CN112347429A - Method and device for preventing FPGA program from divulging secrets, FPGA and storage medium - Google Patents
Method and device for preventing FPGA program from divulging secrets, FPGA and storage medium Download PDFInfo
- Publication number
- CN112347429A CN112347429A CN201910720264.7A CN201910720264A CN112347429A CN 112347429 A CN112347429 A CN 112347429A CN 201910720264 A CN201910720264 A CN 201910720264A CN 112347429 A CN112347429 A CN 112347429A
- Authority
- CN
- China
- Prior art keywords
- fpga
- program
- codes
- matching
- reading
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 38
- 238000013461 design Methods 0.000 description 6
- 238000004891 communication Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 238000012795 verification Methods 0.000 description 3
- 230000007547 defect Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000005094 computer simulation Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- PWPJGUXAGUPAHP-UHFFFAOYSA-N lufenuron Chemical compound C1=C(Cl)C(OC(F)(F)C(C(F)(F)F)F)=CC(Cl)=C1NC(=O)NC(=O)C1=C(F)C=CC=C1F PWPJGUXAGUPAHP-UHFFFAOYSA-N 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a method and a device for preventing a FPGA program from divulging a secret, an FPGA and a storage medium, wherein the method comprises the following steps: reading the codes of the FPGA after the FPGA is electrified; reading an FPGA code library embedded into a current running program, and matching codes of the FPGA with data of the FPGA code library of the executable program; and when the matching is inconsistent, performing global reset operation on the FPGA so that the FPGA cannot run the program. The method can avoid running on a plurality of FPGAs by copying the program, and can not run normally even if the program is stolen. The safety of the FPGA running program can be enhanced.
Description
Technical Field
The invention belongs to the technical field of field programmable gate arrays, and particularly relates to a method and a device for preventing a FPGA program from being divulged, an FPGA and a storage medium.
Background
An FPGA (Field-Programmable Gate Array), which is a product of further development based on Programmable devices such as PAL, GAL, CPLD, etc. The circuit is a semi-custom circuit in the field of Application Specific Integrated Circuits (ASIC), not only overcomes the defects of the custom circuit, but also overcomes the defect that the number of gate circuits of the original programmable device is limited.
The FPGA is often used for high-speed data processing, interface construction, and the like, and plays a great role in the field of communication security, particularly military communication. However, currently, an FPGA program is usually designed by using an HDL language, and a corresponding program can be stolen by copying HDL design engineering, bin files, and the like, which easily causes leakage of the program and causes great risk to the military communication field.
Disclosure of Invention
The embodiment of the invention provides a method and a device for preventing a FPGA program from being divulged, an FPGA and a storage medium, which are used for solving at least one of the technical problems.
In a first aspect, an embodiment of the present invention provides a method for preventing a leakage of an FPGA program, where the method includes:
reading the codes of the FPGA after the FPGA is electrified;
reading an FPGA code library embedded into a current running program, and matching codes of the FPGA with data of the FPGA code library of the executable program;
and when the matching is inconsistent, performing global reset operation on the FPGA so that the FPGA cannot run the program.
Further, the method further comprises:
and when the matching is consistent, the program is operated.
Further, the receiving the global reset operation of the FPGA includes:
the reset signal rst is pulled high.
Further, the reading the code of the FPGA includes:
and reducing the clock frequency so as to conveniently read the codes of the FPGA.
Further, the reducing the clock frequency includes:
reducing the clock frequency to 40Mhz by using a phase-locked loop;
the clock frequency is reduced to 4Mhz using a frequency divider.
Further, the program is written using the HDL language.
In a second aspect, an embodiment of the present invention further provides a device for preventing a disclosure of an FPGA program, including:
the reading module is used for reading the codes of the FPGA after the FPGA is electrified;
the matching module is used for reading an FPGA code library of a prestored executable program and matching the codes of the FPGA with the data of the FPGA code library of the executable program;
and the reset module is used for executing global reset operation on the FPGA when the matching is inconsistent so that the FPGA can not run the program.
Further, the apparatus further includes:
and the running module is used for running the program when the matching is consistent.
Further, the reset module includes:
and the pull-up unit is used for pulling up the reset signal rst.
Further, the reading module includes:
and the reducing unit is used for reducing the clock frequency so as to conveniently read the codes of the FPGA.
Further, the reducing unit includes:
a phase-locked loop reduction subunit for reducing the clock frequency to 40Mhz using a phase-locked loop;
a divider reduction subunit for reducing the clock frequency to 4Mhz using the divider.
Further, the program is written using HDL language.
