[Cryptech Tech] Alpha board BOM and PCB design requirements

[Fredrik Thulin]

On Wednesday, March 11, 2015 12:42:03 PM Павел Шатов wrote:
...
> First of all, FPGAs have volatile internal configuration latches. FPGA
> must be programmed every time it is powered up. When in Slave mode, FPGA
> just sits and waits for someone to load bitstream into it and release
> reset. When in Master mode, FPGA actively tries to read bitstream from
> external memory and start working by itself. Mode can be switched by
> applying either 0 or 1 to dedicated mode pins of an FPGA. Novena
> actually supports both modes. By default it places on-board FPGA in
> Slave mode (you have to run configure script to program an FPGA). Novena
> also has dedicated EEPROM memory for FPGA bitstream, you can program
> this memory and then insert a jumper to make FPGA automatically load
> this bitstream upon power up.

Thanks for the explanation. Another jumper to choose master/slave mode seems 
warranted then.

> If Basil wants to physically disable writing to an FPGA, then you need
> Master mode and a separate EEPROM for bitstream. I can suggest M25P128
> from Micron for example (Artix-7 has 77 Mbits of config memory, so 128
> Mbits memory is required at least). This memory has a dedicated write
> protection pin, that can be connected to a jumper.

Thanks for the suggestion. I don't have time to look more closely at that 
memory right now, but I take your word for it. I'll update the wiki with the 
suggestion to have PCB footprint for that EEPROM, unless someone has another 
suggestion.

...
> If we go for discrete chips, we will have a more compact board. I was
> asking from this perspective.

>From the Skype core call this Tuesday it seems we need to talk through whether 
a compact design is a design goal (or anti-design goal) for the Alpha or not 
during the f2f meeting next week.
 
...
> So yes, we will need a wall adapter (12V maybe?)

Sounds good.
 
> > Related, when we talk battery do people think CR2032, 12V 6Ah Sealed Lead
> > Acid battery or something else?
> 
> Depends on what you want to be battery-powered. CR2032 should be enough
> to power tamper detection circuit for several years.

Yes. Operationally, maybe it makes sense to have a beefier battery on the HSM 
to avoid frequent lock-ups needing security officers to unlock the device if one 
doesn't have the most stable power? I don't know. Maybe we should just say 
"have 12v screw terminals for optional battery power source" in addition to a 
mandatory CR2032 for the tamper subsystem?

> Btw, you want to
> use MSP430 in this circuit. What is it going to do? Read some sensors
> and toggle its outputs accordingly?

Yes, and use SPI to erase the MKM in case any of the tamper sensors are 
triggered.

> I suggest to use something smaller,
> like PIC18 or PIC16 from Microchip. These processors are 8-bit and have
> an order of magnitude less power consumption.

We opted for the MSP430 since it is well known to us (me).

> How is MSP430 programmed, btw? Will we need a special programming cable for 
it?

The wiki mentions the use of the Spy-bi-wire interface to program it. Would be 
three pads IIRC. FWIW the MSP430 also supports serial programming using it's 
BSL. We could add the ability to program it from the ARM (if a programming-
enabled jumper is present presumably).

/Fredrik