Jetson TK1 Dev Kit - How to Use TSEC

Hi Everyone,

I have some general questions regarding the “Security Coprocessor (TSEC)” referenced in the Tegra K1 Technical Reference Manual.

Can TSEC be used with the Dev Kit? Can it be used to securely hold, control access to and allow use of secure data (passwords, keys, etc) without placing them into memory?

If so, how can this be accomplished? Would there be a significant performance penalty when using TSEC in this way?

In our specific case, we are looking for a way to prevent someone with physical access to the device from gaining access to specific information that is needed/used when operating the device. A good parallel example would be preventing access to encryption key(s) used for full disk encryption. Our ideal ‘end result’ would be something similar to the way an iPhone 6 protects its unique device encryption key. Specifically, that the key used to encrypt/decrypt the device memory cannot be forcibly extracted (as far as I’m aware), and all password attempts must be sent through the device processor (allowing enforcement of attempt count and auto-delete after X failed attempts).

Is it possible to prototype/test this kind of behavior with the TK1 Dev Kit? If not, would it possible to create the desired behavior using the TK1 processor with custom hardware/PCB?

Thanks for your help!