In a third aspect, an embodiment of the present invention further provides an FPGA, configured to execute the method for preventing the leakage of the FPGA program provided in any of the above embodiments.
In a fourth aspect, the present invention further provides a storage medium containing executable instructions, which when executed by an FPGA, are configured to perform the method for preventing the FPGA program from being compromised as provided in the foregoing embodiments.
According to the method, the device, the FPGA and the storage medium for preventing the FPGA program from being divulged, the codes of the FPGA of the current running program are read and matched with the codes embedded into the FPGA code library of the current running program, and when the codes are not matched with each other, the FPGA is subjected to global reset operation, so that the program cannot be executed on the FPGA allowing the running program. The method can avoid running on a plurality of FPGAs by copying the program, and can not run normally even if the program is stolen. The safety of the FPGA running program can be enhanced.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required to be used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without inventive labor.
Fig. 1 is a schematic flowchart of a method for preventing a leakage of a FPGA program according to an embodiment of the present invention;
fig. 2 is a schematic diagram of a logic flow for determining in the method for preventing a leakage of a FPGA program according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an apparatus for preventing a leakage of an FPGA program according to a second embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example one
Fig. 1 is a flowchart of a method for preventing a disclosure of an FPGA program according to an embodiment of the present invention, where the method is applicable to a situation where the FPGA program is stolen for operation.
Referring to fig. 1, the method for preventing the FPGA program from being divulged includes:
and S110, reading the codes of the FPGA after the FPGA is electrified.
The FPGA is a product further developed on the basis of programmable devices such as PAL, GAL, CPLD and the like, a Logic unit array LCA (Logic Cell array) is adopted, a configuration Logic module CLB (configurable Logic block), an input/Output module IOB (input Output block) and an internal connection (interconnection) are arranged inside the FPGA, the FPGA is realized by utilizing the combinational Logic of a small lookup table, has the characteristics of repeated programming and flexible use, is one of devices with the shortest period, the lowest development cost and the smallest risk in ASIC circuit design, is widely applied to the fields of communication, image processing, radar, sonar, navigation positioning and the like, and particularly plays an important role in the military field with high customization degree.
The PGA is a main body of program operation, and after power is supplied, program operation is started. In this embodiment, reading the code of the FPGA is performed first as part of the program. The encoding of the FPGA, i.e., the Device DNA. Each FPGA has a unique ID, i.e., Device DNA. It is written to eFuse registers in the FPGA chip already at the time of production of the chip because the fusing technique used has the property of being non-modifiable. The Device DNA may be 57bit or 96 bit.
For example, reading the code of the FPGA can be implemented in the following manner:
specifically, the board card is connected with a PC through JTAG, a corresponding FPGA chip is clicked under a Flow Navigator- > PROGRAM AND DEBUG interface, Hardware Device Properties is clicked, DNA is searched in search, AND Device DNA can be found under the REGISTER.
Alternatively, the source language may be called to obtain, which essentially reads the FUSE _ DNA register in the FUSE register table, and also contains a shift register, and the interfaces in the source language essentially operate the shift register, which is 56 or 96 bits long and device type dependent. The READ signal in the source is used to load the value of DNA into the SHIFT register, DIN is the input of the SHIFT register, DOUT is the output of the SHIFT register, SHIFT is the SHIFT enable of the SHIFT register, and CLK is the operating clock of the SHIFT register.
Illustratively, Device DNA may be read by:
accordingly, the code for reading the FPGA may include: and reducing the clock frequency so as to conveniently read the codes of the FPGA. Specifically, the method may include: reducing the clock frequency to 40Mhz by using a phase-locked loop; the clock frequency is reduced to 4Mhz using a frequency divider. Since reading Device DNA requires a certain frequency, the clock frequency needs to be reduced. Specifically, the clock frequency may be reduced to 40Mhz by using a Phase Locked Loop (PLL), but the 40Mhz frequency still does not satisfy the requirement, and therefore, the clock frequency may be reduced again by using the frequency dividing module. And reducing to 4Mhz, the codes of the corresponding FPGAs can be read. The frequency division module may be implemented in software.
And S120, reading an FPGA code library embedded into the current running program, and matching the codes of the FPGA with the data of the FPGA code library of the executable program.
