|
|
| (25 intermediate revisions by 4 users not shown) |
| Line 1: |
Line 1: |
| − | The CW305 is a FPGA target board. It brings features including a simplified USB interface for talking to the FPGA, an external PLL for adjusting frequency response, a programmable VCC-INT supply, and diode protection for use in fault injection environments. Also available with a special BGA socket, giving you the ability to perform tests on multiple FPGA devices - perfect for checking Physically Unclonable Functions (PUFs) under the exact same environmental conditions across multiple FPGAs.
| + | == Page Moved == |
| | | | |
| − | This board requires an external oscilloscope or capture box for performing the power measurement. The board is designed to interface to hardware such as the ChipWhisperer-Lite 2-Part version or the CW1200 (ChipWhisperer-Pro).
| + | See [https://rtfm.newae.com/Targets/CW305%20Artix%20FPGA/ NewAE RTFM Page]. The previous content on this wiki has been moved to the above link. See wiki history if you would like to view exact older versions of this page. |
| − | | + | |
| − | =Feature Overviews=
| + | |
| − | | + | |
| − | ==USB Interface==
| + | |
| − | | + | |
| − | This board uses NewAE Technology Inc's custom USB interface firmware. This firmware gives you a simple data/address bus, which you can read/write to the FPGA. The USB chip also controls FPGA configuration (which for the 7A35T device takes just under 2 seconds), the PLL, and the VCC-INT regulator. This makes it easy to script complex jobs like performing measurements at different frequencies or voltages, or reconfiguring the FPGA after a fault attempt to avoid issues with SRAM corruption.
| + | |
| − | | + | |
| − | ==PLL==
| + | |
| − | | + | |
| − | The CDCE906 PLL means you can easily output frequencies from about 5-160 MHz (a larger range is possible but may require more care). The PLL is programmed over USB, and 3 output channels are provided (each which can be set to a different frequency). 2 route to the FPGA and 1 routes to a SMA connector. This allows you to synchronize external devices or boards to the oscillator driving your FPGA design.
| + | |
| − | | + | |
| − | ==Power Supply==
| + | |
| − | | + | |
| − | Three switching regulators are provided - two fixed for VCC-AUX and VCC-IO, along with a VCC-INT supply which can be programmed over the range of 0.8V-1.10V (this is a software limit to prevent you from damaging the FPGA, this can be overridden if you need to provide about a 0.65-1.5V range). Optional linear regulators can plug into the VCC-AUX and VCC-IO supplies which provide lower-noise operation (but with a reduced current limit compared to the switching supplies).
| + | |
| − | | + | |
| − | External banana connectors make is simply to power the VCC-INT from a low-noise bench supply. This can improve side-channel analysis measurements by reducing noise in the shunt measurement compared to the on-board switching supply.
| + | |
| − | | + | |
| − | An on-board DMM measures the VCC-INT supply and provides easy visual feedback so you can confirm settings without needing to attach a meter.
| + | |
| − | | + | |
| − | ==Shunt Measurement==
| + | |
| − | | + | |
| − | A resistive shunt is provided in the VCC-INT supply, with an optional shunt in the VCC-AUX line. The resistive shunt can be measured using a differential probe on 0.1" spacing, using the SMAs, or using the on-board 20dB LNA. The LNA makes it easier to measure with standard oscilloscopes that don't measure the very small variations you find in power analysis.
| + | |
| − | | + | |
| − | ==Fault Injection==
| + | |
| − | | + | |
| − | This board is designed to facilitate all forms of fault injection. Resitive and diode protection prevents transients on the VCC-IO of the FPGA from affecting the USB interface chip. The USB chip itself provides high-speed FPGA reconfiguration to simplify repetitive fault attacks where you need to reconfigure the FPGA. The USB interface can also monitor the INITB pin of the FPGA, which can be used with the continous CRC verification feature to determine when reconfiguration is required.
| + | |
| − | | + | |
| − | The PCB features mounting holes and alignment features for use with an X-Y table (suitable for both EM fault injection and H-Field probes).
| + | |
| − | | + | |
| − | The VCC-INT supply can be disconnected from the filtering capacitors to allow using the SMA jacks as a method of inserting voltage faults without fighting the output capacitance of the power supply.
| + | |
| − | | + | |
| − | The ChipWhisperer Crowbar fault injection can also be used with this board, which requires either the ChipWhisperer-Lite 2-Part version (CW1173-2PART) or CW1200.
