XAPP1086 (v1.3.1) February 5, 2015 www.xilinx.com 1

Summary

This application note is written for FPGA designers wishing to implement security or safety

critical designs, that is, information assurance (single chip cryptography), avionics, automotive,

and industrial applications, using the Xilinx Isolation Design Flow (IDF). This document explains

how to:

• Implement isolated functions in a single Xilinx 7 series FPGA or Zynq®-7000 All

Programmable SoC (AP SoC)

(1)

in commercial-grade or defense-grade using IDF.

For example, implementation might include red/black logic, redundant Type-I

encryption modules, or logic processing multiple levels of security.

• Verify the isolation using the Xilinx Isolation Verification Tool (IVT).

With this application note, designers can develop a fail-safe single chip solution using the Xilinx

IDF that meets fail-safe and physical security requirements for high-grade, high-assurance

applications. If the user wishes to add additional security to their design, the Security Monitor

IP, developed by Xilinx, can be purchased. Should the user decide to embed this IP,

modifications to the steps in this document must be made as described in Integration and

Verification of Security Monitor 3.0 for 7 Series FPGAs and Zynq-7000 All Programmable SoC

(XAPP796). Refer to the Aerospace and Defense Security Monitor IP Core Product Marketing Brief

[Ref 1] or contact your local Xilinx representative for more information. If the target application

requires mask control, a defense-grade (XQ) device might be needed.

The Kintex®-7 FPGA and Zynq-7000 AP SoC families are currently supported for the IDF. For

more information about the support time line for the rest of the Xilinx 7 series FPGA/SoC

families, contact your Xilinx representative for currently supported 7 series devices. This

application note is accessible from the Isolation Design Flow page on Xilinx.com [Ref 2].

You can download the Reference Design Files

for this application note from the Xilinx website.

For detailed information about the design files, see Reference Design Files.

Application Note: 7 Series FPGAs and Zynq-7000 AP SoC

XAPP1086 (v1.3.1) February 5, 2015

Isolation Design Flow for Xilinx 7 Series

FPGAs or Zynq-7000 AP SoCs (ISE Tools)

Author: Ed Hallett

1. The FPGAs and SoC are called FPGA/SoC in the rest of the document.

Introduction

XAPP1086 (v1.3.1) February 5, 2015 www.xilinx.com 2

Introduction

The flexibility of programmable logic affords the security and safety critical industries many

advantages. However, prior to this work, in applications such as information assurance,

government contractors and agencies could not realize the full capability of programmable

logic due to isolation, reliability, and security concerns. To address these concerns, the Isolation

Design Flow was developed to allow independent functions to operate on a single chip.

Examples of such single chip applications include, but are not limited to, redundant Type-I

cryptographic modules, resident red and black data, and functionality operating on multiple

independent levels of security. The successful completion of this work has allowed Xilinx to

provide new technology for the Information Assurance (IA) industry as well as provide safety

critical functions in Avionics, Automotive, and Industrial applications.

Isolation Design Flow

Developing a safe and secure single chip solution containing multiple isolated functions in a

single FPGA is made possible through Xilinx partition technology. Special attributes such as

SCC_ISOLATED and the features it enables are necessary to provide controls to achieve the

isolation needed to meet certifying agency requirements. To better understand the details of

the IDF, the designer should have a solid understanding of the standard partition design flow.

Many of the terms and processes in the partition flow are utilized in the IDF. Areas that are

different supersede the partition design flow and are identified in this application note.

Common Terminology

Throughout this document the terms ownership, function, logic, region, and partition are used

extensively.

They are defined thus:

• Ownership (Physical/Logical)

The concept of Physical versus Logical ownership is an important concept to

understand when using the IDF. This concept is covered in detail in the section Trusted

Routing Design Guidelines.

• Function

A collection of logic that performs a specific operation (that is, an AES encryptor)

•Logic

Circuits used to implement a specific function (that is, flip-flop, look up table, RAM, and

so on)

• Region/Area Group/Pblock

A physical area to implement logic