In this embodiment, the currently running program may include an authentication portion and a physical program portion. The currently running program may be written in the HDL language. HDL is a language that describes digital circuits and systems in a formalized way. Language that describes the structure and behavior of digital system hardware in textual form may represent logic diagrams, logic expressions, and may also represent the logical functions performed by a digital logic system. Digital system modeling for a variety of abstract design levels, from algorithm level, gate level, to switch level. The complexity of the digital system object being modeled may be intermediate between a simple gate and a complete electronic digital system. Digital systems can be described in a hierarchical fashion and can be modeled explicitly in the same description. The method is suitable for programming the application FPGA. The verification portion needs to be executed before the actual program portion is executed. The verification part program is embedded with an FPGA code base, and codes, namely Device DNA, for executing the physical program part of the program are stored in the code base. The Device DNA obtained as described above is matched with Device DNA stored in a coding library in the program verification section.
S130, when the matching is inconsistent, performing global reset operation on the FPGA so that the FPGA can not run the program.
And when the matching is inconsistent, the FPGA of the current execution program is not the FPGA allowed by the current program. The FPGA executing the program at present is subjected to global reset operation through the currently running program, and in the FPGA design, the reset plays a role of a synchronous signal and all storage elements can be set to be in a known state. In digital circuit design, designers typically implement global reset as an external pin to initialize the design at power-up. The global reset pin is similar to any other input pin. A set/reset/preset/clear function can be implemented to disable the operation of the physical part of the program. And further avoid running on multiple FPGAs by copying programs. Specifically, the global reset can be realized by pulling up the reset signal rst, that is, by introducing a high-level signal to a corresponding external pin through a verification program.
According to the method for preventing the FPGA program from being divulged, provided by the embodiment of the invention, the codes of the FPGA of the current running program are read, the codes are matched with the codes embedded into the FPGA code library of the current running program, and when the codes are inconsistent, the FPGA is subjected to global reset operation, so that the program cannot be executed on the FPGA which allows the running program. The method can avoid running on a plurality of FPGAs by copying the program, and can not run normally even if the program is stolen. The safety of the FPGA running program can be enhanced.
In a preferred implementation of this embodiment, the method may further include the steps of: and when the matching is consistent, the program is operated. After passing the matching verification, it can be proved that the FPGA currently executing the program is a specific one or a specific batch of FPGAs allowed to run the program. Thus, the physical program portions of the program may be run to implement the corresponding program functions.
Example two
Fig. 3 is a schematic structural diagram of a device for preventing a leakage of an FPGA program according to a second embodiment of the present invention, and as shown in fig. 3, the device includes:
the reading module 210 is configured to read a code of the FPGA after the FPGA is powered on;
the matching module 220 is configured to read a pre-stored FPGA code library of the executable program, and match the code of the FPGA with data of the FPGA code library of the executable program;
and the reset module 230 is configured to perform a global reset operation on the FPGA when the matching is inconsistent, so that the FPGA cannot run the program.
The device for preventing the leakage of the FPGA program reads the codes of the FPGA of the current running program, matches the codes with the codes embedded into the FPGA code library of the current running program, and executes the global reset operation on the FPGA when the codes are not matched with each other, so that the program cannot be executed on the FPGA which allows the running program. The method can avoid running on a plurality of FPGAs by copying the program, and can not run normally even if the program is stolen. The safety of the FPGA running program can be enhanced.
On the basis of the above embodiments, the apparatus further includes:
and the running module is used for running the program when the matching is consistent.
On the basis of the foregoing embodiments, the reset module includes:
and the pull-up unit is used for pulling up the reset signal rst.
On the basis of the above embodiments, the reading module includes:
and the reducing unit is used for reducing the clock frequency so as to conveniently read the codes of the FPGA.
On the basis of the foregoing embodiments, the reducing unit includes:
a phase-locked loop reduction subunit for reducing the clock frequency to 40Mhz using a phase-locked loop;
a divider reduction subunit for reducing the clock frequency to 4Mhz using the divider.
On the basis of the above embodiments, the program is written in HDL language.
The device for preventing the leakage of the FPGA program provided by the embodiment of the invention can execute the method for preventing the leakage of the FPGA program provided by any embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method.
Those of ordinary skill in the art will understand that: all or a portion of the steps of implementing the above-described method embodiments may be performed by hardware associated with program instructions. The program may be stored in a readable storage medium in a computing device that can perform computing functions. When executed, the program performs steps comprising the method embodiments described above; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (9)
1. A method for preventing a FPGA program from being divulged is characterized by comprising the following steps:
reading the codes of the FPGA after the FPGA is electrified;
reading an FPGA code library embedded into a current running program, and matching codes of the FPGA with data of the FPGA code library of the executable program;
and when the matching is inconsistent, performing global reset operation on the FPGA so that the FPGA cannot run the program.
2. The method of claim 1, further comprising:
and when the matching is consistent, the program is operated.
