MAHOHard Software Inc.

Hardware Security Module

INITIAL DESIGN REPORT

e1502228 Ali CANDER
e1502152 Ozan Erdem BAYCAN
e1502764 Haldun TOPÇUOĞLU
e1503028 Mustafa ŞİŞMAN

MAHOHard Software Inc.
12/18/2009
## Contents

1-Introduction ................................................................................................................................. 5

1-1 Project Definition and Goals .................................................................................................... 5

1-2 Purpose of Document .................................................................................................................. 6

2-Design Constraints ......................................................................................................................... 6

2-1 Resource Constraints ................................................................................................................... 6

2-2 Power Constraints ....................................................................................................................... 6

2-3 Time Constraints .......................................................................................................................... 7

2-4 Ergonomic Constraints ............................................................................................................... 7

2-5 Performance Constraints ............................................................................................................ 7

2-6 Experience of Members .............................................................................................................. 7

3-System Architecture ....................................................................................................................... 7

3-1 Overview of HSM .......................................................................................................................... 7

3-2 Architectural Design .................................................................................................................... 8

3-2-1 Hardware Design ....................................................................................................................... 8

3-2-2 Software Design ....................................................................................................................... 12

4-Modeling ........................................................................................................................................ 13

4-1 Data Flow Diagrams .................................................................................................................... 13

4-1-1 Level 0 ....................................................................................................................................... 13

4-1-2 Level 1 : HSM ........................................................................................................................... 14

4-1-3 Level 2 : FPGA MODULE ....................................................................................................... 15

4-2 Class Diagrams ............................................................................................................................ 17

4-2-1 Ethernet Module ....................................................................................................................... 17

4-2-2 FPGA Module .......................................................................................................................... 19

4-3 Activity Diagrams ......................................................................................................................... 23

4-3-1 Ethernet Activity Diagram ....................................................................................................... 23

4-3-1 FPGA Activity Diagram .......................................................................................................... 24
5- INTERFACE.......................................................................................................................... 25
   5-1 External Interface............................................................................................................... 25
      5-1-1 Ethernet Port............................................................................................................. 25
      5-1-2 Ethernet Interface.................................................................................................... 25
   5-2 Internal Interface............................................................................................................... 26
      5-2-1 Wishbone Interface.................................................................................................. 26
6- Language Specifications ...................................................................................................... 27
   6-1 Embedded C /C++ ........................................................................................................... 27
   6-2 VHDL ............................................................................................................................... 27
7- Testing and Debugging ....................................................................................................... 28
   7-1 Testing ............................................................................................................................. 28
      7-1-1 Unit Testing ............................................................................................................. 28
      7-1-2 Integration Testing .................................................................................................. 28
      7-1-3 System Testing ....................................................................................................... 28
   7-2 Debugging ....................................................................................................................... 29
8- Gantt Chart .......................................................................................................................... 30
   8-1 Term 1 Gantt Chart ........................................................................................................ 30
   8-2 Term 2 Gantt Chart ........................................................................................................ 31
8- References ........................................................................................................................... 32
Table of Figures

Figure 1: Design Overview ................................................................. 8
Figure 2: Functional Overview of nanoboard.................................................... 10
Figure 3: Overal Component of Hardware Architecture ........................................... 11
Figure 4: Features of Altium Designer .......................................................... 12
Figure 5: Context Level DFD .................................................................. 13
Figure 6: Level1 DFD : HSM ................................................................... 14
Figure 7: Level 2 DFD: FPGA Modules .......................................................... 16
Figure 8: Ethernet Module ...................................................................... 17
Figure 9: FPGA Module ........................................................................ 19
Figure 10: Ethernet Activity Diagram .............................................................. 23
Figure 11: FPGA Activity Diagram ............................................................... 24
1-Introduction

1-1 Project Definition and Goals

Securely managing keys is one of the most important and resource consuming tasks required to guarantee the security on a public key crypto system. This is due to a close relationship between security and the proper management of private keys. A public key crypto system can be considered secure as long as the private keys are secured. Taking this as a premise, it should be guaranteed that a (private) key is strictly secure during all events in its life cycle. This goal can be achieved by designing systems to securely create, manage and destroy (private) keys, maintaining an audit trail of every operation which was done during their existence. Such systems are known as Hardware Security Modules (HSMs).

HSMs are specialised tamper-proof devices in which cryptographic functions and embedded software have been built to properly manage keys and control their life cycles. They are designed in such a way that if an unauthorised attempt to access them is made, this is considered an attempt to tamper and all critical internal parameters and keys are destroyed.

