cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
lexa20999
Visitor
Visitor
623 Views
Registered: ‎01-16-2019

Spartan 6 Secure / DNA

Jump to solution

Hi everyone.
If I create a simple project, for example, a 2-bit counter. And create a PROM file to an external flash, because Spartan-6 doesn't have internal flash to program. And after that only click ISE Impact program.
After that, I will have DNA protection because the Spartan 6 has this function? Or I need to turn on something. I need only secure the design inside Xilinx to copy.
Maybe you will have examples of how to create security.
Because in Lattice FPGA when you program the device you have the option like secure.
And for example, if I will read the DNA code from the device, how it use to protect?
Thank you, for your answers.

0 Kudos
1 Solution

Accepted Solutions
603 Views
Registered: ‎01-22-2015

@lexa20999 

For the Spartan-6, you can protect the bitstream using the DNA technique that you mention – or, for some Spartan-6 devices, you can use bitstream encryption.  All of this is explained in Xilinx document UG380

The Spartan-6 DNA is a unique device identifier that is permanently programmed into the FPGA.  From your FPGA application, you can read the Spartan-6 DNA using the DNA_PORT primitive as described on page 113 of UG380.   The DNA_PORT primitive is also described on page 90 of Xilinx document UG615.

Bitstream encryption described in UG380 is a good way to prevent bitstream copying.  There are also "secure EEPROM" that can help prevent bistream copying.  See the following links for more information.

https://www.xilinx.com/support/answers/40360.html

https://www.xilinx.com/support/documentation/application_notes/xapp780.pdf

Cheers,
Mark

View solution in original post

0 Kudos
3 Replies
604 Views
Registered: ‎01-22-2015

@lexa20999 

For the Spartan-6, you can protect the bitstream using the DNA technique that you mention – or, for some Spartan-6 devices, you can use bitstream encryption.  All of this is explained in Xilinx document UG380

The Spartan-6 DNA is a unique device identifier that is permanently programmed into the FPGA.  From your FPGA application, you can read the Spartan-6 DNA using the DNA_PORT primitive as described on page 113 of UG380.   The DNA_PORT primitive is also described on page 90 of Xilinx document UG615.

Bitstream encryption described in UG380 is a good way to prevent bitstream copying.  There are also "secure EEPROM" that can help prevent bistream copying.  See the following links for more information.

https://www.xilinx.com/support/answers/40360.html

https://www.xilinx.com/support/documentation/application_notes/xapp780.pdf

Cheers,
Mark

View solution in original post

0 Kudos
lexa20999
Visitor
Visitor
592 Views
Registered: ‎01-16-2019

Hi, Mark.

Thank you, for your answer.
I have spartan-6 lx9.
But I still have a question, for example, I will add the DNA port block in my design, and write my own code. 
And what the problem to copy the program from Xilinx with this code.
I don't understand how this DNA port helps me to secure my design. 
How it's work?
For example, I know my DNA code from ISE Impact (function Read Device DNA). 
And what the next, how it will secure my design?
Or I need the always compare the code in the program and the code from the board?
And when I need always change the code for all my devices?

Kind regards,
Alex

0 Kudos
567 Views
Registered: ‎01-22-2015

Use of DNA can prevent people from copying your board.  Your HDL can be written to store a list of DNA.  You write your HDL to run only if DNA read from the device is in the list.  Use of DNA does not prevent people from copying your bitstream.

The Lattice FPGAs that you mention often store the bitstream in internal flash.  The bitstream for Xilinx FPGAs is often stored in external flash. 

To prevent copying of the bitstream from external flash, you can encrypt the bitstream.  You can store the decryption key in a secure location inside the Spartan-6 FPGA.  The FPGA will then automatically decrypt the bitstream when bitstream is read from flash.  See page 91 in UG380 for details.

With the newer FPGAs from Xilinx, other methods of securing the bitstream are available.  See the following document for details.

https://www.xilinx.com/support/documentation/application_notes/xapp1098-tamper-resist-designs.pdf

0 Kudos