WO2008009168A1 - Method for protecting configuration information on programmable logic device - Google Patents

Method for protecting configuration information on programmable logic device Download PDF

Info

Publication number
WO2008009168A1
WO2008009168A1 PCT/CN2006/001630 CN2006001630W WO2008009168A1 WO 2008009168 A1 WO2008009168 A1 WO 2008009168A1 CN 2006001630 W CN2006001630 W CN 2006001630W WO 2008009168 A1 WO2008009168 A1 WO 2008009168A1
Authority
WO
WIPO (PCT)
Prior art keywords
programmable logic
logic device
customer
configuration information
customer identification
Prior art date
Application number
PCT/CN2006/001630
Other languages
French (fr)
Chinese (zh)
Inventor
Bo He
Tao Wang
Original Assignee
Bo He
Tao Wang
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bo He, Tao Wang filed Critical Bo He
Priority to PCT/CN2006/001630 priority Critical patent/WO2008009168A1/en
Publication of WO2008009168A1 publication Critical patent/WO2008009168A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights

Definitions

  • the invention relates to a method for protecting configuration information of a programmable logic device (PLD), which can be applied to a field programmable gate array (FPGA), a complex programmable logic device (CPLD), a general array logic (GAL), Programmable Logic Array (PLA), Programmable Array Logic (PAL) programmable logic device.
  • FPGA field programmable gate array
  • CPLD complex programmable logic device
  • GAL general array logic
  • PDA Programmable Logic Array
  • PAL Programmable Array Logic
  • programmable logic devices are widely used, such as field programmable gate array (FPGA), complex programmable logic device (CPLD), general array logic (GAL), programmable logic array (PLA), programmable array. Logic (PAL).
  • FPGA field programmable gate array
  • CPLD complex programmable logic device
  • GAL general array logic
  • PLA programmable logic array
  • PAL programmable array.
  • OTP ROM one-time programmable read only memory
  • EEPROM electrically erasable read-only memory
  • flash flash
  • Figure 1 illustrates the flow of a customer developing a circuit on a programmable logic device in the prior art. See Figure 1, S11: The customer obtains the programmable logic device from the manufacturer or supplier; S12: According to the public, general compilation rules, the customer's circuit design is compiled into a common configuration file by computer software; S13: Customer will The configuration file is written into the on-chip non-volatile memory of the above programmable logic device or the non-volatile memory of the off-chip electrical connection. Some programmable logic devices (such as most PLDs, CPLDs) are configured after being written into the configuration file, and have the design function after power-on; some programmable logic devices (such as most FPGAs) need to be powered on. After reading the configuration file in the non-volatile memory, the configuration can be completed, or the configuration can be completed by the computer after downloading the cable after power-on.
  • S11 The customer obtains the programmable logic device from the manufacturer or supplier
  • S12 According to the public, general compilation rules,
  • FIG. 2A shows a block diagram structure of the configuration information memory on-chip
  • FIG. 2B shows a block diagram structure of the configuration information memory on the off-chip
  • FIG. 2C shows a block diagram structure diagram in which configuration information is input from the computer to the programmable logic device.
  • the 2C solution for computer configuration is generally only used during the development phase and rarely used in actual products. The reason is obvious. There is very little computer system in the actual product. Therefore, most systems using programmable logic devices have their configuration information stored in non-volatile memory. .
  • the non-volatile memory is on-chip or off-chip, and is always implemented on a certain physical material (such as silicon wafer), any person skilled in the relevant art can use certain physical or chemical methods.
  • the configuration information stored in the non-volatile memory is read out at a lower cost.
  • a cracker a person who attempts to read other people's configuration information for a programmable logic device without authorization is hereinafter referred to as a cracker.
  • the cracker reads the configuration information stored in the memory 22A or 22B (shown in Fig. 2A or Fig. 2B), the quick copy can be realized by purchasing the same programmable logic device and writing the configuration information.
  • the object of the present invention is to solve the above problems and provide an inexpensive method for protecting configuration information of a programmable logic device, which does not rely on preventing customer configuration information from being read out, thereby greatly increasing the cost of cracking. It greatly prolongs the time required for cracking, and can effectively prevent the customer's configuration information from being easily cracked without the control of the manufacturer and the customer.
  • the technical solution of the present invention is: a method for protecting configuration information of a programmable logic device, for protecting a customer based on the programmable logic device when the programmable logic device is controlled by a manufacturer and a customer Configuration information, where the protection method includes:
  • the customer identification information determines a compilation method from the original circuit design to the configuration information corresponding to one-to-one, and the compilation method does not need to be disclosed, and can be grasped only by the manufacturer and the corresponding customer;
  • the programmable logic device When configuring the programmable logic device, the programmable logic device will first be based on the customer. The identification information is used to configure itself after the input configuration information is interpreted accordingly, and the interpretation method matches the compilation method in step (2). Similarly, the method of interpretation is not required to be disclosed, but can only be mastered by the manufacturer and the corresponding customer.
  • step (1) the technical means that the customer identification area is implemented by a one-time programmable read-only memory, and the manufacturer is in the customer
  • the identification area presets the customer identification information corresponding to the customer.
  • step (1) the technical means refers to: first, a customer identification configuration number provided by a manufacturer to a customer, and then programmable by the customer
  • the logic device inputs the customer identification configuration number, and the customer identification configuration number is processed by the programmable logic device to generate customer identification information and stored in the customer identification area.
  • the specific content of the processing function need not be disclosed only by the manufacturer, and the customer identification configuration number provided to each customer can be grasped only by the manufacturer and the corresponding customer.
  • the body may be a new piece of hardware circuitry added to the programmable logic device, or if the programmable logic device has an embedded microprocessor, the processor may also execute an embedded program to perform the processing function.
  • the foregoing method for protecting configuration information of a programmable logic device wherein the interpretation method comprises a combination of a certain complexity of verification, operation, or checksum operation to increase the difficulty of cracking, and the interpretation function is implemented.
  • the body may be a new piece of hardware circuitry added to the programmable logic device, or if the programmable logic device has an embedded microprocessor, the processor may also execute an embedded program to perform the interpretation function.
  • the hardware circuit or embedded program implementing the interpretation method is consistent for different customers, but the hardware circuit or the embedded program may interpret the input configuration information differently according to different customer identification information.
  • the specific content of the hardware circuit or embedded program implementing the interpretation method is only known by the manufacturer, and the determined logical function exhibited by the interpretation method under the determined customer identification is only by the manufacturer and the customer corresponding to the customer identification. grasp.
  • the present invention is controlled by customer identification information. How the configuration information is compiled and interpreted. Even if the cracker reads the customer identification information and the configuration information, since the other party's customer identification information cannot be written to the programmable logic device, the programmable logic device to which the configuration information can be applied cannot be obtained, and rapid imitation cannot be realized. BRIEF abstract
  • FIG. 1 is a flow chart of a prior art customer development circuit based on a programmable logic device.
  • 2A is a block diagram of one embodiment of a prior art customer development logic circuit.
  • 2B is a block diagram of another embodiment of a prior art customer development logic circuit.
  • 2C is a block diagram of another embodiment of a prior art customer development logic circuit.
  • FIG. 3 is a flow diagram of one embodiment of a client development logic circuit in accordance with the present invention.
  • FIG. 4 is a logic circuit diagram of an embodiment of a decoding circuit in the embodiment of FIG.
  • FIG. 5 is a flow diagram of another embodiment of a client development logic circuit in accordance with the present invention.
  • Figure 6 is a logic circuit diagram of an embodiment of a codec circuit in the embodiment of Figure 5.
  • Figure 7 is a logic circuit diagram of an embodiment of a decoding circuit that dynamically compiles and interprets.
  • Figure 3 illustrates a flow diagram of a simple embodiment of an FPGA employing the present invention and an embodiment of a customer developing a logic circuit on the FPGA platform.
  • the scheme adds two parts of the circuit to the existing FPGA: one is the customer identification area and the hardware circuit responsible for writing the customer identification to the area; the other is a decoding circuit, which will come from on-chip or off-chip memory.
  • the configuration information is decoded and then handed over to the FPGA. This process is described in detail below in conjunction with Figure 3.
  • Step S31 Customer A obtains an FPGA from a manufacturer or a supplier, and the customer identification area of the FPGA is not configured, that is, the customer identification area is a default value.
  • a new hardware circuit has been added to the FPGA. The function of the hardware circuit is only controlled by the manufacturer, and its output is connected to the input of the customer identification area.
  • the manufacturer provides the customer identification configuration number corresponding to the customer A, the customer identification configuration number is unique and only the manufacturer and the customer A know.
  • the client A writes the customer identification configuration number to the FPGA.
  • the customer identification configuration number is formed into the customer identification information by the checksum operation of the newly added hardware circuit and stored in the customer identification area.
  • the customer identification configuration number and the customer identification information may be a binary string, and the operation operation of the hardware circuit is mainly a bit operation of a binary string, and may be an inverse operation, an OR operation, a reordering, or the like. Because the information in the customer identification area can only be input through the hardware circuit Modification, and the function of the hardware circuit is confidential.
  • the customer identification configuration number is only known to both the manufacturer and the customer, so even if the cracker reads the customer identification information on the customer identification area, the hardware circuit is not known. The function, the corresponding customer identification configuration number cannot be pushed out, and the desired customer identification information cannot be written to the customer identification area of the FPGA.
  • the customer identification configuration number assigned by the manufacturer to customer A is "1010"
  • customer A inputs the identification number to the hardware circuit
  • the function of the hardware circuit is to replace the input end of the binary string and then repeat
  • the decoding circuit converts "1010” into customer identification information "001100110011001100110011” and stores it in the customer identification area of customer A.
  • the processor may execute an embedded program to complete the processing function, and the function of the program is the same as that of the hardware circuit. , can also play the role of converting the customer identification configuration number into customer identification information. Or combine a hardware circuit and a program to achieve the same function. Any implementation that can perform the same function should be included in the scope of the present invention.