Although very common in the banking industry, HSMs are also desirable in PKI, but not always implemented. As shown in Table 1, their common usage in the banking industry leads to specialisation of the HSMs to perform tasks such as PIN calculations or payment protocols, that are suitable in such industry.

<table>
<thead>
<tr>
<th>Bank HSMs</th>
<th>PKI HSMs</th>
</tr>
</thead>
<tbody>
<tr>
<td>PIN Calculation</td>
<td>Strong Authentication</td>
</tr>
<tr>
<td>Role Based Authentication</td>
<td>Identity Based Authentication</td>
</tr>
<tr>
<td>Dual Key Entry</td>
<td>Strict Key-life Cycle Control</td>
</tr>
<tr>
<td>Payment Protocols</td>
<td>Fully Auditable Operation</td>
</tr>
<tr>
<td>Cryptographic Speed</td>
<td>Triggered Group Mechanisms</td>
</tr>
</tbody>
</table>

Table 1: Comparison Between Bank HSMs and PKI HSM
In this project, it will be tried to develop a PKI HSM. The goals of this HSM are:

- onboard secure generation
- onboard secure storage
- use of cryptographic and sensitive data material
- offloading application servers for complete asymmetric and symmetric cryptography

HSMs provide both logical and physical protection of these materials from non-authorized use and potential adversaries. In short, they protect high-value cryptographic keys.

1-2 Purpose of Document

The purpose of this document is to show our initial design concepts about HSM project. In this document it will be given details of this project according to requirements explained in the requirement analysis report.

2-Design Constraints

2-1 Resource Constraints

There will be need of datasheets of the devices that will be using for this project and manuals of the software development environment that will be used for coding. These documents will be supplied by our teaching assistant and whenever extra information is needed, internet resources will be used. Since this project is an hardware project and similar projects are commercial and are not open source, it will be hard to find related resources. That is why there will be limitations in our development progress.

2-2 Power Constraints

Since Hardware Security Module (HSM) has very critical task, which has not to be interrupted, the power must have some features:

- Power must be supplied continuously without any drop and rising.
- Power supply must supply a voltage in a range. For example, 90-132 and 175-264 VAC.
2-3 Time Constraints

The deadline of the project is June and a prototype should be provided at the end of this semester. Since this project is an embedded project, time is very important constraint. We have to use time very effective in order to achieve some results.

2-4 Ergonomic Constraints

Since new platforms such as “Altium Designer” will be used which is new for all team members, there may be some problem.

2-5 Performance Constraints

First, HSM must provide a significant speed for data transferring and all other functionality. Besides, When number of transferred data increase, HSM must also provide parallelism. For example if there are more than one data will be encrypted, HSM must share these data between suitable modules. By that way, in one time more than one data can be encrypted. Supplying these features will be big deal.

2-6 Experience of Members

Lack of experience of the team members on coding for embedded device is one of the restrictions. Sometimes, some difficulties may be faced with managing unexpected problems and unforeseen details of the project.

3-System Architecture

3-1 Overview of HSM

As it is explained throughout the report, HSM system needs a complex architecture because lots of modules will work cooperatively. Therefore, the architecture should be easily modifiable according to changes and it should allow developers for developing new modules. Moreover, it should make this complex system's development phase less difficult with good separation of layers.
3-2 Architectural Design

3-2-1 Hardware Design

HSM will be designed on a board which is called Altium Nanoboard 3000. This board has been chosen this board because of some of its features and advantages. Some advantages of this board are:

- Perfect entry-point to discover and explore the world of FPGA-based embedded systems design. Programmable hardware realm allows designer to update the design quickly and many times over without incurring cost or time penalties
- Reprogrammable hardware development platform that harnesses the power of a dedicated high-capacity, low-cost programmable device to allow rapid and interactive implementation and debugging of our designs
- High-capacity FPGA located on the motherboard, and provision for a single plug-in peripheral board (Altium or user’s own) for additional system flexibility.
- Automatic peripheral board detection and configuration.
This board has some basic and important features which make us choose it. Some of them are:

