<div>Yes, that is exactly what I was talking about. Delayering a chip is much harder than simply piercing soldermask with a sharp digital analyzer probe. If you are going to have C-4 onboard, this factor is not that important of course :)</div><div> </div><div><div>-- With best regards,</div><div>Paul Shatov</div><div> </div></div><div>11.01.2015, 23:53, "Joachim Strömbergson" <joachim@secworks.se>:</div><blockquote type="cite"> Aloha! Yes, adding a soft core is one option we have for the future. Using a hard core such as Xilinx Zync or Altera SoCs adds a lot of performance, but it reduces the ability to actually test and know as well as limit what is actually accessible from where. In terms of side channel leakage, having an internal interface on chip is better than having an interface over the PCB. But this interface will be inside the tamper boundary. For the next, next generation board (or later revisions of this one) we may move to an integrated solution. But for the platform after Novena I think our assumption right now is that we really want to have separate physical devices. This is because it allows us to decompose the system into separate partitions that can more easily be controlled and audited. Cheers JoachimS Шатов Павел wrote:<blockquote> Hello everyone. I haven't attended your meeting, so I don't know all the underlying details of your discussion. Do you intentionally want your board to include CPU and FPGA as two separate chips? As far as I know in terms of hardware security having one single integrated circuit is better. Two options are possible to combine both CPU and FPGA in one physical IC. The first option is to select larger FPGA and add some processor IP core to it. Both Altera and Xilinx provide soft processors, but they are not opensource. I believe there might be suitable soft processors available at <a href="http://opencores.org/projects">http://opencores.org/projects</a>. The drawback of this approach is that such soft processors will not run very fast. I've mostly worked with Spartan-6, from my experience it is difficult to push MicroBlaze from Xilinx beyond 125-133 MHz. Other processors should be about the same. On the other hand you can configure soft processor to only include modules that you actually need. The second option is to use some PSoC chip. I can suggest having a look at Zynq from Xilinx: <a href="http://www.xilinx.com/publications/prod_mktg/zynq7000/Zynq-7000-combined-product-table.pdf">http://www.xilinx.com/publications/prod_mktg/zynq7000/Zynq-7000-combined-product-table.pdf</a>. It has dual-core ARM Coretex-A9 CPU and Artix/Kintex FPGA in one package. There are several other PSoC vendors too, Zynq is just an example. From my experience programmable system-on-chip projects require much initial effort, but as the project matures it becomes easier to develop it.<<a href="http://www.xilinx.com/publications/prod_mktg/zynq7000/Zynq-7000-combined-product-table.pdf">http://www.xilinx.com/publications/prod_mktg/zynq7000/Zynq-7000-combined-product-table.pdf</a>></blockquote>11.01.2015, 12:18, "Fredrik Thulin" <<a href="mailto:fredrik@thulin.net">fredrik@thulin.net</a><blockquote> <mailto:<a href="mailto:fredrik@thulin.net">fredrik@thulin.net</a>>>: <blockquote> It seems to me that the interface between the FPGA and ARM will be one of the real selectors for what ARM to use? Joachim, can you make a baseline suggestion for what FPGA to use and what interface to use? I remember from the meeting last week that we said we are currently using about 70% of the resources in the Novena FPGA and would aim for something 10x (?) bigger for the alpha board, to not be space constrained during development? /Fredrik _______________________________________________ Tech mailing list <a href="mailto:Tech@cryptech.is">Tech@cryptech.is</a> <mailto:<a href="mailto:Tech@cryptech.is">Tech@cryptech.is</a>> <a href="https://lists.cryptech.is/listinfo/tech">https://lists.cryptech.is/listinfo/tech</a></blockquote> -- With best regards, Paul Shatov _______________________________________________ Tech mailing list <a href="mailto:Tech@cryptech.is">Tech@cryptech.is</a> <a href="https://lists.cryptech.is/listinfo/tech">https://lists.cryptech.is/listinfo/tech</a></blockquote>- -- Med vänlig hälsning, Yours Joachim Strömbergson - Alltid i harmonisk svängning. ======================================================================== Joachim Strömbergson Secworks AB <a href="mailto:joachim@secworks.se">joachim@secworks.se</a> ========================================================================<blockquote>-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - <a href="http://gpgtools.org/">http://gpgtools.org</a> Comment: Using GnuPG with Mozilla - <a href="http://enigmail.mozdev.org/">http://enigmail.mozdev.org/</a> iQIcBAEBCAAGBQJUsuLAAAoJEF3cfFQkIuyNRJMQAL75OY0Ym9gewX6Rge4YFIoM DpMCQEgLJZGQKiGUOxGaJ3EovtI9ThiVa1S+l5HQH+na6y9mwMi0XAZBbc6GP4hb UmDPBUVXPGYsqT5Er6lbc2yBdLsW+cHsjBMWnTQtQFvDi0geTVO3pdSpieljjmTT d3xdI9kUfvjgYzNZ9cwGI85yniaV6EKsagNndY8M9/jrfS3oI4I2qwFcvzsXPUJP w4+QxY+ce6/V6s0ke2lHIpzy0zIziVLRp433/zSQj1f7F2+9JwdwynZCmEqAg375 s3NKDL5HHwcMDpEww7uBksgp7h+U5HEC8KMVPYUDw/MqX5WKaOUQikgwqHCkNy7d /Nk4igp4GV0cG8KMyzy21HYAScPCOvx0mM2pWwuIs9qFL66RJYxR5wXeaOn3lWWV aRyWxSITJ/UlCixYOHrJsh6/BzHC/hxT73C392bJyb17nSIq4arK/etJihNgGRf9 RMloJRUKaOSHKCuiXiZXk4a3aqah7b+b3QMeLL+OWfBYXSWOk3DYL+y2NTSKtOno +yahUqUCJzh+ISWqGltpeo94ckMxllcGgLUTribUqnmhHUD+rVGVhMYjg2kmoFS8 vshgg0PKMysPY90oAMs2G40gJS9eKaBrNUYFoXLcJz/ALFbfoA+sb9wO/M+75OaV EEMMI8YzhNQldYmVnqEi =Une+ -----END PGP SIGNATURE-----</blockquote></blockquote><div> </div><div> </div>