  • Step S32 According to the public, general compilation rules, the circuit design of the client A is compiled into general configuration information in the computer. This step belongs to the prior art and is the same as step S12 of Fig. 1.
  • Step S33 Determine an encoding manner according to the customer identification information of the customer A, and convert the general configuration information obtained in the previous step into the configuration information dedicated to the customer A.
  • This encoding method is inverse to the decoding function of the decoding circuit in step S35. Still taking the customer identification information "001100110011001100110011" of the customer A in step S31 as an example, the customer identification information indicates that in step S35, the decoding method of the FPGA is the first two bits of the Byte data of the obtained configuration information. Negate.
  • the inverse processing is to reverse the first two bits of each Byte data of the general configuration information, so the corresponding encoding method in this step is also to invert the first two bits of the Byte data of the general configuration information to generate the client A dedicated.
  • Configuration information is provided by the manufacturer to the customer A and is kept confidential by the manufacturer and customer A.
  • Step S34 The configuration information dedicated to the client A is written into the non-volatile memory for configuring the FPGA.
  • the non-volatile memory can be designed in the chip of the FPGA chip, or can be disposed on the off-chip and electrically connected to the FPGA.
  • the non-volatile memory is a read only memory (ROM).
  • ROM read only memory
  • the configuration information cannot be applied due to the lack of decoding operation corresponding to the encoding operation.
  • the customer ID configuration number of customer A must be obtained to write the customer logo corresponding to the configuration information to the customer logo area of the FPGA.
  • Step S35 After the FPGA is powered on, the configuration information specific to the client A is read and decoded into a common general configuration information by a decoding circuit in the FPGA, and then used to configure itself.
  • the encoding process of this step and step S33 is reciprocal.
  • the decoding circuit for all customers' FPGAs is the same, but different client identification information can control the decoding circuit to exhibit different decoding functions.
  • the decoding circuit is configured by the client identification information of the client A to function as the first two bits of the Byte data of the obtained configuration information, and the logic circuit device realizes its specific function, as will be obtained above. For example, the first two bits of each Byte data of the configuration information are reversed.
  • the implementation of the decoding circuit is as shown by the dashed box in FIG.
  • an inverter 43A, 43B is provided to each of the first two bit lines of the FPGA 42, and the remaining bit lines are directly connected to the configuration information memory 41 and the FPGA 42 without any device. If the configuration data is serially entered into the FPGA, it can be converted to parallel data before doing the above processing.
  • the actual decoding circuit is not limited to one design, and it is included in the scope of the claims as long as the required decoding function is achieved.
  • Fig. 5 shows a flow of a simple embodiment using the CPLD of the present invention and another embodiment of the customer's circuit development on the CPLD platform.
  • the scheme adds two parts of the circuit based on the existing CPLD: one is the customer identification area and the hardware circuit responsible for writing the customer identification to the area; the second is a piece of compiled code circuit, which decodes the input configuration information.
  • the on-chip non-volatile memory is further written, and when the on-chip configuration information is required to be read, the configuration information of the on-chip non-volatile memory is encoded and output. The flow will be described in detail below in conjunction with FIG. 5.
  • Step S51 This step is similar to step S31 of the embodiment shown in FIG. 3, that is, the CPLD adds a customer identification area and corresponding hardware circuits compared to the existing CPLD. The description will not be repeated here.
  • the customer identification configuration number assigned by the manufacturer to customer B is "1101”
  • customer B inputs the customer identification configuration number to the hardware circuit, which converts "1101" into customer identification information.
  • Step S52 According to the public, general compilation rules, the circuit design of the client B is compiled into general configuration information in the computer. This step belongs to the prior art and is the same as step S12 of Fig. 1.
  • Step S53 This step is the same as step S33 of the embodiment shown in FIG. Taking the customer identification information "110111011101110111011101" of the customer B in step S51 as an example, the customer identification information indicates that in step S54, the decoding method of the CPLD is to exchange the last two bits of the Byte data of the obtained configuration information.
  • the inverse processing is to exchange the last two bits of each Byte data of the general configuration information, so the corresponding encoding method in this step is also to exchange the last two bits of the Byte data of the general configuration information to generate the customer B dedicated.
  • Configuration information is provided by the manufacturer to the customer B and is kept confidential by the manufacturer and the customer B.
  • Step S54 The configuration information that has been compiled into the client B is written into the non-volatile memory in the CPLD chip.
  • the configuration information sent to the CPLD is first decoded by the hardware codec circuit in the CPLD chip and then written into the non-volatile memory in the chip, and the specific decoding function of the codec circuit is identified by the on-chip customer. Information is decided. Taking customer B as an example, the customer identification information determines that the CPLD's codec circuit exchanges the last two bits of each Byte data of the input configuration information and then writes it to the non-volatile memory.
  • the configuration information can be read out from the CPLD to verify whether the writing process is correct.
  • the encoding and decoding circuit performs an encoding function that is reciprocal to the decoding process, so that the output configuration information is the same as the originally input configuration information. For verification.
  • step S54 is similar to the step S35 of the embodiment of Fig. 3, that is, adding a codec circuit that interchanges the last two bits of each Byte configuration data.
  • the codec circuit implements its specific function by the logic circuit device. Taking the function of exchanging the last two bits of each Byte configuration data as described above, the implementation of the codec circuit is as shown by the dotted line frame in FIG.
  • a module 62 for interchanging two bits of signals is provided on the last two bit (bit) data line of the data bus of the CPLD on-chip non-volatile memory 63 connected to the CPLD input interface 61. The remaining bit data lines are not provided with any device.
  • the CPLD input interface 61 and the on-chip memory 63 are directly connected.
  • the bit data line 64 is connected to the input port A of the module 62, and the bit data line 65 is connected to the input port B of the module 62.
  • the output port C outputs the signal received by the input port B, and the output port D is output. Output the signal received by input A.
  • the configuration data is serially entered into the CPLD, it must be converted to parallel data before doing the above processing.
  • the actual codec circuit does not have a design, and it is included in the scope of the claims as long as the required decoding function is achieved.
  • the way of compiling and interpreting is static. That is to say, in the compile and explain mode, no conditions are set.
  • the method of compiling the common configuration file obtained by the original development process into its own dedicated configuration file is time-independent. It is also possible to set the way of compiling and interpreting to be dynamic.
  • the so-called dynamic means You can set a condition to perform different compilation and interpretation operations under different conditions.
  • customer C's customer identification information 3 ⁇ 4 "110000001100110011011000" the decoding method represented by the customer identification information is as follows: In the previous 1000 Byte configuration data, the first two digits of the configuration data are inverted, and the last two bits in the next 1000 Byte configuration data are exchanged. Then repeat the above process.
  • the logic implementation of the decoding circuit is shown in the dashed box of Figure 7.
  • a configuration information store (e.g., ROM) 71 that stores FPGA configuration data is coupled to modules 72 and 73, respectively, wherein module 72 can implement the inversion of the first two bits of the configuration data, and module 73 can effect the exchange of the last two bits of the configuration data. Modules 72 and 73 are coupled to a selector 74.
  • the selector 74 has a selection terminal Sel that receives a control signal and an output terminal that is connected to the FPGA 75.
  • the selector 74 selects a signal on one of the input ports as an output according to different control signals.
  • the control signal refers to whether the condition that the 1000OO configuration data is full is satisfied.
  • the corresponding dynamic method is also used in the process of compiling and obtaining the dedicated configuration information. It should be understood that the dynamic method described herein is for the foregoing static method, and can be applied to the embodiment shown in FIG. 3, and can also be applied to the embodiment shown in FIG. 5.
  • step S31 of the embodiment of FIG. 3 and the step S51 of the embodiment shown in FIG. 5 can also be implemented in another manner.
  • the manufacturer pre-writes the customer's corresponding customer identification information in the customer identification area according to the customer information before the programmable logic device leaves the factory.
  • the customer identification area is implemented by one programmable read only memory (OTP ROM). That is to say, once the programmable logic device is shipped, its internal customer identification area cannot be erased.
  • OTP ROM programmable read only memory
  • the foregoing implementation method of the present invention can be further strengthened in the following three points.
  • the first point The code of the codec circuit and the circuit of the programmable logic device itself can be mixed together, which makes it difficult for the cracker to obtain the codec circuit, so that the client-specific compiler interpretation mode cannot be known.
  • the second point The codec circuit should have a certain complexity, which makes it difficult for the cracker to guess the function of the codec circuit. For example, the binary information from the customer identification area is first reordered and some mathematical operations are performed, and then the obtained configuration information is reordered and partially inverted according to the operation result, and the obtained result is output to the programmable logic device.
  • the cracker reads the binary string of the customer identification information "110011001100110011001101", it is easy to associate with the compiler conversion mode as the last two digits of the configuration information. If the customer identification information is also converted, the bits of the binary string are reordered or logically converted into a new binary string, and the configuration information is processed according to the result. Even if the cracker reads the binary string of the customer identification information, the user cannot easily obtain the information of the client-specific conversion method.
  • the processing function from the customer identification configuration number to the customer identification information should have a certain complexity. The customer ID configuration number can be longer and a checksum is added. The customer identification configuration number entered into the programmable logic device is verified Then re-sort and some logic operations are then output to the customer identification area.
  • the focus of the present invention is on compiling the configuration information of the programmable logic device in a client-specific compilation manner so that the cracker cannot quickly copy it even if the configuration information is obtained.
  • the specific customer identification, the specific compilation and interpretation mode, the specific implementation of the codec circuit, and the like mentioned above are only examples, and are not intended to limit the present invention.

