1. Field of the Invention
The present invention relates to a system for preventing tampering of electronic devices. More particularly, the invention relates to a self-modifying FPGA (field programmable gate array) for anti-tamper applications.
2. Description of the Related Art
The present invention provides a method of sanitizing secure electronic systems to eliminate access by an adversary. Sanitization is the process of completely removing all traces of information from electronic memory devices such as Programmable Read Only Memory (PROM), Electrically Erasable Programmable Read Only Memory (EEPROM), and FLASH Memory devices. For the purposes of the present application the term “PROM” is used to refer to all of these devices and is intended to imply an electrically erasable (or FLASHable) device.
In secure electronic systems, memory is often sanitized by a process of over writing with various data patterns. The sanitizing process may be as simple as writing to all memory locations with all logical zeros followed by writing to all memory locations with all logical ones. Often this process is repeated for several cycles. Finally, a test pattern or default data can be written to the memory device.
Many electronic systems are computer based. That is, these electronic systems are connected to a host computer or include a computer (in the form of a microprocessor or microcontroller) as a system controller. In these computer based systems, the computer can be programmed to take care of sanitizing memory devices if required.
Some electronic systems do not include a computer or processor. Other electronic systems may include memory in subsystems that is not accessible by processors or computer resources for the purpose of sanitizing. Often, these memories are associated with ASICs (Application Specific Integrated Circuits) or FPGAs (Field Programmable Gate Arrays). These memories may be used as processing memory to hold data that is undergoing mathematical manipulation or other processing by the FPGA or ASIC, or these memory devices may be PROMs that store configuration data for the ASIC or FPGA. The present invention deals primarily with the latter case; that is, non-volatile memories (PROMs) that contain configuration data for ASICs or FPGAs.
As those skilled in the art are well aware, FPGAs are integrated circuit devices that can be programmed in the field after manufacture. FPGAs are similar to, but have wider applications than, PROM chips. FPGAs are commonly used by engineers in the design of specialized integrated circuits that can later be produced hard-wired in large quantities for distribution to computer manufacturers and end users.
Electronic systems and sub-systems that are FPGA based are becoming more common. Image and audio processing are greatly accelerated by using FPGA resources for Digital Signal Processing, compared to using a microprocessor. FPGAs can process large arrays of data in parallel and specialized functions such as Fast Fourier Transforms (FFT), digital filtering, and image compression can be performed with orders of magnitude speed improvements over processors.
FPGAs are attractive design options because their functionality can be modified, upgraded, or completely changed, hence, the “field programmable” portion of their name. Each time an SRAM (static random access memory) FPGA is powered, the FPGA reads configuration information from an accompanying memory device (for example, the PROM). This configuration information is used to specify the operation of the digital gates, flip-flops, memory structures, routing resources, and other internal components of the FPGA. The configuration data stored in the PROM is, therefore, a binary representation of the design of the FPGA hardware.
If the configuration data is copied from a PROM and written into another PROM, the entire FPGA design has been transferred or replicated. In many electronic systems it is desirable to prevent this copying or replication. An electronic system may be of a classified nature and the Government desires to keep the details of the design secret. In non-government applications the commercial electronics design may represent Intellectual Property and significant investment. Compromise or copying of this commercial design would result in loss of profits and failure to recoup research and investment costs. Because of examples like these, it is desirable to sanitize the configuration device (PROM) automatically, thoroughly, quickly, and in a manner that leaves no evidence of the sanitation process.
This present invention provides a system to automatically sanitize an FPGA PROM when an unauthorized access, tampering, or compromise is detected or indicated by some input (or indicated by a signal from a tamper-detection system).