The present invention relates to configuring field programmable gate arrays generally, and more particularly to protecting configuration bitstreams from detection.
Field programmable gate array devices are logic or mixed signal devices that may be configured to provide a desirable user-defined function. FPGAs are currently configured by receiving configuration data from a configuration device. This configuration data may be referred to as a configuration bitstream or program object file (POF). The configuration bitstream opens and closes switches formed on the FPGA such that a desired electrical connections are made or broken, thereby configuring the device.
Modern FPGAs contain hundreds of thousands of logic gates, as well as processors, memories, dedicated analog function blocks, and other circuits. This large amount requires a similarly large configuration bitstream to configure it. For example, 50 megabits of configuration data are now needed by some FPGAs.
The configuration data needed represents a huge investment in manpower and research and development costs, often in the million dollar range. To protect this investment, configuration bitstreams are often encrypted. The encrypted bitstream is decrypted using a key stored on the FPGA, and the FPGA is then configured. When the FPGA receives a configuration bitstream, the bitstream that is susceptible to detection is thus protected.
Unfortunately, encryption circuitry can be very complex, thus consuming a large amount of area on an integrated circuit. This adds to the cost of each FPGA and also increases device power dissipation.
Thus what is needed are comparatively less complicated circuits, methods, and apparatus for protecting a configuration bitstream from detection.