Abstract

A method for protecting a configuration information on a programmable logic device, includes: (1) a user identification area in which the user identification information corresponding to the different users is stored is set on the programmable logic device, and the case that any user can't write the user identification information of the other user into the user identification area can be ensured by the technical means; (2) the user identification information determines a method for compiling an original circuit into the configuration information;(3) when configuring the programmable logic device, it can configure itself after interpreting the inputted configuration information based on the user identification information, the interpreting method matching the compiling method in step(2).

Description

一种对可编程逻辑器件的配置信息的保护方法 技术领域  Method for protecting configuration information of programmable logic device
本发明涉及一种对可编程逻辑器件 (PLD)的配置信息的保护方法, 可适用 于通称为现场可编程门阵列(FPGA)、 复杂可编程逻辑器件 (CPLD)、通用阵列逻 辑(GAL)、 可编程逻辑阵列(PLA)、 可编程阵列逻辑 (PAL)的可编程逻辑器件。 背景技术  The invention relates to a method for protecting configuration information of a programmable logic device (PLD), which can be applied to a field programmable gate array (FPGA), a complex programmable logic device (CPLD), a general array logic (GAL), Programmable Logic Array (PLA), Programmable Array Logic (PAL) programmable logic device. Background technique
目前各种可编程逻辑器件得到了广泛的应用, 如现场可编程门阵列 (FPGA)、 复杂可编程逻辑器件 (CPLD)、通用阵列逻辑 (GAL)、 可编程逻辑阵列 (PLA)、 可编程阵列逻辑 (PAL)。 通常在这些可编程逻辑器件的应用中, 需要利 用片内或片外的可编程非挥发存储器如一次可编程只读存储器 (OTP ROM) 、 电可擦写只读存储器(EEPROM) 、 闪存(Flash)等来存放可编程逻辑器件的 配置信息。 在基于可编程逻辑器件的电路开发阶段, 也常通过下载电缆由计算 机来配置可编程逻辑器件。  At present, various programmable logic devices are widely used, such as field programmable gate array (FPGA), complex programmable logic device (CPLD), general array logic (GAL), programmable logic array (PLA), programmable array. Logic (PAL). Usually in these programmable logic device applications, it is necessary to use on-chip or off-chip programmable non-volatile memory such as one-time programmable read only memory (OTP ROM), electrically erasable read-only memory (EEPROM), flash memory (Flash ) to store the configuration information of the programmable logic device. In the circuit development phase based on programmable logic devices, programmable logic devices are often configured by a computer through a download cable.
图 1示出了现有技术中客户在可编程逻辑器件上开发电路的流程。 请参 见图 1, S11 : 客户从制造商或者供应商处获得可编程逻辑器件; S12: 按照公 开的、 通用的编译规则, 客户的电路设计由计算机软件编译成通用的配置文件 ; S13 : 客户将配置文件写入上述可编程逻辑器件的片内非挥发存储器或片外 电性连接的非挥发存储器中。 一些可编程逻辑器件 (如大部分 PLD、 CPLD)被 写入配置文件后即完成配置, 上电后即具备设计的功能; 还有一些可编程逻辑 器件 (如大部分 FPGA)还需在上电后读取所述非挥发存储器中的配置文件才能 完成配置, 或者也可在上电后由计算机通过下载电缆来完成配置。  Figure 1 illustrates the flow of a customer developing a circuit on a programmable logic device in the prior art. See Figure 1, S11: The customer obtains the programmable logic device from the manufacturer or supplier; S12: According to the public, general compilation rules, the customer's circuit design is compiled into a common configuration file by computer software; S13: Customer will The configuration file is written into the on-chip non-volatile memory of the above programmable logic device or the non-volatile memory of the off-chip electrical connection. Some programmable logic devices (such as most PLDs, CPLDs) are configured after being written into the configuration file, and have the design function after power-on; some programmable logic devices (such as most FPGAs) need to be powered on. After reading the configuration file in the non-volatile memory, the configuration can be completed, or the configuration can be completed by the computer after downloading the cable after power-on.
经过上述步骤, 客户的电路设计就在可编程逻辑器件上实现了。 接着参 见图 2A、 图 2B和图 2C, 图 1所示的流程以框图的形式示出。其中图 2A示出 了配置信息存储器在片内的框图结构, 图 2B示出了配置信息存储器在片外的 框图结构, 图 2C示出了配置信息由计算机输入给可编程逻辑器件的框图结构 图 2C的这种由计算机来完成配置的方案一般仅在开发阶段釆用而很少 在实际产品中使用, 原因很明显, 实际产品中很少含有一个计算机系统。 因此 绝大多数釆用可编程逻辑器件的系统,其配置信息是存储在非挥发存储器中的 。 但是, 不论非挥发存储器在片内还是片外, 最终总是实现在某种物理材料上 的 (如硅片) , 所以任何具有相关技术背景的技术人员都能借助某些物理或化 学的方法,以较低的成本读出非挥发存储器中存放的配置信息。为了描述方便, 下文中把在未获授权情况下企图读取他人用于可编程逻辑器件的配置信息的 人称为破解者。 After the above steps, the customer's circuit design is implemented on the programmable logic device. Referring next to Figures 2A, 2B and 2C, the flow shown in Figure 1 is shown in block diagram form. 2A shows a block diagram structure of the configuration information memory on-chip, FIG. 2B shows a block diagram structure of the configuration information memory on the off-chip, and FIG. 2C shows a block diagram structure diagram in which configuration information is input from the computer to the programmable logic device. The 2C solution for computer configuration is generally only used during the development phase and rarely used in actual products. The reason is obvious. There is very little computer system in the actual product. Therefore, most systems using programmable logic devices have their configuration information stored in non-volatile memory. . However, whether the non-volatile memory is on-chip or off-chip, and is always implemented on a certain physical material (such as silicon wafer), any person skilled in the relevant art can use certain physical or chemical methods. The configuration information stored in the non-volatile memory is read out at a lower cost. For convenience of description, a person who attempts to read other people's configuration information for a programmable logic device without authorization is hereinafter referred to as a cracker.
如果破解者读出存储于存储器 22A或 22B (图 2A或图 2B中示出) 中的 配置信息, 即可通过釆购相同的可编程逻辑器件并写入该配置信息来实现快速 仿制。  If the cracker reads the configuration information stored in the memory 22A or 22B (shown in Fig. 2A or Fig. 2B), the quick copy can be realized by purchasing the same programmable logic device and writing the configuration information.
为此, 人们开发了很多对可编程逻辑器件的配置信息的保护方法, 这些 方法的指导思想都是采用各种手段防止配置信息从存储器 22A或 22B (图 2A 或图 2B中示出) 中被读出或加大破解者读出配置信息的时间和成本。 例如, 设置加密位进行保护,在完成向存储器写入配置信息后使能加密位以防止信息 被读出。 一个简单的方法即可令该保护机制失效: 破解者可以打开集成电路封 装, 然后用某些特定的方法 (如聚焦离子束 (FIB ) ) 控制加密位信号, 从而 达到读取配置信息的目的。 因此, 采用加密位的方法增加的破解成本不大, 防 止破解的效果一般。 发明内容  To this end, many methods for protecting the configuration information of programmable logic devices have been developed. The guiding principles of these methods are to prevent configuration information from being stored in the memory 22A or 22B (shown in FIG. 2A or FIG. 2B) by various means. Read or increase the time and cost of the cracker reading configuration information. For example, the encryption bit is set for protection, and the encryption bit is enabled after the configuration information is written to the memory to prevent the information from being read. An easy way to disable the protection mechanism: The cracker can open the integrated circuit package and then use some specific methods (such as focused ion beam (FIB)) to control the encryption bit signal to achieve the purpose of reading the configuration information. Therefore, the method of using the encryption bit increases the cracking cost, and the effect of preventing the crack is general. Summary of the invention
本发明的目的在于解决上述问题,提供了一种廉价的对可编程逻辑器件的 配置信息的保护方法, 它不依赖于防止客户的配置信息被读出, 很大程度上增 加了破解成本, 也大大延长了破解所需的时间, 能有效地防止客户的配置信息 在脱离制造商和客户控制的情况下被轻易破解。  The object of the present invention is to solve the above problems and provide an inexpensive method for protecting configuration information of a programmable logic device, which does not rely on preventing customer configuration information from being read out, thereby greatly increasing the cost of cracking. It greatly prolongs the time required for cracking, and can effectively prevent the customer's configuration information from being easily cracked without the control of the manufacturer and the customer.