- **NanoBoard 3000XN** – with fixed Xilinx® Spartan™-3AN device (XC3S1400AN-4FGG676C)
- Variety of standard communications interfaces: RS-232, RS-485, PS/2, 10/100 Fast Ethernet, USB 2.0, S/PDIF, MIDI.
- On-board memories accessible by user FPGA: 256KB x 32-bit common-bus SRAM (1MB), 16M x 32-bit common-bus SDRAM (64MB), 8M x 16-bit common-bus 3.0V Page Mode Flash memory (16MB), dual 256KB x 16-bit independent SRAM (512KB each).
- Four 8Mbit SPI flash memory devices – one containing Primary boot image for Host Controller, one containing golden boot image for Host Controller, two for use by user FPGA (for boot/embedded purposes).
- Host (NanoTalk) Controller hosts the NanoBoard firmware. Responsibilities include managing JTAG communications (with Altium Designer/User FPGA/connected peripheral board), as well as access to common-bus SPI resources.
- High-speed PC interconnection through USB 2.0 allows for fast downloading and debugging.

Since the HSM implementation will be on Altium nanoboard, all basic functionality and peripherals of board have to be known. Below, there is functional overview of this board. i
Figure 2: Functional Overview of nanoboard.
3-2-1-1 Hardware Components

The hardware components are on the User FPGA part of nanoboard. Other peripherals of nanoboard will be used in order to communication, storage, debugging etc. For example, Ethernet port will be used for communication with server. Besides, all components inside User FPGA will talk with each other by wishbone interface. Main picture of components are below:

Figure 3: Overall Component of Hardware Architecture
HSM Executive is main picture of our HSM project. It has two main parts, which are external communication and FPGA management parts. External communication part is used for communication with server. FPGA management part is used for cryptographic functions, time scheduling and data management. FPGA will be composed of 6 parts. Five of them are for cryptographic functions and one is for microprocessor. We will doing all data management and time scheduling by using microcontroller unit. In this report we will explain working hierarchy of all parts in detail with data flow and class diagrams.

3-2-2 Software Design

Since Altium Nanoboard will be used, “Altium Designer” is chosen as a product development system. Altium Designer involves all needed libraries for the board and other devices that is need in the project development. This system offers a single solution to develop hardware, programmable hardware and software. Beside that, it is very easy to debug the work by using this system. Figure 4 will briefly shows features of Altium Designer.

<table>
<thead>
<tr>
<th>feature</th>
<th>description</th>
</tr>
</thead>
<tbody>
<tr>
<td>DXP Platform</td>
<td>Software integration platform, consistent GUI provided for all supporting editors and viewers, Design Insight for design document preview, design release management, design compile, file management, version control interface and scripting engine</td>
</tr>
<tr>
<td>Schematic – Viewer</td>
<td>Open, view and print schematic documents and libraries</td>
</tr>
<tr>
<td>PCB – Viewer</td>
<td>Open, view and print PCB documents, additionally view and navigate 3D PCBs</td>
</tr>
<tr>
<td>CAM File – Viewer</td>
<td>Open CAM and mechanical files</td>
</tr>
<tr>
<td>Schematic – Soft Design Editing</td>
<td>All schematic and schematic library editing capabilities (except in PCB Projects and Free Documents), netlist generation</td>
</tr>
<tr>
<td>Simulation – VHDL</td>
<td>VHDL simulation engine, integrated debugger and waveform viewer, with third-party support for ModelSim and Active-HDL</td>
</tr>
<tr>
<td>NanoBoard Support</td>
<td>Range of auto-configured, swappable target FPGA daughter boards (from all chip vendors) are supported plus plug-in peripheral boards for complete flexibility in system architecture, Power Monitor for FPGA designs</td>
</tr>
<tr>
<td>FPGA Design</td>
<td>Custom FPGA Logic Development in C, OpenBus, Schematic, VHDL and Verilog design synthesis, Custom Wishbone Interface Component</td>
</tr>
<tr>
<td>FPGA Processor Cores</td>
<td>Support for a range of 32-bit soft processors for use in FPGA design: T5K300DA, Xilinx MicroBlaze®, Altera Nios II®, Actel CoreMP®, also support for the PowerPC (PPC405) discrete processor, immersed in the Xilinx Virtex II Pro®, as well as a number of legacy, 8-bit Microcontrollers (T5K51, T5K32, T5K80 and T5K165)</td>
</tr>
<tr>
<td>Processor Core Embedded Tools</td>
<td>Full software development tool chain – C compiler/assembly/source-level debugger/profile for each supported 32-bit processor, Plug-n-Play Software Platform Builder for easier hardware access</td>
</tr>
<tr>
<td>Programmable FPGA-Based Instruments</td>
<td>Post-synthesized FPGA-ready instruments including Custom Instrument, Terminal Emulator, Digital/IQ, Crosspoint Switch, Logic Analyzer, Frequency Generator, Frequency Counter, Field Dashboard for remote access</td>
</tr>
<tr>
<td>Soft Device JTAG Support</td>
<td>Live connection to soft devices such as virtual instruments and processors running inside an FPGA</td>
</tr>
<tr>
<td>Hard Device JTAG Support</td>
<td>Interactive monitoring of pin status for any JTAG device</td>
</tr>
<tr>
<td>IP Core Design Re-Use</td>
<td>Support for importing third-party FPGA IP cores, developing and reusing IP libraries</td>
</tr>
<tr>
<td>Import/Export</td>
<td>Supports import and/or export of designs and library data created in OrCAD, Allegro, PADS, DaDesigner, Cadstar, P-CAD, CircuitMaker, Protel and more</td>
</tr>
</tbody>
</table>

