Programmable logic devices (PLDs) are a well-known type of programmable integrated circuit (IC) that can be programmed to perform specified logic functions. One type of PLD, the field programmable gate array (FPGA), typically includes an array of programmable tiles. These programmable tiles comprise various types of logic blocks, which can include, for example, input/output blocks (IOBs), configurable logic blocks (CLBs), dedicated random access memory blocks (BRAM), multipliers, digital signal processing blocks (DSPs), processors, clock managers, delay lock loops (DLLs), bus or network interfaces such as Peripheral Component Interconnect Express (PCIe) and Ethernet and so forth. Each programmable tile typically includes both programmable interconnect and programmable logic that may be programmed by loading a set of configuration data into internal configuration memory cells that define how the programmable elements are configured. The configuration data can be read from memory (e.g., from an external PROM) or written into the FPGA by an external device. The collective states of the individual memory cells then determine the function of the FPGA.
The complexity of system designs is increasing along with the additional resources made available with each new generation of PLDs. Early generations of PLDs were popular for glue logic, and recent generations have the resources to implement a system on a chip. In developing a large system having many subcomponents, designers are increasingly relying on designs previously created for the subcomponents. The subcomponent designs may be developed internally by an organization responsible for designing and implementing the overall system, or obtained from outside the organization.
In large systems, subcomponents may be gathered from various sources and assembled by a large number of parties in the manufacturing chain. Accordingly, vendors have less control than if all the subcomponents were designed and created and assembled by a single vendor. Moreover, various subcomponents may be accessed after assembly by various parties responsible for maintenance of the system. Even with trusted vendors, assemblers, and maintenance employees there may be some degree of risk that an unscrupulous person may tamper with components to install unauthorized circuits or logic such as Trojan horse logic. Trojan horse logic may be instantiated and activated after the system is deployed and operating and may expose secret information or modify some function of the design, for example. The risks are relevant to applications ranging from military defense systems to commercial banking systems, for example.