本发明的技术方案为: 一种对可编程逻辑器件的配置信息的保护方法, 用 于在所述可编程逻辑器件脱离制造商和客户控制的情况下保护客户基于所述 可编程逻辑器件开发的配置信息, 其中, 所述保护方法包括:  The technical solution of the present invention is: a method for protecting configuration information of a programmable logic device, for protecting a customer based on the programmable logic device when the programmable logic device is controlled by a manufacturer and a customer Configuration information, where the protection method includes:
( 1 ) 在所述可编程逻辑器件中增设客户标识区, 所述客户标识区中存储 对应不同客户的客户标识信息,并通过技术手段确保任何客户无法在客户标识 区中写入其他客户的客户标识信息;  (1) adding a customer identification area in the programmable logic device, wherein the customer identification area stores customer identification information corresponding to different customers, and technically ensures that any customer cannot write other customer's customers in the customer identification area. Identification information;
( 2 ) 所述客户标识信息确定一种与之一一对应的由原始电路设计到配置 信息的编译方法, 且该编译方法无须公开, 可仅由制造商和对应的客户掌握; (2) the customer identification information determines a compilation method from the original circuit design to the configuration information corresponding to one-to-one, and the compilation method does not need to be disclosed, and can be grasped only by the manufacturer and the corresponding customer;
( 3 ) 对所述可编程逻辑器件进行配置时, 可编程逻辑器件会先根据客户 标识信息对输入的配置信息作相应的解释后再用于配置自身, 且所述解释方法 与步骤 (2) 中的编译方法匹配。 类似的, 该解释方法也无须公开, 可仅由制 造商和对应的客户掌握。 (3) When configuring the programmable logic device, the programmable logic device will first be based on the customer. The identification information is used to configure itself after the input configuration information is interpreted accordingly, and the interpretation method matches the compilation method in step (2). Similarly, the method of interpretation is not required to be disclosed, but can only be mastered by the manufacturer and the corresponding customer.
上述的对可编程逻辑器件的配置信息的保护方法, 其中, 步骤 (1 ) 中, 所述技术手段是指所述客户标识区釆用一次可编程只读存储器实现, 由制造商 在所述客户标识区预设客户对应的客户标识信息。  The foregoing method for protecting configuration information of a programmable logic device, wherein, in step (1), the technical means that the customer identification area is implemented by a one-time programmable read-only memory, and the manufacturer is in the customer The identification area presets the customer identification information corresponding to the customer.
上述的对可编程逻辑器件的配置信息的保护方法, 其中, 步骤 (1 ) 中, 所述技术手段是指, 首先由制造商提供给客户对应的客户标识配置号, 再由客 户自行向可编程逻辑器件输入该客户标识配置号, 所述客户标识配置号经可编 程逻辑器件处理后生成客户标识信息并存入所述客户标识区。该处理功能的具 体内容无须公开可仅由制造商掌握, 而提供给每个客户的客户标识配置号可仅 由制造商和对应的客户掌握。  The foregoing method for protecting configuration information of a programmable logic device, wherein, in step (1), the technical means refers to: first, a customer identification configuration number provided by a manufacturer to a customer, and then programmable by the customer The logic device inputs the customer identification configuration number, and the customer identification configuration number is processed by the programmable logic device to generate customer identification information and stored in the customer identification area. The specific content of the processing function need not be disclosed only by the manufacturer, and the customer identification configuration number provided to each customer can be grasped only by the manufacturer and the corresponding customer.
上述的对可编程逻辑器件的配置信息的保护方法, 其中, 所述处理功能包 括具备一定复杂度的校验、 运算、 或者校验与运算的组合以增加破解的难度, 而实现该处理功能的主体可以是在可编程逻辑器件中新增的一块硬件电路, 或 者若所述可编程逻辑器件有嵌入式微处理器, 也可由该处理器执行一段内嵌的 程序来完成该处理功能。  The foregoing method for protecting configuration information of a programmable logic device, wherein the processing function includes a combination of a certain complexity of verification, operation, or checksum operation to increase the difficulty of cracking, and the processing function is implemented. The body may be a new piece of hardware circuitry added to the programmable logic device, or if the programmable logic device has an embedded microprocessor, the processor may also execute an embedded program to perform the processing function.
上述的对可编程逻辑器件的配置信息的保护方法, 其中, 所述解释方法包 括具备一定复杂度的校验、 运算、 或者校验与运算的组合以增加破解的难度, 而实现该解释功能的主体可以是在可编程逻辑器件中新增的一块硬件电路, 或 者若所述可编程逻辑器件有嵌入式微处理器, 也可由该处理器执行一段内嵌的 程序来完成该解释功能。实现所述解释方法的硬件电路或内嵌程序对不同客户 来说是一致的, 但所述硬件电路或内嵌程序会根据不同客户标识信息对输入的 配置信息作出不同的解释。实现所述解释方法的硬件电路或内嵌程序的具体内 容仅由制造商掌握, 而该解释方法在确定的客户标识下表现出的确定的逻辑功 能仅由制造商和与该客户标识对应的客户掌握。  The foregoing method for protecting configuration information of a programmable logic device, wherein the interpretation method comprises a combination of a certain complexity of verification, operation, or checksum operation to increase the difficulty of cracking, and the interpretation function is implemented. The body may be a new piece of hardware circuitry added to the programmable logic device, or if the programmable logic device has an embedded microprocessor, the processor may also execute an embedded program to perform the interpretation function. The hardware circuit or embedded program implementing the interpretation method is consistent for different customers, but the hardware circuit or the embedded program may interpret the input configuration information differently according to different customer identification information. The specific content of the hardware circuit or embedded program implementing the interpretation method is only known by the manufacturer, and the determined logical function exhibited by the interpretation method under the determined customer identification is only by the manufacturer and the customer corresponding to the customer identification. grasp.
上述的对可编程逻辑器件的配置信息的保护方法, 其中, 所述编译方法和 解释方法是静态的, 编译和解释的行为不随时间的变化而变化。  The above method for protecting configuration information of a programmable logic device, wherein the compiling method and the interpreting method are static, and the behavior of compiling and interpreting does not change with time.
上述的对可编程逻辑器件的配置信息的保护方法, 其中, 所述编译方法和 解释方法是动态的, 编译和解释的行为在不同的条件下是不同的。  The above method for protecting configuration information of a programmable logic device, wherein the compiling method and the interpreting method are dynamic, and the compiling and interpreting behaviors are different under different conditions.
本发明对比现有技术有如下的有益效果: 本发明通过客户标识信息来控制 配置信息的编译和解释方式。 破解者即使读出客户标识信息和配置信息, 由于 无法向可编程逻辑器件写入他人的客户标识信息, 因此无法获得可应用该配置 信息的可编程逻辑器件, 也不可能实现快速仿制。 附图概述 Compared with the prior art, the present invention has the following beneficial effects: The present invention is controlled by customer identification information. How the configuration information is compiled and interpreted. Even if the cracker reads the customer identification information and the configuration information, since the other party's customer identification information cannot be written to the programmable logic device, the programmable logic device to which the configuration information can be applied cannot be obtained, and rapid imitation cannot be realized. BRIEF abstract
图 1是现有技术的客户基于可编程逻辑器件开发电路的流程图。  1 is a flow chart of a prior art customer development circuit based on a programmable logic device.
图 2A是现有技术的客户开发逻辑电路的一个实施例的框图。  2A is a block diagram of one embodiment of a prior art customer development logic circuit.
图 2B是现有技术的客户开发逻辑电路的另一实施例的框图。  2B is a block diagram of another embodiment of a prior art customer development logic circuit.
图 2C是现有技术的客户开发逻辑电路的另一实施例的框图。  2C is a block diagram of another embodiment of a prior art customer development logic circuit.
图 3是本发明中客户开发逻辑电路的一个实施例的流程图。  3 is a flow diagram of one embodiment of a client development logic circuit in accordance with the present invention.
图 4是图 3所示实施例中一译码电路实施例的逻辑电路图。  4 is a logic circuit diagram of an embodiment of a decoding circuit in the embodiment of FIG.
图 5是本发明中客户开发逻辑电路的另一实施例的流程图。  Figure 5 is a flow diagram of another embodiment of a client development logic circuit in accordance with the present invention.
图 6是图 5所示实施例中一编译码电路实施例的逻辑电路图。  Figure 6 is a logic circuit diagram of an embodiment of a codec circuit in the embodiment of Figure 5.
图 7是动态编译及解释的译码电路一实施例的逻辑电路图。 本发明的最佳实施方案  Figure 7 is a logic circuit diagram of an embodiment of a decoding circuit that dynamically compiles and interprets. BEST MODE FOR CARRYING OUT THE INVENTION
