Vitis Security Library is an open-sourced Vitis library written in C++ for accelerating security applications in a variety of use cases.

It now covers one level of acceleration: the primitive level. In this level, it provides optimized hardware implementation of most common relational security algorithms. Such as, Synmmetric Block Cipher, Symmetirc Stream Cipher, Asymmetric Cryptography, Cipher Modes of Operations, Message Authentication Code, and Hash Function.

Since all the primitive code is developed in HLS C++ with the permissive Apache 2.0 license, advanced users can easily tailor, optimize or assemble property logic. Benchmarks of 4 different acceleration applications are also provided with the library for easy on-boarding and comparison.

Comprehensive documentation

A list of Vitis projects can be found L1/benchmarks. They are provided to help users to evaluate the performance of most critical primitives. For further detials, please refer to benchmark result.

This library is designed to work with Vitis 2022.2, and therefore inherits the system requirements of Vitis and XRT.

Supported operating systems are RHEL/CentOS 7.4, 7.5 and Ubuntu 16.04.4 LTS, 18.04.1 LTS. With CentOS/RHEL 7.4 and 7.5, C++11/C++14 should be enabled via devtoolset-6.

Hardware modules are designed to work with 16nm Alveo cards. Benchmarks are best tuned for U250, and could be tailored for other devices.

• Alveo U200
• Alveo U250
• Alveo U280

Setup the build environment using the Vitis and XRT scripts:

 $ source <install path>/Vitis/2022.2/settings64.sh  $ source /opt/xilinx/xrt/setup.sh

Vitis libraries are organized into L1, L2, and L3 folders, each relating to a different stage of application development.

L1 : Makefiles and sources in L1 facilitate HLS based flow for quick checks. Tasks at this level include:

• Check the functionality of an individual kernel (C-simulation)

• Estimate resource usage, latency, etc. (Synthesis)

• Run cycle accurate simulations (Co-simulation)

• Package as IP and get final resource utilization/timing details (Export RTL)

  Note: Once RTL (or XO file after packaging IP) is generated, the Vivado flow is invoked for XCLBIN file generation if required.

L2 : Makefiles and sources in L2 facilitate building XCLBIN file from various sources (HDL, HLS or XO files) of kernels with host code written in OpenCL/XRT framework targeting a device. This flow supports:

• Software emulation to check the functionality
• Hardware emulation to check RTL level simulation
• Build and test on hardware

L3 : Makefiles and sources in L3 demonstrate applications developed involving multiple kernels in pipeline. These Makefiles can be used for executing tasks, as with the L2 Makefiles.

The common tool and library pre-requisites that apply across all design flows are documented in the requirements section above.

Recommended design flows are decribed as follows:

L1 provides the basic primitives which cover the most common algorithms in security.

The recommend flow to evaluate and test L1 components is described as follows using Vivado HLS tool. A top level C/C++ testbench (typically algorithm_name.cpp) prepares the input data, passes them to the design under test, then performs any output data post processing and validation checks.

A Makefile is used to drive this flow with available steps including CSIM (high level simulation), CSYNTH (high level synthesis to RTL) and COSIM (cosimulation between software testbench and generated RTL), VIVADO_SYN (synthesis by Vivado), VIVADO_IMPL (implementation by Vivado). The flow is launched from the shell by calling make with variables set as in the example below:

$ . /opt/xilinx/xrt/setup.sh $ export PLATFORM_REPO_PATHS=/opt/xilinx/platforms $ cd L1/tests/specific_algorithm/ $ make run CSIM=1 CSYNTH=0 COSIM=0 VIVADO_SYN=0 VIVADO_IMPL=0 PLATFORM=u250_xdma_201830_1 # Only run C++ simulation on U250 card

As well as verifying functional correctness, the reports generated from this flow give an indication of logic utilization, timing performance, latency and throughput. The output files of interest can be located at the location of the test project where the path name is correlated with the algorithm. i.e. the callable function within the design under test.

To run the Vitis projects for benchmark evaluation and test, you may need the example below:

$ ./opt/xilinx/xrt/setup.sh $ export PLATFORM_REPO_PATHS=/opt/xilinx/platforms $ cd L1/benchmarks/specific_algorithm/ $ # Run hardware emulation for cycle-accurate simulation with the RTL-model $ make run TARGET=hw_emu DEIVCE=u250_xdma_201830_1 $ # Run hardware to generate the desired xclbin binary $ make run TARGET=hw DEIVCE=u250_xdma_201830_1 $ # Delete xclbin and host excutable program $ make cleanall

Licensed using the Apache 2.0 license.

Copyright (C) 2019-2022, Xilinx, Inc. Copyright (C) 2022-2023, Advanced Micro Devices, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. Copyright (C) 2019-2022, Xilinx, Inc. Copyright (C) 2022-2023, Advanced Micro Devices, Inc. 

Welcome! Guidelines to be published soon.