1. Field of the Invention
The present invention relates to a method of secure delivery of configuration data for a programmable logic device (PLD). More particularly, the present invention provides for encryption by an intellectual property (IP) core provider and decryption by a system designer of an IP core for a PLD.
2. The Background Art
Programmable logic devices (PLDs) are integrated circuit devices which contain gates or other general-purpose cells whose interconnections can be configured by programming to implement nearly any desired combinatorial or sequential function. Field programmable gate arrays (FPGAs) are well known in the PLD art. FPGAs generally include an array of general-purpose logic circuits, typically referred to as logic blocks, which can be programmed by programmable elements to implement virtually any logic function. The programmed logic elements in the gate array are connected together by routing resources to form a desired integrated circuit. The routing resources are connected to each other and to the logic elements in the gate array by programmable elements.
It is well known in the art that both volatile and non-volatile programmable elements have been used to provide interconnection in FPGA devices. Volatile programmable elements are often a pass transistor controlled by a static random access memory (SRAM) cell. Nonvolatile programmable elements include antifuses and floating gate transistors. Programmable antifuse based architectures and reprogrammable SRAM and floating gate memory cell based architectures are well known in the FPGA art.
In an SRAM based reprogrammable FPGA, the programmable elements are typically passgates controlled by information stored in an SRAM configuration memory. In an antifuse based FPGA, the antifuses are programmable elements that are formed by two conductors with a dielectric material sandwiched in between which represent an open state until programmed. The antifuses are disposed to provide the interconnections among the routing resources and to program the programmable logic elements. In a floating gate transistor based FPGA, the floating gates are typically similar to those used in flash memories the operation of which is well known to those of ordinary skill in the art, but adapted for use in programmable arrays.
The FPGA is often programmed by an end user that is typically a system designer. To program the FPGA a bit stream is provided to the FPGA. To prevent the design of the circuit in the FPGA from being known, the bit stream can be encrypted and then decrypted by a cryptographic engine embedded in the FPGA. Many such encryption/decryption schemes are well known to those of ordinary skill in the art. In this manner a system designer that has designed the circuit being implemented in the FPGA is able to protect the circuit design from being appropriated by others.
In many instances, however, as the design of the circuits being implemented in an FPGA are more complex, the end user of an FPGA is often a system designer that has not created all of the circuits that are being implemented in the FPGA. Some of the circuits may be intellectual property (IP) cores developed by an IP provider that licenses the IP core to end user. Increasingly, the IP provider is a third party that is neither the manufacturer of the FPGA nor the end user. Often the terms of the license agreement between the third party IP provider and the end user provide for payment on a per use basis of the IP core by the end user.
It will be appreciated that it is important to the IP provider that the IP core is not used by the end user or others without proper payment being made. The IP core provider must either have some scheme for limiting the number of times the IP core can be used or it must have some scheme for accounting for the number of times the core has been used. The IP provider is also concerned that the IP core cannot be appropriated and sold to others or modified and sold to others.
Unlike the system designer who creates the circuit to be implemented in the FPGA, the system designer who employs an IP core provided by an IP provider requires specific information about the IP core. The IP core provider must provide the IP user with both simulation models to validate that the IP core has been properly integrated into the system designer's design and a description of the hardware implementation so that the system designer can efficiently use the IP core and also time the IP core appropriately to the remainder of the design implemented in the FPGA.
Although the specific information of the simulation model will not provide the system designer with enough information to appropriate the IP core, a description of the hardware implementation in the form of even an obfuscated or encrypted netlist will supply a determined individual with enough information to appropriate the IP core. The information required by the system designer to efficiently use and time the IP core is both the location of allocated but unused resources in the IP core and the location of the ports in the IP core that the system designer must connect to the remainder of the design implemented in the FPGA.