User guide
Spartan-6 FPGA Configuration User Guide www.xilinx.com 93
UG380 (v2.7) October 29, 2014
eFUSE
If CNTL[17] is NOT programmed:
• Encryption can be enabled or disabled via the BitGen options.
• The AES key stored in eFUSE or battery-backed SRAM can be selected via the BitGen
options.
Once CNTL[17] is programmed, only bitstreams encrypted with the eFUSE key can be
used to configure the FPGA.
Configuration memory is blocked after initial configuration if CNTL[16] is programmed.
The only way to reconfigure the device is to issue a JTAG JPROG instruction, cycle power,
or pulse the PROGRAM_B pin.
12 CNTL Security Disable read and write of
the CNTL registers.
Redundant with
CNTL[8].
The user must program this bit after
programming and verifying AES and
CNTL registers to prevent
manipulation or readback of these
registers.
13 - - Reserved
14 Key Security Disables read and write of
KEY register. Redundant
with CNTL[10].
The user must program this bit after
programming and verifying AES
registers to prevent manipulation or
readback of these registers.
15 - - Reserved
16 aes_exclusive Disables partial
reconfiguration.
This bit requires the FPGA contents to
be cleared prior to reconfiguration by
issuing a JPROG JTAG instruction,
pulsing the PROGRAM_B pin, or
cycling power to the FPGA.
Caution! If this bit is programmed,
Return Material Authorization
(RMA) device analysis and debug is
limited. An alternative that does not
limit RMA analysis is Security
Level3.
17 cfg_aes_only The FPGA can only be
configured using the AES
key stored in the eFUSE
KEY register after this bit
is programmed.
The FPGA can only be configured by a
bitstream that was encrypted with the
AES key stored in the eFUSE AES
register.
Caution! If this bit is programmed,
the device cannot be used unless
the AES key is known. Return
Material Authorization (RMA)
returns cannot be accepted if this bit
is programmed.
18:31 - - Reserved
Table 5-19: eFUSE CNTL Register Bits (Cont’d)
Bit # Name Description Comments