Figure 4: Features of Altium Designer

MAHOHard Software Inc.
4- Modeling

4-1 Data Flow Diagrams

4-1-1 Level 0

As it can be seen from the figure 5, HSM will basically be in communication with server. Server will send a packet which cover request and data. HSM will process the packet and will return answer. The answer will change according to request.
4-1-2 Level 1 : HSM

Figure 6: Level1 DFD : HSM
Packet coming from server comes to ethernet module by TCP/IP protocol at first. Then packet is transferred to the FPGA by wishbone interface. FPGA modules process packet and if there is a request about secure storage, FPGA module reaches to secure storage again with wishbone interface. After process, FPGA sends packet back to the ethernet module by wishbone interconnection. Finally, ethernet module sends answers back to server. Ethernet module, TCP/IP protocol and wishbone interface will be explained in this document.

4-1-3 Level 2 : FPGA MODULE

FPGA module includes six processes :

- Encryption : It will have encryption function with strong cryptographic algorithm such AES,DES.
- Decryption : It will have decryption function.
- Hashing : It will have hash function with strong algorithm.
- Key Generation : It will have a function that generate random keys when key is needed.
- Digital Signature : It will have a function that produce digital signature or verify the signature that is produced by itself.
- Microcontroller : Microcontroller will manage all data flows in the system.

As it can be seen below, wishbone interface is used for all connection between all FPGA components and peripherals. All Cryptographic functions will be explained in class hierarchy in this report. Beside that, wishbone interface will be explained in interface chapter in detail. The most important component of FPGA module, microcontroller, will briefly be explained in processor chapter.
Figure 7: Level 2 DFD: FPGA Modules
4-2 Class Diagrams

4-2-1 Ethernet Module

Figure 8: Ethernet Module
There are explanations of Ethernet module’s classes below:

**PacketReader** is an abstract class that is responsible for reading packets from an input source. It includes methods for reading either a single packet or multiple packets at once. The pendingPacketCount member returns the unread packet count waiting at the input source.

**Packet class** is the data structure that is used to define a single packet. The member variables of this class are filled by the object that reads the packet from the input source.

**PacketSequence** is the collection class for packets that have the same source and destination addresses and same ports. It includes methods that provide random access to packets stored in the collection.

**OrderedPackets** extends the PacketSequence class to add functionality that orders the packets in the sequence based on their sequence number.

**PacketBuffer** implements a simple FIFO queue mechanism that is able to store a predefined number of packets in a queue data structure.
4-2-2 FPGA Module

Figure 9: FPGA Module
Classes of FPGA modules are explained below in details:

Wishbone is the interface which is responsible for data transfers between Controller and other modules. Therefore every module is dependent to this Wishbone interface. 

getPrivateKey and getPublicKey functions are generic and polymorphic functions that can be redefined in its subclasses. Other methods are redefined in Controller class.

Key is a simple class that holds a single private key. This key is used in other classes. getKey() method returns the value of key that is stored in "key" field.

Storage is the class where exists an array of keys which are stored in the secure storage. Requested key values which are needed by other classes (i.e. AES, DES) are found on this class’ “keys” field. When a request comes, requested key is going to be found and sent back from here.

Controller is the class where all request are going to be sent. It holds a data which is going to be processed by AES, DES, Digital Signature, Hash classes’ methods.

- hashSignal method sends the data with a signal which is used to tell Wishbone interface that the request is a hash request.
- signatureSignal method sends the data with a signal which is used to tell Wishbone interface that the request is a digital signature request.
- encrypt method sends the data with a signal which is used to tell Wishbone interface that the request is an encryption request.
- decrypt method sends the data with a signal which is used to tell Wishbone interface that the request is a decryption request.
- Keygen method sends only a signal that requests random key generation.