下面结合附图和实施例对本发明作进一步的描述。  The invention will now be further described with reference to the drawings and embodiments.
图 3示出了一种简单的采用了本发明的 FPGA的方案及客户在该 FPGA平台 上开发逻辑电路的一个实施例的流程。 该方案在现有 FPGA的基础上新增了两 部分电路: 一是客户标识区及负责向该区写入客户标识的硬件电路; 二是一块 译码电路,它将来自片内或片外存储器的配置信息译码后再交给 FPGA。下面结 合图 3对该流程进行详细描述。  Figure 3 illustrates a flow diagram of a simple embodiment of an FPGA employing the present invention and an embodiment of a customer developing a logic circuit on the FPGA platform. The scheme adds two parts of the circuit to the existing FPGA: one is the customer identification area and the hardware circuit responsible for writing the customer identification to the area; the other is a decoding circuit, which will come from on-chip or off-chip memory. The configuration information is decoded and then handed over to the FPGA. This process is described in detail below in conjunction with Figure 3.
步骤 S31 : 客户 A从制造商或供应商获得 FPGA, 该 FPGA的客户标识区未 经配置, 即客户标识区为缺省值。 FPGA新增了一块硬件电路, 该硬件电路的功 能仅由制造商掌握, 其输出端连接客户标识区的输入端。 同时由制造商提供给 客户 A对应的客户标识配置号, 该客户标识配置号具有唯一性且仅有制造商和 客户 A两者知道。 客户 A在拿到 FPGA后向 FPGA写入该客户标识配置号, 该客 户标识配置号通过所述新增的硬件电路的校验和运算后形成客户标识信息并 存储至客户标识区中。其中客户标识配置号和客户标识信息可以是一个二进制 串, 而所述硬件电路的运算操作以二进制串的位运算为主, 可以是取反运算、 与或运算、 重新排序等。 因为客户标识区的信息只能通过所述硬件电路来输入 修改, 且硬件电路的功能是保密的, 客户标识配置号也仅有制造商和客户两者 才知道, 所以即使破解者读出客户标识区上的客户标识信息, 但由于不知道所 述硬件电路的功能, 就无法倒推出对应的客户标识配置号, 也就无法向 FPGA 的客户标识区写入想要的客户标识信息。 举例来说, 制造商分配给客户 A的客 户标识配置号是 " 1010 " , 客户 A将该标识号输入至硬件电路, 该硬件电路的 功能是将输入的二进制串首末位互换后再重复 6次后输出, 于是该译码电路将 " 1010 "转换成客户标识信息 " 001100110011001100110011 "并存入客户 A的 客户标识区中。 Step S31: Customer A obtains an FPGA from a manufacturer or a supplier, and the customer identification area of the FPGA is not configured, that is, the customer identification area is a default value. A new hardware circuit has been added to the FPGA. The function of the hardware circuit is only controlled by the manufacturer, and its output is connected to the input of the customer identification area. At the same time, the manufacturer provides the customer identification configuration number corresponding to the customer A, the customer identification configuration number is unique and only the manufacturer and the customer A know. After obtaining the FPGA, the client A writes the customer identification configuration number to the FPGA. The customer identification configuration number is formed into the customer identification information by the checksum operation of the newly added hardware circuit and stored in the customer identification area. The customer identification configuration number and the customer identification information may be a binary string, and the operation operation of the hardware circuit is mainly a bit operation of a binary string, and may be an inverse operation, an OR operation, a reordering, or the like. Because the information in the customer identification area can only be input through the hardware circuit Modification, and the function of the hardware circuit is confidential. The customer identification configuration number is only known to both the manufacturer and the customer, so even if the cracker reads the customer identification information on the customer identification area, the hardware circuit is not known. The function, the corresponding customer identification configuration number cannot be pushed out, and the desired customer identification information cannot be written to the customer identification area of the FPGA. For example, the customer identification configuration number assigned by the manufacturer to customer A is "1010", and customer A inputs the identification number to the hardware circuit, and the function of the hardware circuit is to replace the input end of the binary string and then repeat After 6 times of output, the decoding circuit converts "1010" into customer identification information "001100110011001100110011" and stores it in the customer identification area of customer A.
应理解, 上述的硬件电路并不是必须的, 若所述 FPGA有嵌入式微处理器, 也可由该处理器执行一段内嵌的程序来完成该处理功能, 该程序的功能与上述 硬件电路的功能相同, 也可以起到将客户标识配置号转换成客户标识信息的作 用。 或者将一硬件电路和一段程序组合起来实现同样的功能。 只要能起到相同 作用的实现方法, 都应包含在本发明的保护范围内。  It should be understood that the above hardware circuit is not necessary. If the FPGA has an embedded microprocessor, the processor may execute an embedded program to complete the processing function, and the function of the program is the same as that of the hardware circuit. , can also play the role of converting the customer identification configuration number into customer identification information. Or combine a hardware circuit and a program to achieve the same function. Any implementation that can perform the same function should be included in the scope of the present invention.
步骤 S32 : 按照公开的、 通用的编译规则的, 客户 A的电路设计在计算机 中被编译成通用的配置信息。 这一步骤属于现有技术, 同图 1的步骤 S12是一 样的。  Step S32: According to the public, general compilation rules, the circuit design of the client A is compiled into general configuration information in the computer. This step belongs to the prior art and is the same as step S12 of Fig. 1.
步骤 S33 : 根据客户 A的客户标识信息确定一种编码方式, 以该编码方式 将上一步骤中得到的通用配置信息转换成客户 A专用的配置信息。这种编码方 式与步骤 S35中译码电路的译码功能互为逆过程。仍以步骤 S31中客户 A的客 户标识信息 " 001100110011001100110011 "为例, 该客户标识信息说明在步骤 S35中, FPGA的译码方法是将获得的配置信息的每字节 (Byte ) 数据的前两位 取反。 明显地, 其逆处理是将通用配置信息的每 Byte数据的前两位取反, 因 此本步骤中相应的编码方式也是将通用配置信息的每 Byte数据的前两位取反 以生成客户 A专用的配置信息。 在这里, 编码方式是制造商提供给客户 A并由 制造商和客户 A保密。  Step S33: Determine an encoding manner according to the customer identification information of the customer A, and convert the general configuration information obtained in the previous step into the configuration information dedicated to the customer A. This encoding method is inverse to the decoding function of the decoding circuit in step S35. Still taking the customer identification information "001100110011001100110011" of the customer A in step S31 as an example, the customer identification information indicates that in step S35, the decoding method of the FPGA is the first two bits of the Byte data of the obtained configuration information. Negate. Obviously, the inverse processing is to reverse the first two bits of each Byte data of the general configuration information, so the corresponding encoding method in this step is also to invert the first two bits of the Byte data of the general configuration information to generate the client A dedicated. Configuration information. Here, the coding method is provided by the manufacturer to the customer A and is kept confidential by the manufacturer and customer A.
步骤 S34:客户 A专用的配置信息被写入用于配置 FPGA的非挥发存储器中, 该非挥发存储器可以设计在 FPGA芯片的片内, 也可以设置在片外与 FPGA电性 连接。 一般而言, 该非挥发存储器是只读存储器(ROM)。 这一步骤也是现有技 术, 与图 1中的步骤 S13是相同的。 经过上述的转换手段, 破解者即使读出了 存储在 ROM中的客户 A的配置信息, 也无法实现快速仿制。 因为存储于 ROM中 的客户 A的配置信息已经是经过步骤 S33编码处理过的,它不能被普通的 FPGA 所识别, 所以即使破解者去市场上采购同一型号的 FPGA, 由于缺少了与编码操 作对应的译码操作, 也就无法应用该配置信息。 要直接应用该配置信息, 必须 获得客户 A的客户标志配置号, 以向 FPGA的客户标志区写入与配置信息对应 的客户标志。 Step S34: The configuration information dedicated to the client A is written into the non-volatile memory for configuring the FPGA. The non-volatile memory can be designed in the chip of the FPGA chip, or can be disposed on the off-chip and electrically connected to the FPGA. In general, the non-volatile memory is a read only memory (ROM). This step is also a prior art and is the same as step S13 in Fig. 1. Through the above conversion means, even if the cracker reads out the configuration information of the client A stored in the ROM, the quick copying cannot be realized. Since the configuration information of the client A stored in the ROM has been encoded by the step S33, it cannot be used by the ordinary FPGA. It is identified, so even if the cracker goes to the market to purchase the same type of FPGA, the configuration information cannot be applied due to the lack of decoding operation corresponding to the encoding operation. To directly apply this configuration information, the customer ID configuration number of customer A must be obtained to write the customer logo corresponding to the configuration information to the customer logo area of the FPGA.
