Design security for pre-Virtex2 parts ?

I am not a Xilinx expert, but I think the answer is "cannot be done". Us something else if you don't want the bitstream snooped upon.

Actually there are alternatives using external and/or internal features. This is marketing piece, but informative on the subject:

And this white paper describes how to implement a CipherStream protocol:

An application note for copy protection using a secure EEPROM:

And this landing page holds a whole lot more on this subject:

Ed McGettigan

-- Xilinx Inc.

Use a drop in replacement. The security hole is snooping the bitstream.

has drop in replacements. You program once at the factory and then you don't have to worry about snooping done out in the field.

If you need to reprogram the fpga at the customer site, and are worried about the security. You will need to go with the newer chips.

We have used this great solution :

This is a generic solution, not dedicated to any FPGA maker !

Regards, Laurent

U can't get security within chips that are provided for the mass market. everyone who has at least $10000 can backengineer these. It's better to work on own solutions.

Marlboro schrieb:

pk/3826

Thanks all for inputs, now at least I have some clues

In summary, the idea is having a another "host device" either using a CoolRunner or PicoBlaze within the FPGA itself. The host then determines whether or not continue to load the real design (by correctly decode something)

And yet, I agree nothing is absolute safe but at least with the above approaches it does increase the secure factor

I disagree; I doubt that you could reverse-engineer Actel's flash or antifuse parts on a $10k budget. c.f.,

(Design security was one of the primary reasons that ARM chose Actel for the free release of their ARM7 and Cortex M1 processors.)

regards, Kris