ANTIFUSE FPGA PDF

The architecture of an FPGA is determined, in large part, by the programmable switch technology used to configure it. Unable to display preview. Download preview PDF. Skip to main content. This service is more advanced with JavaScript available.

Author:Zololar Disar
Country:Netherlands
Language:English (Spanish)
Genre:Personal Growth
Published (Last):22 September 2009
Pages:37
PDF File Size:2.50 Mb
ePub File Size:18.20 Mb
ISBN:461-5-77938-991-1
Downloads:81318
Price:Free* [*Free Regsitration Required]
Uploader:Sara



USB 2. Accelerating 5G virtual RAN deployment. RoT: The Foundation of Security. Managing connected devices at scale: Connect millions of shipments on one platform. Arm Mali Best Practices 2. Higher mask cost and increasing minimum lot sizes, two economic trends of the semiconductor industry, are making FPGAs increasingly more cost effective compared to the competing ASIC solutions. A new business model enabled by the security capabilities of nonvolatile antifuse and Flash-based FPGAs will also be discussed.

Figure 1: Classes of Design Security Needs. IP security is the primary concern of companies or IP developers whose competitive advantage is derived from their ability to implement the design. It is also the primary concern for manufacturers of mid to high volume consumer electronics whose market share and profitability is eroded by "knock-off," "cloned," or counterfeit versions of their product. Data security is the primary concern in cryptographic or financial applications.

Users of such applications include the military nuclear weapon systems or communication systems , financial institutions automated bank tellers , consumer electronics manufacturers pay TV and set-top boxes and corporations sensitive to copyright infringement game manufacturers. The cost the designer will incur to protect his design will be proportional to the value he assigns to the design.

Security achieved is proportional to the difference between the value of the design and the cost to attack or defeat it. The ability to reverse engineer an integrated circuit can be rated at three different levels, corresponding to varying degrees of security. Level I: Devices are insecure because they can be easily reverse engineered by a somewhat knowledgeable individual with low cost, easily accessible tools.

These people are usually interested in end user products such as phone cards, debit cards, and set-top boxes. Level II: Devices are moderately secure because reverse engineering can be done by a highly knowledgeable individual, often someone with inside knowledge and who has access to expensive lab equipment.

Individuals involved in reverse engineering at this level are usually associated with a commercial enterprise such as a game copier. Level III: Devices are highly secure, and reverse engineering can only be done by a government-supported lab with unlimited resources such as the NSA.

This technology has been employed in all of the security scenarios previously mentioned military, financial, etc. In applications requiring security from Level III capable attacks, additional measures such as epoxy encasing and explosive devices must be employed. Some SRAM FPGA manufactures have acknowledged this limitation by incorporating a defense against this cloning attack in their latest generation devices.

This defense is comprised of an on-chip bitstream decryption engine with an on-chip key that is loaded into battery powered on-chip memory on the board by the board manufacturer Figure 3. The bitstream loaded in the boot PROM can then be encrypted and therefore is not usable for cloning without knowledge of the on-chip key.

While this defense is effective, it does come with significant costs to implement, including:. These two technologies derive their security from:. As previously stated, determining the state of an antifuse is exceedingly difficult. Where a connection between two metal lines is desired, a programming pulse is used to short out the dielectric. This short is less than nano-meters in diameter.

These shorts are not visible when viewed from the top. Therefore, in order to physically identify them, it is necessary to de-process or cross-section the devices. Rather than being a precise method, this involves trial and error and typically requires that several cross-sections be done to find just a single link shorting out the dielectric Figure 4. A single floating gate is charged or discharged to set the state of a switch that connects two metal lines Figure 5 on page 9.

Since there is no physical change in the programming device or switch device, there is nothing to detect by any material analysis; there is only a change in the number of electrons on the floating gates. Figure 4: Cross Section of a Programmer Antifuse.

Note: The programming device is on the left and the switching device is on the right. It has been shown that ASICs can be physically attacked in a straightforward manner that relies on the visibility of connections or vias between metal layers.

It has also been proven that such a direct attack is extremely difficult, if not impossible, against antifuse or Flash-based FPGAs due to the difficulty in physically observing the state of millions of switches.

Finally, both antifuse and Flash-based devices are architecturally designed to prevent attack on a programmed device with a programmer or by other electronic means Figure 6 on page Both contain circuitry to lock the device by disabling the programming and readback capabilities after configuration.

Care has been taken in the design to make the locking circuitry difficult to defeat through either electronic or direct physical attack. In antifuse FPGAs, as fuses are programmed, it becomes impossible to uniquely address previously programmed fuses making programming essentially a one-way function. Thus the architecture of the antifuse-based devices makes electronic readback impossible, even if the locking mechanism is not used.

The last decade has seen a dramatic shift in the semiconductor industry from a few horizontally integrated companies to dozens of fabless semiconductor companies using the services of silicon foundries.

The next big shift expected was continued vertical fragmentation with hundreds of design services and intellectual property companies providing their services to system level architects and integrators.

That expectation has failed to materialize and the design services and intellectual property providers are still struggling with how to capture their share of the value chain. Secure nonvolatile FPGAs offer solutions to overcome two large barriers in this struggle. The first barrier is simply security. Just the concern that the design services company has in protecting their intellectual property sets in motion legal and administrative activities and costs that, in the end, prove too high to justify all but the largest engagements.

The industry has spent a lot of effort developing design encryption schemes that protect the design at the netlist level, but it is still exposed to a trivial cloning attack if implemented in an SRAM FPGA.

