PR bitstream security validation enables multi-tenant FPGA usage. For example, a platform owner partitions a single device to host multiple third-party clients. The platform owner may not trust the clients, and the clients may not trust each other, but the clients trust the platform owner. PR bitstream security validation provides the platform owner and clients protection from any party corrupting the proprietary server, the client configurations, or from initiating a peek or poke attack by a subsequent partial reconfiguration.
PR bitstream validation allows the platform owner to determine whether the client has modified their .pmsf file in an attempt to damage the FPGA, or has attempted connection to signals without access. To be effective, the platform owner must accept only .pmsf files (not .rbf) from the client, and the platform owner must validate all client .pmsf files. Thereafter, the Programmer requires both the .pmsf and .smsf to generate the PR bitstream (.rbf) for this PR region, ensuring that the PR persona can only change bits that the persona owns. The Platform Owner can optionally release .smsf files to third-party Clients as part of the PR region collateral.
For PR bitstream validation, the platform owner generates the .smsf file themselves, to ensure that the platform owner can trust the .smsf. The bitstream validation check compares the client supplied .pmsf against the trusted .smsf. The comparison fails if the .pmsf is invalid for deliberate or accidental reasons.