HASH is the class where the hash requests are handled. The hash algorithm will be MD5 algorithm. The main MD5 algorithm operates on a 128-bit state, divided into four 32-bit words, denoted A, B, C and D. These are initialized to certain fixed constants. The main algorithm then operates on each 512-bit message block in turn, each block modifying the state. The processing of a message block consists of four similar stages, termed rounds; each round is composed of 16 similar operations based on a non-linear function \( F \), modular addition, and left rotation. There are four possible functions \( F \); a different one is used in each round:

\[
\begin{align*}
F(X, Y, Z) &= (X \land Y) \lor (\neg X \land Z) \\
G(X, Y, Z) &= (X \land Z) \lor (Y \land \neg Z) \\
H(X, Y, Z) &= X \oplus Y \oplus Z \\
I(X, Y, Z) &= Y \oplus (X \lor \neg Z)
\end{align*}
\]
Encrypt class is the class where encryption requests are handled. There will be several encryption functions to encrypt data.

- encryptAES method uses Advanced Encryption Standard algorithm in order to encrypt data.

**Advanced Encryption Standard (AES) algorithm:**

AES is based on a design principle known as a Substitution permutation network. It is fast in both software and hardware. Unlike its predecessor, DES, AES does not use a Feistel network.

AES has a fixed block size of 128 bits and a key size of 128, 192, or 256 bits, whereas Rijndael can be specified with block and key sizes in any multiple of 32 bits, with a minimum of 128 bits and a maximum of 256 bits.

AES operates on a 4×4 array of bytes, termed the state (versions of Rijndael with a larger block size have additional columns in the state). Most AES calculations are done in a special finite field.

The AES cipher is specified as a number of repetitions of transformation rounds that convert the input plaintext into the final output of ciphertext. Each round consists of several processing steps, including one that depends on the encryption key. A set of reverse rounds are applied to transform ciphertext back into the original plaintext using the same encryption key.

- encryptDES method uses Data Encryption Standard algorithm in order to encrypt data.

**Data Encryption Standard (DES) algorithm:**

There are 16 identical stages of processing, termed rounds. There is also an initial and final permutation, termed IP and FP, which are inverses (IP "undoes" the action of FP, and vice versa). IP and FP have almost no cryptographic significance, but were apparently included in order to facilitate loading blocks in and out of mid-1970s hardware, as well as to make DES run slower in software.

Before the main rounds, the block is divided into two 32-bit halves and processed alternately; this criss-crossing is known as the Feistel scheme. The Feistel structure ensures...
that decryption and encryption are very similar processes — the only difference is that the subkeys are applied in the reverse order when decrypting. The rest of the algorithm is identical. This greatly simplifies implementation, particularly in hardware, as there is no need for separate encryption and decryption algorithms.

Decrypt class is the class where decryption requests are handled. There will be several decryption functions to decrypt data.

- decryptAES uses the same AES algorithm with subkeys in reverse order to decrypt data.
- decryptDES uses the same DES algorithm with subkeys in reverse order to decrypt data.

Random Key Generator is the class that produces public and private keys.

producePrivateKey: Produces the private key and returns it.

producePublicKey: Produces the public key and returns it.

Digital Signature class will produce unique signatures according to the public key, private key and the message.

A digital signature scheme typically consists of three algorithms:

- A key generation algorithm that selects a private key uniformly at random from a set of possible private keys. The algorithm outputs the private key and a corresponding public key.
- A signing algorithm which, given a message and a private key, produces a signature.
- A signature verifying algorithm which given a message, public key and a signature, either accepts or rejects the message's claim to authenticity.

Two main properties are required. First, a signature generated from a fixed message and fixed private key should verify the authenticity of that message by using the corresponding public key. Secondly, it should be computationally infeasible to generate a valid signature for a party who does not possess the private key.
4-3 Activity Diagrams

Basic activity diagrams of HSM system are below. Activity diagrams enclose FPGA and Ethernet modules. Detailed information and other important features (Ethernet signals, FPGA pins and packet content etc.) will be explained in “Detailed Design Report”.

