Hardware Interfaces

Referring to the Comportable guideline for peripheral device functionality, the module keymgr has the following hardware interfaces defined

  • Primary Clock: clk_i
  • Other Clocks: clk_edn_i
  • Bus Device Interfaces (TL-UL): tl
  • Bus Host Interfaces (TL-UL): none
  • Peripheral Pins for Chip IO: none

Inter-Module Signals

Port NamePackage::StructTypeActWidthDescription


Interrupt NameTypeDescription
op_doneEventOperation complete

Security Alerts

Alert NameDescription
recov_operation_errAlert for key manager operation errors. These errors could have been caused by software
fatal_fault_errAlert for key manager faults. These errors cannot be caused by software

Security Countermeasures

Countermeasure IDDescription
KEYMGR.BUS.INTEGRITYEnd-to-end bus integrity scheme.
KEYMGR.CONFIG.SHADOWVarious critical registers are shadowed: including operation control, reseed interval, and key max version (creator, owner intermediate, owner).
KEYMGR.OP.CONFIG.REGWENVarious controls locked during the duration of an operation: including operation start, operation control, sideload clear, salt and key version.
KEYMGR.RESEED.CONFIG.REGWENReseed interval is software lockable.
KEYMGR.SW_BINDING.CONFIG.REGWENSoftware binding is lockable by software in each stage. When keymgr successfully advances, the lock is released to allow the next stage the freedom to program.
KEYMGR.MAX_KEY_VER.CONFIG.REGWENMax key version is software lockable.
KEYMGR.LC_CTRL.INTERSIG.MUBILife cycle control signal is multibit
KEYMGR.CONSTANTS.CONSISTENCYBasic consistency checks (all 0’s or all 1’s) for keymgr diversification constants
KEYMGR.INTERSIG.CONSISTENCYBasic consistency checks (all 0’s or all 1’s) for otp diversification inputs
KEYMGR.HW.KEY.SW_NOACCESSSideload keys are not directly accessible by software.
KEYMGR.OUTPUT_KEYS.CTRL.REDUNSoftware and sideload keys are redundantly controlled. Each generate operation creates a valid and a data enable (software and sideload specific). In order for a key to be populated into the software register, both the software valid and the software data enable must be asserted. The same is true for sideload. This makes it more difficult for an attack to fault a sideload key into the software key slot. An attacker would need to fault both the software valid and the software data enable. During a sideload operation, if an attacker manages to fault the valid but not the data enable, the software key is populated with random data. If an atacker manages to fault the data enable but not the valid, then the software key retains its previous value.
KEYMGR.CTRL.FSM.SPARSEMain control fsm is sparsely encoded.
KEYMGR.DATA.FSM.SPARSEControl data fsm (for redundant data control) is sparsely encoded.
KEYMGR.CTRL.FSM.LOCAL_ESCMain control fsm locally escalates based on any detected fault in keymgr. When a fault is detected (sync or async) the fsm transitions to invalid state to prevent further legal operations from executing.
KEYMGR.CTRL.FSM.CONSISTENCYMain and operational fsm transitions are consistent with software commands.
KEYMGR.CTRL.FSM.GLOBAL_ESCWhen the system globally escalates, the main control fsm also transitions to invalid state to prevent further legal operations from executing.
KEYMGR.CTRL.CTR.REDUNPrimary count is duplicated.
KEYMGR.KMAC_IF.FSM.SPARSEkmac interface fsm is sparsely encoded.
KEYMGR.KMAC_IF.CTR.REDUNPrimary count uses cross count.
KEYMGR.KMAC_IF_CMD.CTRL.CONSISTENCYOne hot check for kmac interface commands. Also, command enable (adv_en, id_en, gen_en) is checked for consistency throughout the operation.
KEYMGR.RESEED.CTR.REDUNPrimary count is duplicated.
KEYMGR.SIDE_LOAD_SEL.CTRL.CONSISTENCYSideload key slot select is checked for consistency. When a key slot is valid when it should not be, an error is triggered. The reverse case is not checked, since an invalid key cannot be used anyways.
KEYMGR.SIDELOAD_CTRL.FSM.SPARSESideload control fsm is sparsely encoded.
KEYMGR.CTRL.KEY.INTEGRITYInternal secret key is protected with ECC.