步骤 S35 : FPGA上电后读取客户 A专用的配置信息并经 FPGA内一译码电 路译码成原来的通用配置信息, 再用于配置自身。 该步骤和步骤 S33的编码过 程是互逆的。 给所有客户的 FPGA的译码电路都是一样的, 但不同的客户标识 信息可控制该译码电路表现出不同的译码功能。 如上所述, 译码电路被客户 A 的客户标识信息配置成功能为将获得的配置信息的每 Byte数据的前两位取反 译码电路以逻辑电路器件实现其特定功能, 以上述将获得的配置信息的每 Byte数据的前两位取反这一功能为例,该译码电路的实现方式如图 4所示的虚 线框。 在配置信息存储器 41连向 FPGA 42的前两根位 (bit ) 数据线上各设置 一个反向器 43A、 43B, 其余的位数据线上不设任何器件直接连接配置信息存储 器 41和 FPGA42。若配置数据是串行进入 FPGA, 则可先将其转换为并行数据后 再做上述处理。 当然, 实际的译码电路并不只有一种设计方式, 只要达到所需 的译码功能, 都包括在本发明的权利要求范围内。  Step S35: After the FPGA is powered on, the configuration information specific to the client A is read and decoded into a common general configuration information by a decoding circuit in the FPGA, and then used to configure itself. The encoding process of this step and step S33 is reciprocal. The decoding circuit for all customers' FPGAs is the same, but different client identification information can control the decoding circuit to exhibit different decoding functions. As described above, the decoding circuit is configured by the client identification information of the client A to function as the first two bits of the Byte data of the obtained configuration information, and the logic circuit device realizes its specific function, as will be obtained above. For example, the first two bits of each Byte data of the configuration information are reversed. The implementation of the decoding circuit is as shown by the dashed box in FIG. In the configuration information memory 41, an inverter 43A, 43B is provided to each of the first two bit lines of the FPGA 42, and the remaining bit lines are directly connected to the configuration information memory 41 and the FPGA 42 without any device. If the configuration data is serially entered into the FPGA, it can be converted to parallel data before doing the above processing. Of course, the actual decoding circuit is not limited to one design, and it is included in the scope of the claims as long as the required decoding function is achieved.
图 5示出了一种简单的采用了本发明的 CPLD的方案及客户在该 CPLD平台 上进行电路开发的另一实施例的流程。 该方案在现有 CPLD的基础上新增了两 部分电路: 一是客户标识区及负责向该区写入客户标识的硬件电路; 二是一块 编译码电路, 它将输入的配置信息译码后再写入片内非挥发存储器, 要求读出 片内配置信息时将片内非挥发存储器的配置信息编码后再输出。 下面结合图 5 对该流程进行详细描述。  Fig. 5 shows a flow of a simple embodiment using the CPLD of the present invention and another embodiment of the customer's circuit development on the CPLD platform. The scheme adds two parts of the circuit based on the existing CPLD: one is the customer identification area and the hardware circuit responsible for writing the customer identification to the area; the second is a piece of compiled code circuit, which decodes the input configuration information. The on-chip non-volatile memory is further written, and when the on-chip configuration information is required to be read, the configuration information of the on-chip non-volatile memory is encoded and output. The flow will be described in detail below in conjunction with FIG. 5.
步骤 S51 :该步骤和图 3所示实施例的步骤 S31类似,即相比于现有的 CPLD, 该 CPLD新增了客户标识区及相应的硬件电路。 在此就不再重复描述。 举例来 说, 制造商分配给客户 B的客户标识配置号是 " 1101 " , 客户 B将该客户标识 配置号输入至硬件电路, 该硬件电路将 " 1101 " 转换成客户标识信息  Step S51: This step is similar to step S31 of the embodiment shown in FIG. 3, that is, the CPLD adds a customer identification area and corresponding hardware circuits compared to the existing CPLD. The description will not be repeated here. For example, the customer identification configuration number assigned by the manufacturer to customer B is "1101", and customer B inputs the customer identification configuration number to the hardware circuit, which converts "1101" into customer identification information.
" 110111011101110111011101 " 并存入客户标识区中。  "110111011101110111011101" is stored in the customer identification area.
步骤 S52 : 按照公开的、 通用的编译规则 , 客户 B的电路设计在计算机 中被编译成通用的配置信息。 这一步骤属于现有技术, 同图 1的步骤 S12是一 样的。 步骤 S53 : 该步骤和图 3所示实施例的步骤 S33是相同的。 以步骤 S51中 客户 B的客户标识信息 " 110111011101110111011101 "为例, 该客户标识信息 说明在步骤 S54中, CPLD的译码方法是将获得的配置信息的每 Byte数据的末 两位互换。 明显地, 其逆处理是将通用配置信息的每 Byte数据的末两位互换, 因此本步骤中相应的编码方式也是将通用配置信息的每 Byte数据的末两位互 换以生成客户 B专用的配置信息。 在这里, 编码方式是制造商提供给客户 B并 由制造商和客户 B保密。 Step S52: According to the public, general compilation rules, the circuit design of the client B is compiled into general configuration information in the computer. This step belongs to the prior art and is the same as step S12 of Fig. 1. Step S53: This step is the same as step S33 of the embodiment shown in FIG. Taking the customer identification information "110111011101110111011101" of the customer B in step S51 as an example, the customer identification information indicates that in step S54, the decoding method of the CPLD is to exchange the last two bits of the Byte data of the obtained configuration information. Obviously, the inverse processing is to exchange the last two bits of each Byte data of the general configuration information, so the corresponding encoding method in this step is also to exchange the last two bits of the Byte data of the general configuration information to generate the customer B dedicated. Configuration information. Here, the encoding method is provided by the manufacturer to the customer B and is kept confidential by the manufacturer and the customer B.
步骤 S54:已编译成为客户 B专用的配置信息被写入 CPLD片内的非挥发存 储器中。 写入过程中, 输给 CPLD的配置信息先被 CPLD片内的硬件编译码电路 译码后再写入片内的非挥发存储器,而编译码电路的具体译码功能则由片内的 客户标识信息决定。 以客户 B为例, 其客户标识信息确定 CPLD的编译码电路 将输入的配置信息的每 Byte数据的末两位互换后再写入非挥发存储器。 写入 完成后可以再从 CPLD读出配置信息以验证写入过程是否正确, 读出过程中编 译码电路执行与译码过程互逆的编码功能, 令输出的配置信息与原来输入的配 置信息相同, 以供验证。  Step S54: The configuration information that has been compiled into the client B is written into the non-volatile memory in the CPLD chip. During the writing process, the configuration information sent to the CPLD is first decoded by the hardware codec circuit in the CPLD chip and then written into the non-volatile memory in the chip, and the specific decoding function of the codec circuit is identified by the on-chip customer. Information is decided. Taking customer B as an example, the customer identification information determines that the CPLD's codec circuit exchanges the last two bits of each Byte data of the input configuration information and then writes it to the non-volatile memory. After the writing is completed, the configuration information can be read out from the CPLD to verify whether the writing process is correct. During the reading process, the encoding and decoding circuit performs an encoding function that is reciprocal to the decoding process, so that the output configuration information is the same as the originally input configuration information. For verification.
步骤 S54的实现方式与图 3实施例的步骤 S35类似,即增加一个将每 Byte 配置数据的末两位互换的编译码电路。编译码电路以逻辑电路器件实现其特定 功能, 以上述将每 Byte配置数据的末两位互换这一功能为例, 该编译码电路 的实现方式如图 6所示的虛线框。 在 CPLD输入接口 61连向 CPLD片内非挥发 存储器 63的数据总线的末两位(bit )数据线上设置一个能使两位信号互换的 模块 62,其余的位数据线上不设任何器件直接连接 CPLD输入接口 61和片内存 储器 63。 其中位数据线 64连在模块 62的输入口 A上, 位数据线 65连在模块 62的输入口 B上, 经模块 62处理之后, 输出口 C输出输入口 B接收的信号, 而输出口 D输出输入口 A接收的信号。若配置数据是串行进入 CPLD,则须先将 其转换为并行数据后再做上述处理。 当然, 实际的编译码电路并不只有一种设 计方式, 只要达到所需的译码功能, 都包括在本发明的权利要求范围内。  The implementation of step S54 is similar to the step S35 of the embodiment of Fig. 3, that is, adding a codec circuit that interchanges the last two bits of each Byte configuration data. The codec circuit implements its specific function by the logic circuit device. Taking the function of exchanging the last two bits of each Byte configuration data as described above, the implementation of the codec circuit is as shown by the dotted line frame in FIG. A module 62 for interchanging two bits of signals is provided on the last two bit (bit) data line of the data bus of the CPLD on-chip non-volatile memory 63 connected to the CPLD input interface 61. The remaining bit data lines are not provided with any device. The CPLD input interface 61 and the on-chip memory 63 are directly connected. The bit data line 64 is connected to the input port A of the module 62, and the bit data line 65 is connected to the input port B of the module 62. After processing by the module 62, the output port C outputs the signal received by the input port B, and the output port D is output. Output the signal received by input A. If the configuration data is serially entered into the CPLD, it must be converted to parallel data before doing the above processing. Of course, the actual codec circuit does not have a design, and it is included in the scope of the claims as long as the required decoding function is achieved.