4-3-1 Ethernet Activity Diagram

Figure 10: Ethernet Activity Diagram
4-3-1 FPGA Activity Diagram

Figure 11: FPGA Activity Diagram
5- INTERFACE

According to HSM’s working principal, two interface will be used. Contrary to expectations, these interfaces will not be graphical user interfaces. These interfaces are called physical interfaces and they will be used for connecting hardware component to each other and making connection available between them. One of the interfaces is internal interface which connects HSM’s internal components with each other and the other one is external interface which is used for connecting HSM with outside world.

5-1 External Interface

External interface is between HSM and “Server”. This physical connection will be provided by ethernet interface. Altium Nanoboard provides a fast Ethernet connection, supporting 10Base-T and 100Base-TX, for operational speeds of up to 10Mbps and 100Mbps respectively. Before explaining ethernet interface, some information about ethernet port will be given in order to understand easily how ethernet connection works.

5-1-1 Ethernet Port

An 8P8C ('RJ45') modular connector is used to provide the Ethernet port (a FC0901238, from Konvee). The connector has integrated 10/100Base-T Ethernet Isolation Transformers and two indication LEDs. The latter – one yellow and one green – have been wired to reflect the Link status and 100Mbps activity, respectively. Connection to the external network is made using standard Category 5 unshielded twisted pair (UTP) network cable.

Providing the interface between an Ethernet Media Access Controller in an FPGA design and the external network, is an RTL8201CL 10/100M Fast Ethernet PHYceiver[1] device (from Realtek). vii

5-1-2 Ethernet Interface

Table 2 summarizes the available design interface component that can be placed from the FPGA Nanoboard 3000 Port-Plugin.IntLib to access the Ethernet interface. Port-Plugin.IntLib is coming ready with “Altium Designer” and it will make job easier for the project. Detailed information about ethernet interface will be given in Detailed Design Report.
<table>
<thead>
<tr>
<th>Component Symbol</th>
<th>Component Name</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>ETH_PHY</td>
<td>Place this component to access the RTL8201CL PHYceiver device and subsequent Ethernet port.</td>
<td></td>
</tr>
</tbody>
</table>

Table 2: Ethernet Interface port-plugin component.\textsuperscript{viii}

### 5.2 Internal Interface

Wishbone interface will be used for making connection between HSM’s internal components with each other. “Altium Designer” will also provides wishbone interconnection for designer. There are various wishbone interconnections for different aims. Basically custom wishbone interface will be explained. Detailed information about wishbone interface will be given in Detailed Design Report.

#### 5.2.1 Wishbone Interface
The Wishbone Interface component (WB_INTERFACE) enables designer to build a custom Wishbone peripheral in a design, extending your 32-bit FPGA systems through the creation of custom FPGA logic.

The Wishbone Interface component has a fully configurable interface for transferring data to/from connected logic, and a Wishbone bus to interface with a host processor. The individual units of this configurable interface are referred to as 'items'. The interface can include a combination of one or more of the following items:

- Internal Registers – which allow values to be read from, and/or written to, connected logic.
- Command Sets – which allow operations to be enabled on connected logic.
- External Address Ranges – which allow access to blocks of addresses on connected

In addition to making the task of building Wishbone peripherals far easier, the Wishbone Interface component also provides the ability to generate C code based on the items specified in the interface simplifying interaction with the component from the embedded code running on the host processor.

6- Language Specifications

6-1 Embedded C /C++

C and C++ are general programming languages and can be used for implementing software system and portable application software. Programmers around the world embrace C and C++ because it gives maximum control and efficiency to the programmer.

Microprocessor (TSK 3000A) and wishbone connections will be implemented by using these languages.

6-2 VHDL

VHDL is a programming language that has been designed and optimized for describing the behavior of digital systems. VHDL has many features appropriate for describing the behavior of electronic components ranging from simple logic gates to complete microprocessors and custom chips. Features of VHDL allow electrical aspects of circuit behavior (such as rise and fall times of signals, delays through gates, and functional operation) to be precisely described. The resulting VHDL simulation models can then be used as building blocks in larger circuits (using schematics, block diagrams or system-level VHDL descriptions) for the purpose of simulation. VHDL will be used in order to design FPGA. Cryptographic modules such as Encryption and Decryption module will be designed by using VHDL programming Language.
7- Testing and Debugging

7-1 Testing

The aim of this part is to detect errors and bugs of the hardware security module. A good testing strategy hopefully will make the project work fully. There are the testing strategies which are going to be used in testing part.

