UPGRADE YOUR BROWSER

We have detected your current browser version is not the latest one. Xilinx.com uses the latest web technologies to bring you the best online experience possible. Please upgrade to a Xilinx.com supported browser:Chrome, Firefox, Internet Explorer 11, Safari. Thank you!

cancel
Showing results for 
Search instead for 
Did you mean: 
Visitor basammayb
Visitor
12,770 Views
Registered: ‎11-15-2010

Security in serial PROM XCF004S

Jump to solution

We are using serial PROM XCF04S in our design, let me know how to enable the read sequrity to protect our IP.

0 Kudos
1 Solution

Accepted Solutions
Instructor
Instructor
15,181 Views
Registered: ‎08-14-2007

Re: Security in serial PROM XCF004S

Jump to solution

Yes, I was talking about the serial data between the PROM and the FPGA.  This port

is very simple and consists of a reset input, output enable input, clock input, and

data output.  Bits from the PROM come out in serial fashion.  There is no random access.

So looking at the D0/DIN pin of the FPGA you see the entire bitstream one bit at a time

starting from the beginning until the end with no swapping or gaps.  It doesn't take

very sophisticated instrumentation to capture this and store it.  So really the read

disable only makes copying the bitstream a little bit harder and only prevents

copying by people who are not going to go to the extra effort to open the box and

atach a couple of wires.  It's a little bit like putting a double lock on the front door

but leaving a window open.  The question you need to answer is who are you trying

to prevent from copying your IP, and how much effort are they willing to put into

copying it anyway?  If it is just to "keep honest people honest" by not giving them

the easy readback through the programming connector, then you're O.K.  But

if you're trying to secure your IP from copying by people who have serious intent

to steal it, then you need something better to protect it.

 

Regards,

Gabor

-- Gabor
0 Kudos
11 Replies
Xilinx Employee
Xilinx Employee
12,766 Views
Registered: ‎08-10-2008

Re: Security in serial PROM XCF004S

Jump to solution

XCFxxS does not provide read protection. Only the XCFP series does.

------------------------------------------------------------------------------------------------------------
Don't forget to reply, kudo, and accept as solution.
---------------------------------------------------------------------------------------------------------
0 Kudos
Visitor basammayb
Visitor
12,759 Views
Registered: ‎11-15-2010

Re: Security in serial PROM XCF004S

Jump to solution

 I Referred “DS123 (v2.5) October 18, 2004   Platform Flash In-System Programmable Configuration PROMS” document page 4 says as like below

Design Security

The Xilinx in-system programmable Platform Flash PROMdevices incorporate advanced data security features to fully

protect the FPGA programming data against unauthorizedreading via JTAG. The XCFxxP PROMs can also be programmedto prevent inadvertent writing via JTAG. Table 4and Table 5 show the security settings available for the

XCFxxS PROM and XCFxxP PROM, respectively.

Read ProtectionThe read protect security bit can be set by the user to preventthe internal programming pattern from being read orcopied via JTAG. Read protection does not prevent writeoperations. For the XCFxxS PROM, the read protect securitybit is set for the entire device, and resetting the read protectsecurity bit requires erasing the entire device. For theXCFxxP PROM the read protect security bit can be set forindividual design revisions, and resetting the read protectbit requires erasing the particular design revision.

 

Please let me conform

 

  

0 Kudos
Instructor
Instructor
12,743 Views
Registered: ‎08-14-2007

Re: Security in serial PROM XCF004S

Jump to solution

"read security" is not very secure.  It only prevents readback from the JTAG port,

but the entire contents of the PROM are available via the configuration port.  So

anyone with access to the hardware can read the data anyway.  In fact, on a serial

device you can capture the data stream during device configuration using just

two wires to pick up CCLK and DIN.  So the only real security you can have with

XCFxxS parts is if you use bitstream encryption.

-- Gabor
0 Kudos
Xilinx Employee
Xilinx Employee
12,732 Views
Registered: ‎08-07-2007

Re: Security in serial PROM XCF004S

Jump to solution

If I remember correctly, you can check the Read Protect in Device Programming Properties Dialog Box.

Refer to the following link.

http://www.xilinx.com/support/documentation/sw_manuals/xilinx11/pim_db_programming_properties.htm

------------------------------------------------------------------------------
Don't forget to reply, give kudo and accept as solution
------------------------------------------------------------------------------
0 Kudos
Visitor basammayb
Visitor
12,722 Views
Registered: ‎11-15-2010

Re: Security in serial PROM XCF004S

Jump to solution

 

Thanks

 

what you ment by configuration port. Is it the configuration between FPGA and PROM for data transfer?

0 Kudos
Instructor
Instructor
15,182 Views
Registered: ‎08-14-2007

Re: Security in serial PROM XCF004S

Jump to solution

Yes, I was talking about the serial data between the PROM and the FPGA.  This port

is very simple and consists of a reset input, output enable input, clock input, and

data output.  Bits from the PROM come out in serial fashion.  There is no random access.

So looking at the D0/DIN pin of the FPGA you see the entire bitstream one bit at a time

starting from the beginning until the end with no swapping or gaps.  It doesn't take

very sophisticated instrumentation to capture this and store it.  So really the read

disable only makes copying the bitstream a little bit harder and only prevents

copying by people who are not going to go to the extra effort to open the box and

atach a couple of wires.  It's a little bit like putting a double lock on the front door

but leaving a window open.  The question you need to answer is who are you trying

to prevent from copying your IP, and how much effort are they willing to put into

copying it anyway?  If it is just to "keep honest people honest" by not giving them

the easy readback through the programming connector, then you're O.K.  But

if you're trying to secure your IP from copying by people who have serious intent

to steal it, then you need something better to protect it.

 

Regards,

Gabor

-- Gabor
0 Kudos
Visitor basammayb
Visitor
12,689 Views
Registered: ‎11-15-2010

Re: Security in serial PROM XCF004S

Jump to solution

Thanks for the replay. I got solution to my question, i will think on different option to protect my IP.

 

Regards

Basamma yb

0 Kudos
Visitor vahid_farsi
Visitor
10,517 Views
Registered: ‎12-01-2013

Re: Security in serial PROM XCF004S

Jump to solution

how I  can   put     Fpga  ID  code in      programing  mcs  file

 

I want   to    use  my  program  file   only  for   uniqe   FPGA  whit  special  ID

 

it  is  not important   for me which   some one be  able to read  my     desigen   file  on    the   on  borad xilinx flash 

 

I just    want   ,  this file      work only  wiht     FPGA   that  has    specifiec ID 

 

 

0 Kudos
Highlighted
Participant nome321
Participant
8,101 Views
Registered: ‎05-31-2014

Re: Security in serial PROM XCF004S

Jump to solution

Hello 

IF i am using xc6slx9-2tqg144c we can not use bitstream encryption.what will we do to protect or secure my Flash DATA?

 

Thanks

 

Tags (1)
0 Kudos
Instructor
Instructor
3,093 Views
Registered: ‎08-14-2007

Re: Security in serial PROM XCF004S

Jump to solution

Please start a new thread for this topic.

-- Gabor
0 Kudos
Participant nome321
Participant
3,088 Views
Registered: ‎05-31-2014

Re: Security in serial PROM XCF004S

Jump to solution
0 Kudos