Fusion Family of Mixed Signal FPGAs
Revision 4
2-231
XTAL2
Crystal Oscillator Circuit Input
Input to crystal oscillator circuit. Pin for connecting external crystal, ceramic resonator, RC network, or
external clock input. When using an external crystal or ceramic oscillator, external capacitors are also
recommended (Please refer to the crystal oscillator manufacturer for proper capacitor value).
If using external RC network or clock input, XTAL1 should be used and XTAL2 left unconnected. In the
case where the Crystal Oscillator block is not used, the XTAL1 pin should be connected to GND and the
XTAL2 pin should be left floating.
Security
Fusion devices have a built-in 128-bit AES decryption core. The decryption core facilitates highly secure,
in-system programming of the FPGA core array fabric and the FlashROM. The FlashROM and the FPGA
core fabric can be programmed independently from each other, allowing the FlashROM to be updated
without the need for change to the FPGA core fabric. The AES master key is stored in on-chip nonvolatile
memory (flash). The AES master key can be preloaded into parts in a security-protected programming
environment (such as the Microsemi in-house programming center), and then "blank" parts can be
shipped to an untrusted programming or manufacturing center for final personalization with an AES-
encrypted bitstream. Late stage product changes or personalization can be implemented easily and with
high level security by simply sending a STAPL file with AES-encrypted data. Highly secure remote field
updates over public networks (such as the Internet) are possible by sending and programming a STAPL
file with AES-encrypted data. For more information, refer to the Fusion Security application note.
128-Bit AES Decryption
The 128-bit AES standard (FIPS-197) block cipher is the National Institute of Standards and Technology
(NIST) replacement for DES (Data Encryption Standard FIPS46-2). AES has been designed to protect
sensitive government information well into the 21st century. It replaces the aging DES, which NIST
adopted in 1977 as a Federal Information Processing Standard used by federal agencies to protect
sensitive, unclassified information. The 128-bit AES standard has 3.4 × 1038 possible 128-bit key
variants, and it has been estimated that it would take 1,000 trillion years to crack 128-bit AES cipher text
using exhaustive techniques. Keys are stored (protected with security) in Fusion devices in nonvolatile
flash memory. All programming files sent to the device can be authenticated by the part prior to
programming to ensure that bad programming data is not loaded into the part that may possibly damage
it. All programming verification is performed on-chip, ensuring that the contents of Fusion devices remain
as secure as possible.
AES decryption can also be used on the 1,024-bit FlashROM to allow for remote updates of the
FlashROM contents. This allows for easy support of subscription model products and protects them with
measures designed to provide the highest level of security available. See the application note Fusion AES for Flash Memory
AES decryption can also be used on the flash memory blocks. This provides the best available security
during update of the flash memory blocks. During runtime, the encrypted data can be clocked in via the
JTAG interface. The data can be passed through the internal AES decryption engine, and the decrypted
data can then be stored in the flash memory block.
Programming
Programming can be performed using various programming tools, such as Silicon Sculptor II (BP Micro
Systems) or FlashPro3 (Microsemi).
The user can generate STP programming files from the Designer software and can use these files to
program a device.
Fusion devices can be programmed in-system. During programming, VCCOSC is needed in order to
power the internal 100 MHz oscillator. This oscillator is used as a source for the 20 MHz oscillator that is
used to drive the charge pump for programming.