The second dampener on the industry is that the design services company has no easy and trustworthy way to charge a royalty for their services. All the money must be made in up-front licensing fees that, again, can only be justified in the largest engagements. If the FPGA vendor is trusted with the programming files, end customers can order pre-programmed units from the FPGA vendor who takes care of charging the end customer for the mark-up and forwarding the mark-up amount to the design services provider Figure 7 on page This flow eliminates operational costs for the design services company while allowing them to make a nominal amount for each unit rather than trying to charge for the entire engagement up front.

On the other hand, nonvolatile antifuse or Flash FPGAs are even more secure against attack than the ASIC technologies they are replacing and therefore satisfy an increasingly important market requirement. Furthermore, the programmability and security provided by these technologies can be employed to solve a latent need in the semiconductor industry: the need for design services and intellectual property suppliers to claim their share of the value chain by charging a royalty over the life of the design rather than having to get all the value in up-front licensing.

Abraham, D. Dolan, G. Double, J. Ajluni, C. Algotronics Consulting. Fraboni, S. Lall, H. Ahmed, U. Wiesenfeld, J. See also subsequent articles in the same issue. Actel and the Actel logo are trademarks of Actel Corporation. All other brand or product names are the property of their respective owners. No portion of this site may be copied, retransmitted, reposted, duplicated or otherwise used without the express written permission of Design And Reuse.

Design And Reuse. Codasip Blog - Roddy Urquhart. Managing connected devices at scale: Connect millions of shipments on one platform arm Blogs - Jennifer Sillars, Arm. Introduction Higher mask cost and increasing minimum lot sizes, two economic trends of the semiconductor industry, are making FPGAs increasingly more cost effective compared to the competing ASIC solutions. Data security: the designer wants to prevent the data being sent to or from the FPGA or ASIC platform from being copied, corrupted, or otherwise interfered with.

Figure 1: Classes of Design Security Needs IP security is the primary concern of companies or IP developers whose competitive advantage is derived from their ability to implement the design. IP security, the primary focus of this paper, depends upon three factors: The value of the design or secret being protected. This can range from nearly infinite securing a trigger for a nuclear device to very low the stored value on a single phone card.

Often the value has a time component the market window for a consumer product or the usable life of a set-top box. The cost to implement security measures. These can very from zero do nothing to very high epoxy encased circuit boards installed in locked chassis with round-the-clock surveillance or a cryptographic key infrastructure.

The expected cost to attack or defeat security measures. These can vary from very low cost of copying a boot device for an SRAM FPGA to prohibitive evading surveillance to remove and reverse engineer an epoxy encased circuit board. Defending a Design from Attack The ability to reverse engineer an integrated circuit can be rated at three different levels, corresponding to varying degrees of security. This technique was employed to reverse engineer an Intel in two weeks.

While this defense is effective, it does come with significant costs to implement, including: Cost to implement and maintain an encryption key database or infrastructure at the board manufacturer.

Reliability cost due to the battery powered key storage mechanism. If the battery fails in the field, the board will fail. These two technologies derive their security from: Nonvolatility, which enables them to be configured before they are shipped to the end-user.

Unlike SRAM technology, there is no bitstream that can be intercepted. Difficulty in determining the state on or off of the programming elements on a programmed part. In contrast with easily visible vias on an ASIC, it is very difficult to determine whether a given programmable antifuse or Flash switch element is on or off. A large number of switch elements millions on the largest devices.

Given that the state of a single switch is difficult to determine, trying to determine the state of millions is prohibitive. Figure 4: Cross Section of a Programmer Antifuse Note: The programming device is on the left and the switching device is on the right. Other Methods of Attack It has been shown that ASICs can be physically attacked in a straightforward manner that relies on the visibility of connections or vias between metal layers. The refractive index of this substance varies with the applied electric field, and the potential of the underlying metal can be read out using an ultraviolet laser beam passed through the crystal at grazing incidence.

This technique allows a 5. Another technique recently declassified developed at Sandia Laboratories utilizes an infrared laser to which the silicon is transparent.

HUSQVARNA 325HD60X PDF

Design Security in Nonvolatile Flash and Antifuse FPGAs

An antifuse is an electrical device that performs the opposite function to a fuse. Whereas a fuse starts with a low resistance and is designed to permanently break an electrically conductive path typically when the current through the path exceeds a specified limit , an antifuse starts with a high resistance, and programming it converts it into a permanent electrically conductive path typically when the voltage across the antifuse exceeds a certain level. This technology has many applications. Antifuses are best known for their use in mini-light or miniature style low-voltage Christmas tree lights. Ordinarily for operation from mains voltages , the lamps are wired in series.

COURS VHDL AMS PDF

Antifuse FPGAs

Other Legacy devices listed may still be in full production, but there may be available pin-compatible, functionally-equivalent alternatives using more recent manufacturing processes. In this case, Microsemi recommends customers use the more recent Microsemi devices. For packaging information, go to the Packaging Solutions Page. All stocks have been exhausted, and these products are no longer available from Microsemi. EX device packages not mentioned above are available for current designs. SX-A device packages not mentioned above are available for current designs.

AIR AND BOURREE TUBA PDF

QuickLogic Low Power Antifuse FPGA families

USB 2. Accelerating 5G virtual RAN deployment. RoT: The Foundation of Security. Managing connected devices at scale: Connect millions of shipments on one platform. Arm Mali Best Practices 2. Higher mask cost and increasing minimum lot sizes, two economic trends of the semiconductor industry, are making FPGAs increasingly more cost effective compared to the competing ASIC solutions. A new business model enabled by the security capabilities of nonvolatile antifuse and Flash-based FPGAs will also be discussed.

TLV70433 PDF

Antifuse Programmed FPGAs

.

Related Articles