上述两个实施例中, 编译和解释的方式都是静态的。 也就是说, 在编译和 解释方式中, 不会设置任何条件, 对于同一个客户来说, 把按原来开发流程获 得的通用配置文件编译为自己专用的配置文件的方法是与时间无关的。也可以 将编译和解释的方式设置为动态的。 所谓动态是指: 可以设置一个条件, 在不 同的条件下, 进行不同的编译和解释操作。 举例来说, 客户 C的客户标识信息 ¾ " 110000001100110011011000" , 该客户标识信息表示的译码方法如下: 在 之前的 1000 Byte配置数据中对配置数据的前两位取反,在接下来的 1000 Byte 配置数据中的末两位互换, 然后重复上述过程。 该译码电路的逻辑实现如图 7 的虚线框所示。 存储 FPGA配置数据的配置信息存储器(例如为 ROM) 71分别 连接模块 72和 73, 其中模块 72可实现将配置数据的前两位取反, 模块 73可 实现将配置数据的末两位互换。 模块 72和 73连接一个选择器 74。 选择器 74 有一选择端 Sel接收一控制信号, 输出端连接 FPGA75。 选择器 74根据不同的 控制信号选择其中一个输入口上的信号作为输出。 在这个例子中, 控制信号是 指是否满足 lOOOByte配置数据已满这一条件。 当然, 在编译获取专用配置信 息的过程中也要用对应的动态方法。应理解, 这里所述的动态方法是针对前述 的静态方法而言的, 可以应用于图 3所示的实施例中, 也可以应用于图 5所示 的实施例中。 In both of the above embodiments, the way of compiling and interpreting is static. That is to say, in the compile and explain mode, no conditions are set. For the same client, the method of compiling the common configuration file obtained by the original development process into its own dedicated configuration file is time-independent. It is also possible to set the way of compiling and interpreting to be dynamic. The so-called dynamic means: You can set a condition to perform different compilation and interpretation operations under different conditions. For example, customer C's customer identification information 3⁄4 "110000001100110011011000" , the decoding method represented by the customer identification information is as follows: In the previous 1000 Byte configuration data, the first two digits of the configuration data are inverted, and the last two bits in the next 1000 Byte configuration data are exchanged. Then repeat the above process. The logic implementation of the decoding circuit is shown in the dashed box of Figure 7. A configuration information store (e.g., ROM) 71 that stores FPGA configuration data is coupled to modules 72 and 73, respectively, wherein module 72 can implement the inversion of the first two bits of the configuration data, and module 73 can effect the exchange of the last two bits of the configuration data. Modules 72 and 73 are coupled to a selector 74. The selector 74 has a selection terminal Sel that receives a control signal and an output terminal that is connected to the FPGA 75. The selector 74 selects a signal on one of the input ports as an output according to different control signals. In this example, the control signal refers to whether the condition that the 1000OO configuration data is full is satisfied. Of course, the corresponding dynamic method is also used in the process of compiling and obtaining the dedicated configuration information. It should be understood that the dynamic method described herein is for the foregoing static method, and can be applied to the embodiment shown in FIG. 3, and can also be applied to the embodiment shown in FIG. 5.
应理解, 对于图 3实施例的步骤 S31以及图 5所示实施例的步骤 S51, 还 可以采用另一种方式来实现。制造商在可编程逻辑器件出厂前就根据客户信息 在客户标识区中预先写入客户对应的客户标识信息, 该客户标识区采用一次可 编程只读存储器 (OTP ROM) 实现。 也就是说, 可编程逻辑器件一旦出厂, 其 内部的客户标识区就无法擦写。  It should be understood that the step S31 of the embodiment of FIG. 3 and the step S51 of the embodiment shown in FIG. 5 can also be implemented in another manner. The manufacturer pre-writes the customer's corresponding customer identification information in the customer identification area according to the customer information before the programmable logic device leaves the factory. The customer identification area is implemented by one programmable read only memory (OTP ROM). That is to say, once the programmable logic device is shipped, its internal customer identification area cannot be erased.
为了进一步增大破解难度,前述的本发明实施方法还可以在以下三点作进 一步强化。第一点: 可以将编译码电路和可编程逻辑器件本身的电路混和设计 在一起, 这样使得破解者难于得到编译码电路, 从而无法得知客户专用的编译 解释方式。 第二点: 编译码电路应具备一定的复杂度, 令破解者难以猜测编译 码电路的功能。 比如, 先将来自客户标识区的二进制信息做重新排序及一些数 学运算后, 然后根据运算结果对获得的配置信息做重新排序及部分取反, 得到 的结果输出给可编程逻辑器件。 举例来说, 如果破解者读出客户标识信息为 " 110011001100110011001101 "的二进制串, 容易联想到该编译转换方式是对 配置信息的末两位互换。如果对客户标识信息也进行转换处理, 将这个二进制 串的各个位进行重新排序或者作一些逻辑运算, 变成一个新的二进制串, 再根 据该结果对配置信息进行处理。破解者即使读取了客户标识信息二进制串, 也 无法从中容易地获得客户专用的转换方式的信息。第三点: 由客户标识配置号 到客户标识信息的处理功能应具备一定的复杂度。 客户标识配置号可以长一 些, 并加入校验码。 向可编程逻辑器件输入的客户标识配置号要经校验通过后 再进行重新排序及一些逻辑运算后再输出给客户标识区。 In order to further increase the difficulty of cracking, the foregoing implementation method of the present invention can be further strengthened in the following three points. The first point: The code of the codec circuit and the circuit of the programmable logic device itself can be mixed together, which makes it difficult for the cracker to obtain the codec circuit, so that the client-specific compiler interpretation mode cannot be known. The second point: The codec circuit should have a certain complexity, which makes it difficult for the cracker to guess the function of the codec circuit. For example, the binary information from the customer identification area is first reordered and some mathematical operations are performed, and then the obtained configuration information is reordered and partially inverted according to the operation result, and the obtained result is output to the programmable logic device. For example, if the cracker reads the binary string of the customer identification information "110011001100110011001101", it is easy to associate with the compiler conversion mode as the last two digits of the configuration information. If the customer identification information is also converted, the bits of the binary string are reordered or logically converted into a new binary string, and the configuration information is processed according to the result. Even if the cracker reads the binary string of the customer identification information, the user cannot easily obtain the information of the client-specific conversion method. The third point: The processing function from the customer identification configuration number to the customer identification information should have a certain complexity. The customer ID configuration number can be longer and a checksum is added. The customer identification configuration number entered into the programmable logic device is verified Then re-sort and some logic operations are then output to the customer identification area.
应理解,本发明的重点在于通过将可编程逻辑器件的配置信息以客户专用 的编译方式进行编译, 使得破解者即使获得这些配置信息也无法快速仿制。 上 述提到的具体客户标识、 具体的编译解释方式、 编译码电路的具体实现等仅作 为示例, 并不用来限制本发明。  It should be understood that the focus of the present invention is on compiling the configuration information of the programmable logic device in a client-specific compilation manner so that the cracker cannot quickly copy it even if the configuration information is obtained. The specific customer identification, the specific compilation and interpretation mode, the specific implementation of the codec circuit, and the like mentioned above are only examples, and are not intended to limit the present invention.
上述实施例是提供给本领域普通技术人员来实现或使用本发明的,本领域 普通技术人员可在不脱离本发明的发明思想的情况下, 对上述实施例做出种种 修改或变化, 因而本发明的保护范围并不被上述实施例所限, 而应该是符合权 利要求书提到的创新性特征的最大范围。  The above embodiments are provided to enable a person skilled in the art to implement or use the present invention, and those skilled in the art can make various modifications or changes to the above embodiments without departing from the inventive concept. The scope of protection of the invention is not limited by the embodiments described above, but should be the maximum range of the innovative features mentioned in the claims.

