Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
?
EE Times-Asia > EDA/IP
?
?
EDA/IP??

Security risks threaten FPGA designers

Posted: 02 Jun 2003 ?? ?Print Version ?Bookmark and Share

Keywords:fpga security? fpga? asic? ip theft? data theft?

More than 20 percent of all ASIC design starts will actually be done in FPGAs this year. The importance of FPGAs in most systems has been elevated to the point that they contain the most substantial portion of the added value in a system. Most system components are commercial off-the-shelf devices. The rapidly growing importance of FPGAs and microprocessors in systems as well as increasing time-to-market pressures, has led to security being 'overlooked' in most systems.

Designers using FPGAs face two distinct security risks: intellectual property (IP) theft and data theft. IP is the unique design characteristic within any product. Whether designers implement their designs in a custom ASIC or in a large FPGA, manufacturers typically derive their competitive advantage from this unique design data. If product designers cannot prevent hackers from stealing this information and building counterfeit versions of the product, they risk losing market share.

Data security represents the ability to protect the data stream sent to and from an FPGA. The designer must protect this data to ensure the integrity and confidentiality of the system. Historically, this issue has been a major concern in financial and military applications, but it can also play a key role in many consumer applications where unique or highly sensitive content is embedded in the data stream that passes through the system.

Security threats

The most common security threats today include overbuilding, cloning, reverse engineering, denial of service, and employee theft.

Typically, an OEM contracts production of a design to an independent assembly house. Overbuilding occurs when this contract manufacturer overruns the build, sells the extra inventory for profit without any of the support and design overhead. While the finished product is often indistinguishable from the original, it is usually resold at a discount. As a result, the original product developer gets smaller profits.

Cloning is the simple copying of a design. The thief typically does not need to know how the design functions or how to modify it. SRAM-based FPGAs are particularly susceptible to this threat because a thief can simply copy the boot PROM or intercept the configuration bit stream from the on-board processor.

Reverse engineering is a process by which a thief copies a design by essentially reconstructing a schematic level representation from the original physical device. This way, the thief discovers how the design works and can easily improve upon the original design while avoiding R&D expenses incurred by the original developer. The thief may also change the design to disguise that it was not stolen. In many cases, a thief will accomplish this by implementing part of the stolen design into another product.

A thief does not have to disassemble a chip to steal its design secrets. Design data can be stolen from employees who work on the design team, or by ex-employees who leave a design project. It can also be stolen from in-house servers if sufficient security precautions are not taken. This problem has become increasingly difficult to defend against as design has moved from handcrafted circuits to a building-block approach.

Conventional wisdom holds that no silicon design is totally secure. A hacker with sufficient resources can defeat any security system once a function is hardwired into a chip.

Security experts say three factors determine how comprehensive an IP security system must be: value of the design it is protecting, cost to implement security measures and expected cost to attack or defeat those security measures

- Eric Park

Asia-Pacific Sales Manager

Actel Corp.





Article Comments - Security risks threaten FPGA designe...
Comments:??
*? You can enter [0] more charecters.
*Verify code:
?
?
Webinars

Seminars

Visit Asia Webinars to learn about the latest in technology and get practical design tips.

?
?
Back to Top