Programmable logic devices (“PLDs”) are a well-known type of integrated circuit that can be programmed to perform specified logic functions. One type of PLD, the field programmable gate array (“FPGA”), typically includes an array of programmable tiles. These programmable tiles can include, for example, input/output blocks (“IOBs”), configurable logic blocks (“CLBs”), dedicated random access memory blocks (BRAM), multipliers, digital signal processing blocks (“DSPs”), processors, clock managers, delay lock loops (“DLLs”), and so forth. CLBs commonly comprise look-up tables (LUTs) to implement Boolean logic, registers and arithmetic logic. A LUT is a multiple-input memory representing a truth-table of the logic function to be performed. Therefore, a LUT can implement any function of its inputs. Further, it is easy to change the function of a LUT by simply changing the truth table it contains. The functionality of a LUT is limited by the number of its inputs. A common LUT size for an FPGA has four inputs, but other sizes have been built, including three inputs and six inputs.
Each programmable device typically includes both programmable interconnects and programmable logic. The programmable interconnects typically include a large number of interconnect lines of varying lengths interconnected by programmable interconnect points (“PIPs”).
The programmable logic implements the logic of a user design using programmable elements that can include, for example, function generators, registers, arithmetic logic, and so forth.
The user design comprises logic functions, such as logic gates, registers, state machines, memories, microprocessors and input/output pins. In a compilation step, logic in the user design is mapped to the logic elements of the PLD LUTs. Wires in the user design are mapped to the programmable interconnects of the PLD to make electrical connections to the blocks where the user logic was mapped.
The programmable interconnect and programmable logic are typically programmed by loading a stream of configuration data into internal configuration memory cells that define how the programmable elements are configured. The configuration data can be read from memory (e.g., from an external programmable read-only memory (“PROM”) or written into a FPGA by an external device. The collective states of the individual memory cells then determine the function of the FPGA.
Another type of PLD is the Complex Programmable Logic Device, (“CPLD”). A CPLD includes two or more “function blocks” connected together and to input/output (“I/O”) resources by an interconnect switch matrix. Each function block of the CPLD includes a two-level AND/OR structure similar to those used in Programmable Logic Arrays (“PLAs”) and Programmable Array Logic (PAL) devices. In CPLDs, configuration data is typically stored on-chip in non-volatile memory. In some CPLDs and FPGAs, configuration data is stored on-chip in non-volatile memory, then downloaded to volatile memory as part of an initial configuration (programming) sequence. In some CPLDs and FPGAs, non-volatile memory controls programmable interconnects and logic directly.
For all of these PLDs, the functionality of the device is controlled by data bits provided to the device for that purpose. The data bits can be stored in volatile memory (e.g., static memory cells), in non-volatile memory (e.g., FLASH memory), or in any other type of memory cell.
Other PLDs are programmed by applying a processing layer, such as a metal layer, that programmably interconnects the various elements on the device. These PLDs are known as mask programmable devices. PLDs can also be implemented in other ways, e.g., using fuse or anti-fuse technology. The terms PLD and “programmable logic device” include but are not limited to these exemplary devices, as well as encompassing devices that are only partially programmable. For example, one type of PLD includes a combination of hard-coded transistor logic and a programmable switch fabric that programmably interconnects the hard-coded transistor logic.
Semiconductor integrated circuits such as processors, PLDs, and application specific integrated circuits (“ASICs”) require a substantial amount of development resources for their design. Integrated circuits such as FPGAs are commonly used in high-volume applications such as for processing video signals, decoding audio signals, etc. An issue in the marketplace is the ease with which such devices can be reverse engineered and then reproduced with much less effort than that required for their original development. To protect the intellectual property inherent in such devices, researchers have described embedding a non-volatile chip identifier on the semiconductor device, and to insert into the user function a check for the proper chip identifier to protect the design against unauthorized reproduction.
An option to provide program protection for an integrated circuit such as a PLD, i.e., to provide a level of protection against unauthorized use, is to send an encrypted bitstream for the program from the nonvolatile external memory device to the PLD when it is powered up, and to provide a decrypter in the PLD with a decryption key that is stored in nonvolatile memory internally to the PLD. The program in the flash memory or other external source would be encrypted for the particular PLD chip. The internal nonvolatile memory could be formed using selectably clearable fuses, or by using a battery backed-up memory such as a RAM. Practical design issues associated with encrypting a program for a PLD are details related to how the decryption key is stored, how easily such a key can be broken or by-passed, and whether customers for the PLD can provide their own decryption key. Such protection processes have vulnerabilities that can be compromised by reverse engineering of the chip. For example, the logical signal that is recorded in the chip when a decryption key is produced or validated might be identified by reverse engineering and overwritten, thereby compromising the protection provided by the decryption key.
Another option to provide program protection for the integrated circuit or other digital device is to employ a device identifier to be used like a password. A design is customized for a particular integrated circuit by storing the device identifier of that integrated circuit with the design. That storage may be as an initial value in a memory or as a circuit that checks the device identifier value. Checking may be performed with a circuit or with software in the design. The device identifier may be stored in a nonvolatile memory on the chip.
A reproducible and unique chip identifier is needed. Accordingly, there is a need for a process and related method to employ a reproducible and unique identifier to protect the chip against unauthorized reproduction. The process should be simple, because it would be applied to every instance of the die, and the resulting device should be substantially immune to reverse engineering, thereby avoiding disadvantages of conventional approaches for protecting unauthorized chip reproduction.