Claims

权 利 要 求 1 一种对可编程逻辑器件的配置信息的保护方法, 用于在所述可编程逻辑器 件脱离制造商和客户控制的情况下保护客户基于所述可编程逻辑器件开发的 电路设计信息, 其特征在于, 所述保护方法包括: Claims 1 to a method of protecting configuration information of a programmable logic device for protecting circuit design information developed by a customer based on the programmable logic device while the programmable logic device is out of manufacturer and customer control, The method of protection includes:
( 1 ) 在所述可编程逻辑器件中增设客户标识区,所述客户标识区中存储对应 不同客户的客户标识信息, 并通过技术手段确保任何客户无法在客户标识区中 写入其他客户的客户标识信息;  (1) adding a customer identification area in the programmable logic device, wherein the customer identification area stores customer identification information corresponding to different customers, and technically ensures that any customer cannot write other customer's customers in the customer identification area. Identification information;
( 2 ) 所述客户标识信息确定一种与之一一对应的由原始电路设计到配置信 息的编译方法;  (2) the customer identification information determines a compilation method from the original circuit design to the configuration information corresponding to one-to-one;
( 3 ) 对所述可编程逻辑器件进行配置时,可编程逻辑器件会先根据客户标识 信息对输入的配置信息作相应的解释后再用于配置自身,且所述解释方法与步 骤 (2 ) 中的编译方法匹配。  (3) When configuring the programmable logic device, the programmable logic device first configures the input configuration information according to the customer identification information, and then configures itself, and the interpretation method and the step (2) The compilation method in the match.
2 根据权利要求 1所述的对可编程逻辑器件的配置信息的保护方法, 其特征 在于, 步骤 (1 ) 中, 所述技术手段是指所述客户标识区采用一次可编程只读 存储器实现, 由制造商在所述客户标识区预设客户对应的客户标识信息。 The method for protecting configuration information of a programmable logic device according to claim 1, wherein in the step (1), the technical means that the customer identification area is implemented by a one-time programmable read only memory. The customer identification information corresponding to the customer is preset by the manufacturer in the customer identification area.
3 根据权利要求 1所述的对可编程逻辑器件的配置信息的保护方法, 其特征 在于, 步骤 (1 ) 中, 所述技术手段是指, 首先由制造商提供给客户对应的客 户标识配置号, 再由客户自行向可编程逻辑器件输入该客户标识配置号, 所述 客户标识配置号经可编程逻辑器件处理后生成客户标识信息并存入所述客户 标识区。 The method for protecting configuration information of a programmable logic device according to claim 1, wherein in the step (1), the technical means refers to a customer identification configuration number first provided by the manufacturer to the customer. The customer identification configuration number is input by the customer to the programmable logic device, and the customer identification configuration number is processed by the programmable logic device to generate customer identification information and stored in the customer identification area.
4 根据权利要求 3所述的对可编程逻辑器件的配置信息的保护方法, 其特征 在于, 所述处理功能包括具备一定复杂度的校验、 运算、 或者校验与运算的组 合以增加破解的难度, 而实现该处理功能的主体可以是在可编程逻辑器件中新 增的一块硬件电路, 或者若所述可编程逻辑器件有嵌入式微处理器, 也可由该 处理器执行一段内嵌的程序来完成该处理功能。 The method for protecting configuration information of a programmable logic device according to claim 3, wherein the processing function comprises a combination of a certain complexity of verification, operation, or checksum operation to increase cracking. Difficulty, and the main body that implements the processing function may be a new hardware circuit added to the programmable logic device, or if the programmable logic device has an embedded microprocessor, the processor may execute an embedded program. Complete this processing function.
5 根据权利要求 1所述的对可编程逻辑器件的配置信息的保护方法, 其特征 在于, 步骤 (3 ) 中, 所述解释方法包括具备一定复杂度的校验、 运算、 或者 校验与运算的组合以增加破解的难度,而实现该解释功能的主体可以是在可编 程逻辑器件中新增的一块硬件电路, 或者若所述可编程逻辑器件有嵌入式微处 理器, 也可由该处理器执行一段内嵌的程序来完成该解释功能。 5 . The method for protecting configuration information of a programmable logic device according to claim 1 , wherein In the step (3), the interpretation method includes a combination of a certain complexity of verification, operation, or checksum operation to increase the difficulty of cracking, and the main body that implements the interpretation function may be a programmable logic device. A new piece of hardware circuitry is added, or if the programmable logic device has an embedded microprocessor, the processor can also execute an embedded program to perform the interpretation function.
6 根据权利要求 1所述的对可编程逻辑器件的配置信息的保护方法, 其特征 在于, 步骤 (3 ) 中, 实现所述解释方法的硬件电路或内嵌程序对不同客户来 说是一致的,但所述硬件电路或内嵌程序会根据不同客户标识信息对输入的配 置信息作出不同的解释。 The method for protecting configuration information of a programmable logic device according to claim 1, wherein in step (3), the hardware circuit or the embedded program implementing the interpretation method is consistent for different customers. However, the hardware circuit or the embedded program may differently interpret the input configuration information according to different customer identification information.
7 根据权利要求 1所述的对可编程逻辑器件的配置信息的保护方法, 其特征 在于, 所述编译方法和解释方法是静态的, 编译和解释的行为不随时间的变化 而变化。 The method of protecting configuration information of a programmable logic device according to claim 1, wherein the compiling method and the interpreting method are static, and the behavior of compiling and interpreting does not change with time.
8 根据权利要求 1所述的对可编程逻辑器件的配置信息的保护方法, 其特征 在于, 所述编译方法和解释方法是动态的, 编译和解释的行为在不同的条件下 是不同的。 The method for protecting configuration information of a programmable logic device according to claim 1, wherein the compiling method and the interpreting method are dynamic, and the compiling and interpreting behaviors are different under different conditions.
PCT/CN2006/001630 2006-07-10 2006-07-10 Method for protecting configuration information on programmable logic device WO2008009168A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2006/001630 WO2008009168A1 (en) 2006-07-10 2006-07-10 Method for protecting configuration information on programmable logic device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2006/001630 WO2008009168A1 (en) 2006-07-10 2006-07-10 Method for protecting configuration information on programmable logic device

Publications (1)

Publication Number Publication Date
WO2008009168A1 true WO2008009168A1 (en) 2008-01-24

Family

ID=38956513

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2006/001630 WO2008009168A1 (en) 2006-07-10 2006-07-10 Method for protecting configuration information on programmable logic device

Country Status (1)

Country Link
WO (1) WO2008009168A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010032318A1 (en) * 1999-12-03 2001-10-18 Yip Kun Wah Apparatus and method for protecting configuration data in a programmable device
JP2003167754A (en) * 2001-11-30 2003-06-13 Fujitsu Ltd Fpga configuration service system and fpga configuration service method
CN1574734A (en) * 2003-06-11 2005-02-02 惠普开发有限公司 Content encryption using programmable hardware

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010032318A1 (en) * 1999-12-03 2001-10-18 Yip Kun Wah Apparatus and method for protecting configuration data in a programmable device
JP2003167754A (en) * 2001-11-30 2003-06-13 Fujitsu Ltd Fpga configuration service system and fpga configuration service method
CN1574734A (en) * 2003-06-11 2005-02-02 惠普开发有限公司 Content encryption using programmable hardware

Similar Documents

Publication Publication Date Title
US9054859B1 (en) FPGA configuration bitstream encryption using modified key
US7600166B1 (en) Method and system for providing trusted access to a JTAG scan interface in a microprocessor
WO2020037612A1 (en) Embedded program secure boot method, apparatus and device, and storage medium
KR100666328B1 (en) Security apparatus using on-chip memory, and the security method using the same
US7127616B2 (en) Semiconductor integrated circuits, data transfer systems, and the method for data transfer
JP6695805B2 (en) Integrated circuit in which components are activated based on essential features
JP6431022B2 (en) Data encoding method and encoding method
TWI747007B (en) Configurable security memory region
US7613931B2 (en) Copy protection method and system for programmable gate array
US11119769B2 (en) Enhanced protection of processors from a buffer overflow attack
EP1153480A2 (en) Method and apparatus for protecting proprietary configuration data for programmable logic devices
JP2004519111A (en) Field programmable gate array with program encryption
US10374609B1 (en) Integrated circuit applications using partial reconfiguration
US20090193261A1 (en) Apparatus and method for authenticating a flash program
CN106850503A (en) One kind is exempted to log in identity identifying method and device
JP2003091459A (en) System and method for applying security to code and data in semiconductor device
CN113079001A (en) Key updating method, information processing apparatus, and key updating device
TWI775033B (en) Security memory scheme
CN110610077B (en) Encryption and decryption method based on chip
WO2008009168A1 (en) Method for protecting configuration information on programmable logic device
CN100446023C (en) Method for protecting program information of program actuator
WO2007121616A1 (en) A method for protecting the program information of a program processor
TW526496B (en) Non-volatile memory in which encryption of commands can be performed
JP4042940B2 (en) Microcontroller with on-chip programming function
TW200832424A (en) Security structure and method for non-volatile memory

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 06753131

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: RU

122 Ep: pct application non-entry in european phase

Ref document number: 06753131

Country of ref document: EP

Kind code of ref document: A1