Design Security

Protecting the designs and valuable intellectual property (IP) implemented inside FPGAs becomes more important the more you use FPGAs for core system functions. Altera's Stratix® series and Arria® II GX FPGAs provide both volatile and non-volatile design security to protect your designs against copying, reverse engineering, and tampering, while Altera's Cyclone® III LS FPGA variant supports volatile design security.

Table 1. Design Security Comparison by FPGA Family

FPGA Family (1) Non-Volatile
Design Security
Volatile
Design Security
Key Length
(Bits)
Arria IIYesYes256
Cyclone III LS NoYes256
Stratix VYesYes256
Stratix IVYesYes256
Stratix IIIYesYes256
Stratix II and Stratix II GXYesNo128

Note:

  1. Select the family name for complete details about a specific family's design security features.

Secure Configuration Flow

SRAM-based FPGAs are volatile and require a configuration bitstream sent from a flash memory or configuration device to the FPGA at power-up. To prevent the configuration bitstream from being intercepted during transmission and to provide design security, Altera's FPGAs use the advanced encryption standard (AES) and a 128-bit or 256-bit key for configuration bitstream encryption. The secure configuration flow is carried out in three steps:

  1. The user-defined AES key is programmed into the volatile or non-volatile key storage.
  2. Quartus® II design software uses the same AES key to generate an encrypted configuration file, which is then stored in an external flash memory or configuration device.
  3. At power-up, the flash memory or configuration device sends the encrypted configuration file to the Altera® FPGA, which then uses the stored AES key to decrypt the file and configure itself.

AES is a Federal Information Processing Standard (FIPS) and has been approved to be used by United States government organizations to protect sensitive, unclassified information. It is also widely adopted both commercially and globally. The AES implementation provided by Altera has been validated as conforming to the FIPS-197 (PDF) standard.

To provide you with more choices, Stratix series and Arria series FPGAs offer both volatile and non-volatile encryption key storage. Cyclone III LS FPGAs offer only volatile encryption key storage, and are targeted to high-volume applications with stringent power consumption limits. The volatile encryption key storage provides more flexibility, while the non-volatile encryption key storage saves board space. Table 2 shows a comparison of volatile and non-volatile key storage.

Table 2. Volatile and Non-Volatile Key Comparison

Feature Volatile Key Non-Volatile Key
Key ProgrammabilityReprogrammable and erasable keyOne-time programmable key
External BatteryRequiredNot required
Key Programming MethodOn boardBoth on board and off-board
Design ProtectionSecure against copying
and reverse engineering
Secure against copying,
reverse engineering, and tampering

Applications of the Design Security Feature

Products containing valuable IP functions or sensitive information can benefit from the design security feature. Examples include:

  • Products manufactured or sold where IP laws are not well enforced—The built-in design security feature protects your IP functions, revenue, and competitive advantage.
  • Product version control and customization—You can program different encryption keys into different FPGAs to provide product version control and customization.
  • Royalty-based business model—IP vendors can ensure royalty income for their IP when delivered in a secure Altera FPGA with an encrypted configuration file. Because the encrypted configuration file only works with the appropriate FPGAs containing the correct key, IP vendors can keep track of the number of IP usages.
  • Security functions—The design security feature provides device-level security in systems implementing security functions.
  • Gaming applications—The tamper protection capability of the design security feature helps to prevent undesired modification of gaming or gambling machines.
  • Military anti-tampering—Protect military technologies and information using a FIPS-197 conforming encryption standard.
  • Test market ASSPs —ASSP vendors can test market ASSPs and adapt the functionality in their ASSPs by delivering secure FPGAs as ASSP chips along with encrypted configuration files. Because the encrypted design file only works with FPGAs containing the correct key, ASSP vendors can maintain control of the IP function.