A programmable device having the ability to reconfigure a logic circuit is exposed to risks of, due to its reconfigurable nature, unauthorized reproduction of the device with ease or of leaks of technical information through data analyses in the event that the logic circuit data is read out to a third party. To prevent such risks, some methods for protecting logic circuit data are known, such as encrypting logic circuit data to disable recovery of the circuit, or assigning an ID code to prohibit reading data unless a matching ID code is given.
These methods, which are based on software operations, exert effects on the data itself that is input to the device, and thus provide a very high level of security against third party activities such as an unauthorized attempt to restore data or to read and analyze data.
On the other hand, considering from the viewpoint of hardware, in many devices there are few programmable logic devices that operate by themselves. For example, a field-programmable gate array (FPGA) has a nonvolatile device that can externally store data, and at the time of initial operation, the data stored in the nonvolatile device is loaded so that circuit data is written into the FPGA. In this case, a signal line is inevitably needed between the FPGA and nonvolatile device on the circuit board because the circuit data that is encrypted or assigned an ID code as described above is stored in the external nonvolatile device as configuration data. Such FPGA poses a risk of revealing what the circuit data is like in the event that the signal line on the circuit board is monitored for waveforms with an oscilloscope or the like. Or, even if the exact circuit data cannot be restored, generating the same waveforms makes it sufficiently possible to produce a device functioning as an FPGA, and thus there still remains a risk of unauthorized reproduction by a third party.
Some methods have been proposed for preventing copying of information about FPGA circuits. For example, Patent Document 1 proposes a method for determining whether to transfer circuit configuration data into an FPGA by controlling transfer of the circuit configuration data into the FPGA.
Patent Document 2 proposes a method for downloading circuit layout data for another module using a communication interface which is constructed with a small amount of FPGA circuit layout data at startup of the device, as well as a method for having no such circuit layout data left in a memory device that can be accessed from outside.
Patent Document 3 proposes a method for destroying any programmable device such as a programmable logic device (PLD) and FPGA as well as any nonvolatile device such as flash memory in case unauthorized access is detected, that is, a method for protecting data in these devices from being read out from outside.