| + | |
| − | | + | |
| − | =Hardware Details=
| + | |
| − | | + | |
| − | == VCC-INT Routing ==
| + | |
| − | | + | |
| − | The following shows details of how the power supplies are routed on the CW305 board:
| + | |
| − | | + | |
| − | [[File:cw305_vccrouting.png]] | + | |
| − | | + | |
| − | Details of each section are shown here:
| + | |
| − | | + | |
| − | === DC Jack / USB Power ===
| + | |
| − | | + | |
| − | There are two main sources of power which can be used for ''all'' FPGA power supplies (VCC-INT, VCC-IO, and VCC-AUX). By default this is the USB connector, but this is limited by USB specs to a maximum of 500 mA.
| + | |
| − | | + | |
| − | If using a larger design in the FPGA you may exceed these limits, in which case you must move the switch to use the DC-Jack. This jack requires a 5.0V power supply capable of a suitable amount of current for your design (suggested: 2.0A).
| + | |
| − | | + | |
| − | [[File:psw_1.jpg|100px]]
| + | |
| − | | + | |
| − | === Internal / External VCC-INT ===
| + | |
| − | | + | |
| − | The internal power supply provides a source of 1.0V for the VCC-INT. This supply can be programmed slightly above/below 1.0V to compare the effects of different VCC-INT supplies on the FPGA design. Details of the power supply are given in section TODO XREF. The internal supply can provide up to 6.0A for the VCC-INT rail.
| + | |
| − | | + | |
| − | There is also two banana jacks which can be connected to a 1.0V lab supply. You must be very careful to ensure you do not exceed 1.10V on this input, as beyond that range you risk damaging the FPGA.
| + | |
| − | | + | |
| − | The choice of internal/external is selected with the switch. There is a ferrite bead + large capacitors after this switch, so note that you '''cannot''' use the banana jack inputs as a voltage glitch insertion method. Instead you must insert them directly into the SMA connectors, described later.
| + | |
| − | | + | |
| − | [[File:psw_2.jpg|200px]]
| + | |
| − | | + | |
| − | === Shunt Resistor Connections ===
| + | |
| − | | + | |
| − | The following shows the components around the shunt resistor:
| + | |
| − | | + | |
| − | [[File:shunt.jpg|400px]]
| + | |
| − | | + | |
| − | Schematically, this is shown below. NOTE: the schematic flows in the "opposite" direction of the PCB. In the PCB power flows left to right, in the schematic it flows right to left.
| + | |
| − | | + | |
| − | [[File:cw305_vccint_shunt_sch.png|600px]]
| + | |
| − | | + | |
| − | A brief description of each element is given below.
| + | |
| − | | + | |
| − | ==== SMA Connectors / Test Points ====
| + | |
| − | | + | |
| − | The SMA connectors provide access to both sides of the shunt. The "high side" comes from the power supply with substantial filter capacitors, and the "low side" goes directly to the FPGA VCC-INT network. The VCC-INT network may or may not have decoupling capacitors mounted (this is an ordering option).
| + | |
| − | | + | |
| − | In addition, two test points are provided on each side that are suitable for use with an oscilloscope probe. It is '''strongly''' recommended to use a SMA to BNC cable (such as Cinch Connectivity P/N 415-0028-024 available from Digikey) to view the power measurement instead of these test points, as the SNR of the oscilloscope probe will typically be considerably worse than via the SMA connector.
| + | |
| − | | + | |
| − | The SMA connector can also be used when inserting faults into the FPGA. If using the ChipWhisperer crowbar fault generator, simply connect the crowbar output to connector X3. If using an external fault amplifier, you will also connect to X3 but will also need to remove the jumper (described below).
| + | |
| − | | + | |
| − | ==== Jumper ====
| + | |
| − | | + | |
| − | In some circumstances you may wish to entirely remove the shunt resistor. This is typically the case when performing fault insertion, where the large "filter" capacitors present on the high side of the shunt resistor will drastically reduce the slew rate of your fault amplifier.
| + | |
| − | | + | |
| − | Alternatively, you may wish to use a current transformer or similar current probe which requires a method of inserting a sensor into the VCC-INT path.
| + | |
| − | | + | |
| − | For these uses test point TP2 and TP3 have gold-plated "nails" soldered into them, and a wire bridge soldered between the test points. This wire bridge can be removed by either cutting (with wire cutters) or desoldering. The gold-plated nails provide a mechanically strong base which allows you to perform this operation without risking damage to the CW305 PCB.
| + | |
| − | | + | |
| − | If using a current probe, you can either (1) solder a wire between TP2 and TP3, or (2) use two SMA connectors to route the power between X2 and X3. Clamp your current probe onto the bare wire used to route the signal between these (you'll need a custom cable without the shield most likely).
