Field programmable gate array (FPGA) designs are vulnerable to design theft because configuration bitstreams can be easily captured and copied. FPGAs are more vulnerable to cloning of the entire design than to intellectual property (IP) theft, since extracting IP from the bitstream is nearly impossible. In order to protect the configuration bitstream, some FPGAs are now capable of encrypting the bitstream. However, for FPGAs that do not offer embedded bitstream encryption, there is an additional cost for encrypting the configuration bitstream due to the additional step of programming the encryption key in the FPGA during manufacturing. For high-volume applications, using a security companion chip is much more cost effective.

This paper offers a solution to help protect FPGA designs from being cloned. Using the “identification, friend or foe” (IFF) design security approach, this solution disables the design within the FPGA until the hash algorithm computation matches in both the FPGA and a secure memory device, so the design remains secure even if the configuration data bitstream is captured. In this solution, the secure memory device is use as a security companion
chip for the FPGA.