference Design – Block Diagram

Lattice Sentry 4.0 PFR Platform Root of Trust (PRoT) Reference Design – Block Diagram​

Documentation

Technical Resources
TITLE NUMBER VERSION DATE FORMAT SIZE
Select All
Lattice Sentry 4.0 Platform Firmware Resiliency Platform Root of Trust - User Guide
FPGA-RD-02291 1.0 8/3/2024 PDF 650.7 KB
Lattice Sentry 2.2 PFR Platform Root of Trust (PRoT) Reference Design - User Guide​
FPGA-RD-02286 1.0 6/26/2024 PDF 1.6 MB

*By clicking on the "Notify Me of Changes" button, you agree to receive notifications on changes to the document(s) you selected.