| + | |
| − | | + | |
| − | The gold-plated nails that require soldering are used instead of a switch or jumper to reduce the resistance in the measurement path. Typical switches provide too high of a contact resistance for the potential current draw of a large design in the FPGA, which would reduce the SNR at the measurement point.
| + | |
| − | | + | |
| − | ==== Shunt Resistor ====
| + | |
| − | | + | |
| − | The shunt resistor is a 1206 size resistor mounted at position R27. The value of this resistor will vary between the various variants of the assembled board.
| + | |
| − | | + | |
| − | Two 0.100" (2.54mm) headers are provided for measurement with a differential probe. One (JP7) is directly across the resistor, and the other (JP6) is on the top right side of the PCB. JP6 is designed to be used with a NewAE Technology Inc. differential probe (which requires a separate power supply for this differential probe).
| + | |
| − | | + | |
| − | Examples of resistors used are the following:
| + | |
| − | {| class="wikitable"
| + | |
| − | !Value
| + | |
| − | !Manufacture
| + | |
| − | !Part Number
| + | |
| − | !Digikey P/N
| + | |
| − | |-
| + | |
| − | |500mOhm
| + | |
| − | |Stackpole
| + | |
| − | |CSR1206FKR500
| + | |
| − | |CSR1206FKR500CT-ND
| + | |
| − | |-
| + | |
| − | |250mOhm
| + | |
| − | |Stackpole
| + | |
| − | |CSR1206FKR250
| + | |
| − | |CSR1206FKR250CT-ND
| + | |
| − | |-
| + | |
| − | |100mOhm
| + | |
| − | |Samsung
| + | |
| − | |RUW3216FR100CS
| + | |
| − | |1276-6187-1-ND
| + | |
| − | |-
| + | |
| − | |50mOhm
| + | |
| − | |Vishay
| + | |
| − | |WSLP1206R0500FEA
| + | |
| − | |WSLP-.05CT-ND
| + | |
| − | |}
| + | |
| − | | + | |
| − | === VCC-INT Decoupling Capacitors ===
| + | |
| − | | + | |
| − | The optional decoupling capacitors for the VCC-INT rail are shown on the underside of the PCB here:
| + | |
| − | | + | |
| − | [[File:vccint_caps.jpg|400px]]
| + | |
| − | | + | |
| − | This capacitors are typically not mounted when using the shunt resistor to measure power waveforms.
| + | |
| − | | + | |
| − | === VCC-AUX Shunt Resistor ===
| + | |
| − | The VCC-INT shunt is the primarily power measurement point, as it provides power measurement for both designs inside the FPGA, along with the logic responsible for decrypting bitstreams (as reported at https://eprint.iacr.org/2016/249.pdf). | + | |
| − | | + | |
| − | There may be additional information in the VCC-AUX power supply however, for example monitoring JTAG state transitions. There is a secondary shunt position (by default with no shunt mounted) for exploration of the VCC-AUX power supply. This can be seen in the schematic here:
| + | |
| − | | + | |
| − | [[File:cw305_vccaux_shunt_sch.png|400px]]
| + | |
| − | | + | |
| − | The shunt is located on the rear side of the PCB, as shown here:
| + | |
| − | | + | |
| − | [[File:P1080944.jpg|400px]]
| + | |
| − | | + | |
| − | If using this shunt, you must '''remove''' resistor R26 (which has a metal slug 0-ohm resistor mounted) and replace with an appropriately sized 0805 resistor (suggested: 1 ohm). You must also remove capacitor C98, C95, C97, C94, and C93. They can be seen in the above photo.
| + | |
| − | | + | |
| − | == On-Board Power Supplies ==
| + | |
| − | | + | |
| − | Three switching power supplies are present on the board, which provide the VCC-INT (1.0V), VCC-AUX (1.8V), and VCC-IO (3.3V) supplies. The external IO on the board are all operated at 3.3V.
| + | |
| − | | + | |
| − | === Power Supply Source ===
| + | |
| − | | + | |
| − | You can turn the power to the FPGA on or off using the following switch:
| + | |
| − | | + | |
| − | [[File:fpga_autoonoff.jpg|200px]]
| + | |
| − | | + | |
| − | When in the "OFF" mode the VCC-INT, VCC-IO, and VCC-AUX supplies are turned off. In addition the communications interfaces are all disabled to avoid back-powering the FPGA via the IO pins. If you have external connections (such as driving a clock from the ChipWhisperer) you need to ensure they are also disabled when the power is turned off.
