Programmable IC devices, such as FPGAs, may include programmable logic blocks and programmable routing. The programmable logic and routing may be configured with a configuration bitstream that may be loaded into the programmable IC device from an external source. Partial reconfiguration (PR) may be performed on some programmable IC devices by using a follow-on bitstream (e.g., a bitstream loaded after the bitstream that initially configures an FPGA) to partially reconfigure a portion of the programmable logic and routing previously configured by an earlier bitstream.
Some bitstreams implement high-security or high-reliability designs that require tamper protection, as PR may be used by an attacker to modify (e.g., tamper with) a secure bitstream. Bistreams may be encrypted and authenticated, and non-volatile elements in a programmable IC device may be programmed such that only encrypted and authenticated bitstreams are accepted and permitted to reconfigure the programmable IC device. Further features of an illustrative PR device with a look up table (LUT) that clears some bits and rewrites other bits is described in U.S. patent application Ser. No. 09/443,971, filed Nov. 19, 1999, which is hereby incorporated by reference herein in its entirety. However, if a third party, such as a vendor's customer, has the ability to create an encrypted and authenticated bitstream, the third party has the ability to overwrite, whether deliberately or accidentally, any portion of the programmable IC device, including the vendor's base design.
There may be times that it may be desirable to modify a secure design. For example, a vendor may wish to sell a computing platform that contains an FPGA that includes a base region configured by the vendor, and a secondary region that may be partially configured by the vendor's customers. The vendor may want to protect the base configuration while allowing a third party to partially reconfigure other portions of the FPGA.