12-28-2009 11:47 PM
For certainreasons, I could not use battery on my board, so the Virtex5 bitstream encryptioncould not be used. In this situation, what could I do to protect my design on areasonable level?
My design hasVirtex5 and XCF16P, and the two devices are linked on JTAG chain, and I programXCF16P with my design through JTAG chain. I have set the security options inboth BitGen and iMPACT utilities, so I can prevent any JTAG readback/partialreconfiguration though JTAG chain. However I have the following questions:
1. Although inhardware, XCF16P will be disabled after configuration is done. But with minorfly wire modifications in hardware, the attacker could access XCF16P afterconfiguration. And I found that using the combination of USER_ACCESS_VIRTEX5 +STARTUP_VIRTEX5 could make FPGA read back data from XCF16P, it is possible?
2. Since Idisabled the possibility of reading back via JTAG, need I initiateBSCAN_VIRTEX5 + ICAP_VIRTEX5 and clear the entire FPGA once JTAG chain activityis found?
Thanks a lot!
12-30-2009 12:25 AM
an alternative solution to bitstream encryption to protect your IP core is to implement Physical Unclonable Functions in your design. PUFs are a unique class of physical systems that extract secrets from complex physical characteristics of the integrated circuits which along with the properties of unclonability provide a highly secure means of generating volatile secret keys for cryptographic operations. It is a quite new topic for FPGA; you can google it or look at wikipedia. You'll find valuable information.