Summary
In this chapter, we looked at the key security features that are available in the Zynq-7000 SoC FPGA. We saw that these are threefold: FPGA-specific hardware features, the ARM TrustZone-based framework, and the Secure software execution environment. We covered the secure booting process and how the software and hardware images can be protected using encryption and authentication. Then, we examined how, at boot time, the FPGA features are used to establish the root of trust, decrypt the images, authenticate them, and then load the FSBL and optionally configure the FPGA with the secure bitstream file. We also delved into the Secure and NS software execution worlds and how they interact with each other via a Secure monitor. We examined the ARM TrustZone and the hardware protection mechanism used to make peripherals Secure or NS and how these transactions are qualified at runtime by the AXI and APB bus protocols. We presented a typical Secure system that combines the PS and PL...
