Programmable circuit devices include several programmable circuit elements that may be configured to perform various different functions. Such programmable circuit devices may be configured by a user to fulfill his particular application.
In general, the functionality of a programmable circuitry is not established until configuration data is loaded into a configuration memory of the IC. Typically, an encrypted configuration bitstream is loaded into the programmable device, where it is decrypted and stored in the configuration memory of the programmable device. The unencrypted configuration bitstream may then be used to program programmable circuitry of an IC such as an FPGA. The configuration bitstream effectively implements a particular circuit design within the programmable circuitry. The circuit design may specify functional aspects of the programmable circuit blocks and physical connectivity among the various programmable circuit blocks.
In order to write the configuration data into the configuration memory, a hardened write path is typically provided between an external port of the programmable IC and the configuration memory. A hardened read path is typically also provided in order to allow a user of the IC to verify the characteristics of the configuration bitstream. For example, the read path may provide the user a path to read back configuration status registers for identifying the cause of a failed bitstream load. The read path may also be used for high-bandwidth readback at runtime or during emulation and hardward co-simulation applications. However, providing a hardened read path between the configuration memory and the external port may potentially allow for an unauthorized/unwanted user to read out the unencrypted configuration bitstream.
Therefore, what is needed is a mechanism for securing configuration readback in a programmable IC device.