7-1-1 Unit Testing

The aim of this kind of testing is to verify whether the smallest testable pieces of the application are working properly or not. In this phase of testing each unit will be tested separately before integrating it to the whole system. Since finding the possible error in the integrated project is crucial, this stage is relatively important. Also this stage ensures that integration test may only have integration errors and hopefully has no unit dependent errors appear.

7-1-2 Integration Testing

This testing stage is a little extended form of unit testing. It occurs after unit testing and before system testing. Integration testing takes as its input modules that have been unit tested, groups them in larger aggregates, applies tests defined in an integration test plan to those aggregates, and delivers as its output the integrated system ready for system testing.

The purpose of integration testing is to verify functional, performance, and reliability requirements placed on major design items. These "design items", i.e. assemblages (or groups of units), are exercised through their interfaces using Black box testing, success and error cases being simulated via appropriate parameter and data inputs. Simulated usage of shared data areas and inter-process communication is tested and individual subsystems are exercised through their input interface. Test cases are constructed to test that all components within assemblages interact correctly, for example across procedure calls or process activations, and this is done after testing individual modules, i.e. unit testing. The overall idea is a "building block" approach, in which verified assemblages are added to a verified base which is then used to support the integration testing of further assemblages.

7-1-3 System Testing

System testing of software or hardware is testing conducted on a complete, integrated system to evaluate the system's compliance with its specified requirements. System testing falls within the scope of black box testing, and as such, should require no knowledge of the inner design of the code or logic.
As a rule, system testing takes, as its input, all of the "integrated" software components that have successfully passed integration testing and also the software system itself integrated with any applicable hardware system(s). The purpose of integration testing is to detect any inconsistencies between the software units that are integrated together (called assemblages) or between any of the assemblages and the hardware. System testing is a more limiting type of testing; it seeks to detect defects both within the "inter-assemblages" and also within the system as a whole.

7-2 Debugging

Debugging is the act of testing designer hardware design and any embedded software (running on 'soft' processors therein), to obtain the desired (correct) performance and functionality. Debugging is an important element of the overall design strategy, and effective debugging can save a lot of time and money when it comes time to deploy your end design in the field.

Since “Altium Designer“ will be used for this project, Altium Designer’s debugging environment will be used. In Altium Designer, debugging of hardware is provided courtesy of 'virtual' instruments – components which are 'wired' into the actual FPGA design but which, on programming the physical device, offer software-based controls for interrogation and control of nodes within the design. Imagine being able to walk around inside the physical FPGA device, armed with your favorite test instruments, and programmer will have some idea of what these instruments can offer as part of a 'live' debugging environment.
INITIAL DESIGN REPORT

MAHOF HARD SOFTWARE INC.