| + | |
| − | | + | |
| − | When in the "AUTO" mode, the state of the power supplies can be controlled from the computer. Typically "AUTO" mode is used as it allows the computer to power cycle the device.
| + | |
| − | | + | |
| − | === Low-Noise Power Supplies ===
| + | |
| − | | + | |
| − | Optional low-noise linear power supplies are available, which fit into the connectors around the switch-mode power supply. They have less power handling capabilities than the on-board switch-mode supplies, but have reduced noise that ends up injected into the PCB (and thus on the power traces).
| + | |
| − | | + | |
| − | These power supplies are only used for VCC-IO and VCC-AUX. Like the on-board supplies they will be disabled when the power to the FPGA is switched off using either the API interface or the target power switch.
| + | |
| − | | + | |
| − | If you wish to have the lowest-noise power source, you must mount the VCC-IO and VCC-AUX low-noise supplies, and also use an external supply for the VCC-INT supply.
| + | |
| − | | + | |
| − | == Shunt Selection ==
| + | |
| − | | + | |
| − | == Fault Injection ==
| + | |
| − | | + | |
| − | == IO Connections ==
| + | |
| − | | + | |
| − | The board contains a number of additional headers.
| + | |
| − | | + | |
| − | === GPIO Header ===
| + | |
| − | | + | |
| − | A 40-pin header is mounted at JP3. This female header also comes with a dual-sided male 40-pin header which ships which each PCB, allowing you to use either gender of connectors with this header.
| + | |
| − | | + | |
| − | The pinout of the header is marked on the PCB. All pins are routed to 3.3V VCC-IO banks on the Artix 7 FPGA. The layout of the header is such that the following can directly be plugged into the board:
| + | |
| − | | + | |
| − | * Digilent Inc PMOD devices
| + | |
| − | | + | |
| − | * NewAE OpenADC Module
| + | |
| − | | + | |
| − | === 20-Pin ChipWhisperer Connector ===
| + | |
| − | | + | |
| − | The bottom right side of the PCB contains a 20-pin connector that follows the standard ChipWhisperer pinout. This connector has ESD diodes present on the PCB to protect both the FPGA from external transients, and from glitches inserted into the FPGA from exiting the board and damaging external test gear.
| + | |
| − | | + | |
| − | === LEDs ===
| + | |
| − | | + | |
| − | === SMA Connectors ===
| + | |
| − | | + | |
| − | Three SMA connectors are present on the board. Two are routed to IO pins on the FPGA, and one routes directly to the on-board PLL.
| + | |
| − | | + | |
| − | === Switches ===
| + | |
| − | | + | |
| − | Two user switches are provided: one push-button, and one 4-item DIP switch.
| + | |
| − | | + | |
| − | The push-button (SW4) routes to FPGA pin R1.
| + | |
| − | | + | |
| − | The dip-switch (S2) routes to FPGA pins J16, K16, K15, and L14 (see PCB silkscreen). With generic designs that dip-switch has the following uses:
| + | |
| − | | + | |
| − | | + | |
| − | See the example design documentation for more details. | + | |
| − | | + | |
| − | == FPGA Configuration ==
| + | |
| − | | + | |
| − | There are three modes you can use to configure the FPGA:
| + | |
| − | | + | |
| − | 1. Over USB using ChipWhisperer software. Requires reconfiguration on every power cycle.
| + | |
| − | | + | |
| − | 2. Over JTAG from Xilinx software. Requires reconfiguration on every power cycle.
| + | |
| − | | + | |
| − | 3. From on-board SPI-Flash on power-up.
| + | |
| − | | + | |
| − | These modes are selected by different FPGA mode switch settings. The mode switches are on the back-side of the PCB as shown below. Note if the switch is set to the left the mode bit is "0", and if the switch is set to the right the bit is set to "1". The mode bits themselves are labeled M2, M1, and M0 from top to bottom.
| + | |
| − | | + | |
| − | [[File:mode_switches.jpg|200px]]
| + | |
| − | | + | |
| − | The setting of the mode switches must be set as in the following table for the desired configuration mode:
| + | |
| − | | + | |
| − | {| class="wikitable"
| + | |
| − | !M0
| + | |
| − | !M1
| + | |
| − | !M2
| + | |
| − | !Configuration Mode
| + | |
| − | |-
| + | |
| − | |1
| + | |
| − | |0
| + | |
| − | |0
| + | |
| − | |SPI Flash
| + | |
| − | |-
| + | |
| − | |1
| + | |
| − | |0
| + | |
| − | |1
| + | |
| − | |JTAG
| + | |
| − | |-
| + | |
| − | |1
| + | |
| − | |1
| + | |
| − | |1
| + | |
| − | |USB
| + | |
| − | |}
| + | |
| − | | + | |
| − | =Software Details=
| + | |
| − | | + | |
| − | The ChipWhisperer software is used to communicate with this board. This can be used either as part of the GUI (i.e., using the CW305 within the ChipWhisperer-Capture), or by importing Python modules and communicating with the CW305.
