Silicon Lifecycle States — DEV / PROD / LOCKED / RMA / EOL
The zeroRISC lifecycle controller manages silicon security state across the full device lifetime. OTP-backed persistence ensures state cannot be rolled back without physical tamper. HMAC-authenticated transition commands prevent unauthorized state changes.
Download IP BriefLifecycle states and allowed transitions
| State | Description | Allowed Transitions | Authentication Required |
|---|---|---|---|
| DEV | Development and bring-up. Debug interfaces enabled. JTAG accessible. | DEV → PROD | HMAC-SHA256 with Operator key |
| PROD | Production silicon. Debug interfaces disabled. FIPS restrictions active. | PROD → LOCKED, PROD → RMA | HMAC-SHA256 with Owner key |
| LOCKED | End-user device. All debug paths disabled. Attestation still functional. | LOCKED → RMA | HMAC-SHA256 with RMA key |
| RMA | Return merchandise authorization. Limited debug re-enabled for failure analysis. | RMA → EOL | HMAC-SHA256 with RMA key |
| EOL | End of life. Device is fully locked out. No further transitions permitted. | None | N/A (terminal state) |
One-time-programmable lifecycle state persistence
The lifecycle state is persisted in on-chip OTP memory, which is physically irreversible once programmed. The OTP controller manages the fuse programming sequence, provides read-back verification, and implements redundant storage with error-correction encoding.
On every power-on reset, the lifecycle controller reads the OTP state field, verifies its ECC, and enforces the security posture corresponding to the stored state before releasing the main processor out of reset.
State transitions are atomic at the OTP level — a partial write leaves the device in the previous state, preventing half-baked security configurations.
// Lifecycle partition layout LIFE_STATE [0x000:0x003] // 4B ECC-protected LC_TRANSITION [0x004:0x007] // transition counter LC_OWNER_SW_CFG[0x100:0x1FF] // owner sw config HW_CFG0 [0x200:0x2FF] // hardware config SECRET0 [0x300:0x33F] // test unlock token SECRET1 [0x340:0x37F] // RMA unlock token SECRET2 [0x380:0x3FF] // UDS seed
Download the IP Brief
Full lifecycle controller specification, OTP memory map, and integration notes — delivered after NDA.