8.1 Gantt Chart

<table>
<thead>
<tr>
<th>Task Name</th>
<th>Duration</th>
<th>Start</th>
<th>Finish</th>
</tr>
</thead>
<tbody>
<tr>
<td>Analysis</td>
<td>17 days</td>
<td>Fri 02.10.09</td>
<td>Mon 26.10.09</td>
</tr>
<tr>
<td>Topic Selection</td>
<td>7 days</td>
<td>Fri 02.10.09</td>
<td>Mon 12.10.09</td>
</tr>
<tr>
<td>Proposal Report</td>
<td>10 days</td>
<td>Tue 10.10.09</td>
<td>Mon 25.10.09</td>
</tr>
<tr>
<td>Milestone: Proposal</td>
<td>8 days</td>
<td>Mon 26.10.09</td>
<td>Mon 26.10.09</td>
</tr>
<tr>
<td>Requirement Analysis Report</td>
<td>10 days</td>
<td>Tue 27.10.09</td>
<td>Tue 17.11.09</td>
</tr>
<tr>
<td>Scope Outlining</td>
<td>1 day</td>
<td>Tue 27.10.09</td>
<td>Tue 27.10.09</td>
</tr>
<tr>
<td>Customer Survey</td>
<td>1 day</td>
<td>Tue 27.10.09</td>
<td>Tue 27.10.09</td>
</tr>
<tr>
<td>Project Plan and Scheduling</td>
<td>1 day</td>
<td>Wed 28.10.09</td>
<td>Wed 28.10.09</td>
</tr>
<tr>
<td>Technical Research</td>
<td>5 days</td>
<td>Thu 29.10.09</td>
<td>Wed 04.11.09</td>
</tr>
<tr>
<td>Market Survey</td>
<td>1 day</td>
<td>Thu 05.11.09</td>
<td>Thu 05.11.09</td>
</tr>
<tr>
<td>Outlining requirements</td>
<td>3 days</td>
<td>Fri 05.11.09</td>
<td>Tue 10.11.09</td>
</tr>
<tr>
<td>Data Modelling</td>
<td>2 days</td>
<td>Wed 11.11.09</td>
<td>Thu 12.11.09</td>
</tr>
<tr>
<td>Functional Modelling</td>
<td>1 day</td>
<td>Fri 13.11.09</td>
<td>Fri 13.11.09</td>
</tr>
<tr>
<td>Use Case Modelling</td>
<td>1 day</td>
<td>Mon 15.11.09</td>
<td>Mon 16.11.09</td>
</tr>
<tr>
<td>Finalize Requirements Analysis</td>
<td>1 day</td>
<td>Tue 17.11.09</td>
<td>Tue 17.11.09</td>
</tr>
<tr>
<td>Milestone: DAR</td>
<td>8 days</td>
<td>Tue 17.11.09</td>
<td>Tue 17.11.09</td>
</tr>
<tr>
<td>Initial Design</td>
<td>23 days</td>
<td>Wed 08.11.09</td>
<td>Fri 16.12.09</td>
</tr>
<tr>
<td>Detailed Technical Research</td>
<td>10 days</td>
<td>Wed 18.11.09</td>
<td>Wed 01.12.09</td>
</tr>
<tr>
<td>Architectural Design</td>
<td>7 days</td>
<td>Wed 02.12.09</td>
<td>Thu 18.12.09</td>
</tr>
<tr>
<td>Preparing Initial Design Report</td>
<td>6 days</td>
<td>Fri 11.12.09</td>
<td>Fri 18.12.09</td>
</tr>
<tr>
<td>Milestone: Initial Design Report</td>
<td>6 days</td>
<td>Fri 18.12.09</td>
<td>Fri 18.12.09</td>
</tr>
<tr>
<td>Milestone: Project Presentation</td>
<td>6 days</td>
<td>Mon 21.12.09</td>
<td>Mon 21.12.09</td>
</tr>
<tr>
<td>Detailed Design</td>
<td>10 days</td>
<td>Fri 18.12.09</td>
<td>Fri 03.01.10</td>
</tr>
<tr>
<td>Detailed Technical Research</td>
<td>13 days</td>
<td>Fri 18.12.09</td>
<td>Tue 05.01.10</td>
</tr>
<tr>
<td>Communication HSW -&gt; Servi</td>
<td>4 days</td>
<td>Wed 23.12.09</td>
<td>Mon 28.12.09</td>
</tr>
<tr>
<td>Detailed Architecture Design</td>
<td>5 days</td>
<td>Tue 29.12.09</td>
<td>Mon 04.01.10</td>
</tr>
<tr>
<td>Writing Detailed Design Report</td>
<td>4 days</td>
<td>Tue 05.01.10</td>
<td>Fri 08.01.10</td>
</tr>
<tr>
<td>Milestone: Detailed Design Re</td>
<td>3 days</td>
<td>Fri 08.01.10</td>
<td>Fri 08.01.10</td>
</tr>
<tr>
<td>Prototype</td>
<td>8 days</td>
<td>Mon 11.01.10</td>
<td>Thu 24.01.10</td>
</tr>
<tr>
<td>Prototype Implementation</td>
<td>3 days</td>
<td>Mon 11.01.10</td>
<td>Wed 13.01.10</td>
</tr>
<tr>
<td>Testing with Sample Data</td>
<td>3 days</td>
<td>Thu 14.01.10</td>
<td>Mon 18.01.10</td>
</tr>
<tr>
<td>Debugging</td>
<td>1 day</td>
<td>Thu 19.01.10</td>
<td>Thu 19.01.10</td>
</tr>
<tr>
<td>Milestone: Prototype</td>
<td>8 days</td>
<td>Thu 21.01.10</td>
<td>Thu 21.01.10</td>
</tr>
</tbody>
</table>
8-2 Term 2 Gantt Chart
9- References

http://wiki.altium.com/display/ADOH/Key+Features+of+the+NanoBoard+3000

http://wiki.altium.com/display/ADOH/Functional+Overview+of+the+NanoBoard+3000


http://www.ietf.org/rfc/rfc1321.txt


http://wiki.altium.com/display/ADOH/Ethernet+Protocol

http://wiki.altium.com/display/ADOH/Ethernet+Protocol

http://wiki.altium.com/display/ADOH/WB_INTERCON+-+Configurable+Wishbone+Interconnect