| + | |
| − | | + | |
| − | ==Driver and Software Installation==
| + | |
| − | | + | |
| − | == Python Example ==
| + | |
| − | | + | |
| − | === Connecting and Programming ===
| + | |
| − | You can connect to the board using the following command:<syntaxhighlight lang="python">
| + | |
| − | from chipwhisperer.capture.targets.CW305 import CW305
| + | |
| − | | + | |
| − | cw = CW305()
| + | |
| − | cw.con(bsfile=r"C:\chipwhisperer\hardware\victims\cw305_artixtarget\fpga\vivado_examples\aes128_verilog\aes128_verilog.runs\impl_35t\cw305_top.bit", force=False)
| + | |
| − | </syntaxhighlight>The optional "bsfile" argument causes it to download a bitstream. If the "force" flag is set to "False", the system will only download the bitstream to an UNPROGRAMMED FPGA.
| + | |
| − | | + | |
| − | If doing development, you probably want to set the force flag to "True". This will ensure you always get a newly programmed FPGA with the latest bitstream.
| + | |
| − | | + | |
| − | === Running AES-128 Example ===
| + | |
| − | You can run the AES-128 example code (the cw305_top.bit file) with the following example:<syntaxhighlight lang="python">
| + | |
| − | from chipwhisperer.capture.targets.CW305 import CW305
| + | |
| − | | + | |
| − | cw = CW305()
| + | |
| − | cw.con(bsfile=r"C:\chipwhisperer\hardware\victims\cw305_artixtarget\fpga\vivado_examples\aes128_verilog\aes128_verilog.runs\impl_35t\cw305_top.bit", force=False)
| + | |
| − | | + | |
| − | test_key = [0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c]
| + | |
| − | test_inp = [0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a]
| + | |
| − | exp_result = [0x3A, 0xD7, 0x7B, 0xB4, 0x0D, 0x7A, 0x36, 0x60, 0xA8, 0x9E, 0xCA, 0xF3, 0x24, 0x66, 0xEF, 0x97]
| + | |
| − | | + | |
| − | cw.loadEncryptionKey(test_key)
| + | |
| − | cw.loadInput(test_inp)
| + | |
| − | cw.go()
| + | |
| − | result = cw.readOutput()
| + | |
| − | | + | |
| − | print "ACT: "+" ".join(["%02X"%c for c in result])
| + | |
| − | print "EXP: "+" ".join(["%02X"%c for c in exp_result])
| + | |
| − | </syntaxhighlight>This will download the bitstream, run an encryption, and print the results. You could for example run 500 encryptions, storing the results to a MATLAB array with the following code:
| + | |
| − | | + | |
| − | <TODO>
| + | |
| − | | + | |
| − | Accessing FPGA Registers
| + | |
| − | | + | |
| − | See the FPGA Projects section for importat details of the FPGA design framework.
| + | |
| − | | + | |
| − | Setting PLL Frequency
| + | |
| − | | + | |
| − | Setting VCC-INT<syntaxhighlight lang="python">
| + | |
| − | #Set vcc-int to 0.95V
| + | |
| − | cw.vccint_set(0.95)
| + | |
| − | </syntaxhighlight>
| + | |
| − | | + | |
| − | ==Programmatic Usage==
| + | |
| − | | + | |
| − | ===Using from Other Languages===
| + | |
| − | | + | |
| − | The provided modules are written in Python, but any language which is supported by libusb can talk to the hardware. This will require you to write your own lower-layer driver and is officially unsupported by NewAE.
| + | |
| − | | + | |
| − | If using from other software (such as MATLAB), it is suggested to use the existing Python interface, which can be done via a simple command-line interface too. The Python interface is guaranteed to maintain compatibility with future changes in the SAM3U firmware.
| + | |
| − | | + | |
| − | ==Simple command-line interface==
| + | |
| − | | + | |
| − | =FPGA Projects=
| + | |
| − | | + | |
| − | =Example Attacks=
| + | |
| − | | + | |
| − | =Ordering Options=
| + | |