3. The method of claim 1, wherein said receiving a global reset operation for the FPGA comprises:
the reset signal rst is pulled high.
4. The method of claim 1, wherein reading the code of the FPGA comprises:
and reducing the clock frequency so as to conveniently read the codes of the FPGA.
5. The method of claim 4, wherein reducing the clock frequency comprises:
reducing the clock frequency to 40Mhz by using a phase-locked loop;
the clock frequency is reduced to 4Mhz using a frequency divider.
6. The method of claim 1, wherein the program is written in HDL language.
7. An apparatus for preventing a disclosure of an FPGA program, comprising:
the reading module is used for reading the codes of the FPGA after the FPGA is electrified;
the matching module is used for reading an FPGA code library of a prestored executable program and matching the codes of the FPGA with the data of the FPGA code library of the executable program;
and the reset module is used for executing global reset operation on the FPGA when the matching is inconsistent so that the FPGA can not run the program.
8. An FPGA configured to perform the method of any one of claims 1-6 for preventing a compromise of an FPGA program.
9. A storage medium containing executable instructions for performing the method of preventing a compromise of an FPGA program as claimed in any one of claims 1 to 6 when executed by an FPGA.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910720264.7A CN112347429A (en) | 2019-08-06 | 2019-08-06 | Method and device for preventing FPGA program from divulging secrets, FPGA and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910720264.7A CN112347429A (en) | 2019-08-06 | 2019-08-06 | Method and device for preventing FPGA program from divulging secrets, FPGA and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112347429A true CN112347429A (en) | 2021-02-09 |
Family
ID=74366390
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910720264.7A Pending CN112347429A (en) | 2019-08-06 | 2019-08-06 | Method and device for preventing FPGA program from divulging secrets, FPGA and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112347429A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102479303A (en) * | 2010-11-24 | 2012-05-30 | 康佳集团股份有限公司 | Authentication method and device |
| CN102523088A (en) * | 2011-12-27 | 2012-06-27 | 成都芯通科技股份有限公司 | Methods for encrypting and protecting system by combining software and field-programmable gate array (FPGA) |
| CN103218025A (en) * | 2013-04-25 | 2013-07-24 | 北京空间机电研究所 | Modified Xilinx FPGA power-on reset circuit |
| CN103324512A (en) * | 2012-02-09 | 2013-09-25 | 阿尔特拉公司 | Method of preparing a programmable device, wiring switch and machine-readable data storage medium |
| CN104050068A (en) * | 2014-05-23 | 2014-09-17 | 北京兆易创新科技股份有限公司 | Method and device for debugging FPGA (field programmable gate array) in MCU (microprogrammed control unit) chip |
| CN109739807A (en) * | 2019-01-09 | 2019-05-10 | 郑州云海信息技术有限公司 | A kind of method, system and the equipment of FPGA model selection |
-
2019
- 2019-08-06 CN CN201910720264.7A patent/CN112347429A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102479303A (en) * | 2010-11-24 | 2012-05-30 | 康佳集团股份有限公司 | Authentication method and device |
| CN102523088A (en) * | 2011-12-27 | 2012-06-27 | 成都芯通科技股份有限公司 | Methods for encrypting and protecting system by combining software and field-programmable gate array (FPGA) |
| CN103324512A (en) * | 2012-02-09 | 2013-09-25 | 阿尔特拉公司 | Method of preparing a programmable device, wiring switch and machine-readable data storage medium |
| CN103218025A (en) * | 2013-04-25 | 2013-07-24 | 北京空间机电研究所 | Modified Xilinx FPGA power-on reset circuit |
| CN104050068A (en) * | 2014-05-23 | 2014-09-17 | 北京兆易创新科技股份有限公司 | Method and device for debugging FPGA (field programmable gate array) in MCU (microprogrammed control unit) chip |
| CN109739807A (en) * | 2019-01-09 | 2019-05-10 | 郑州云海信息技术有限公司 | A kind of method, system and the equipment of FPGA model selection |
Non-Patent Citations (1)
| Title |
|---|
| EVENING_FPGA: "关于Xilinx-FPGA的DNA的使用场景和读取方法" * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6790270B2 (en) | Blockchain-based data processing methods and devices | |
| US8418006B1 (en) | Protecting a design for an integrated circuit using a unique identifier | |
| US7345502B1 (en) | Design security for configurable devices | |
| CN104424008A (en) | System and method for secure boot ROM patch | |
| US20210150031A1 (en) | Verifying firmware binary images using a hardware design and formal assertions | |
| WO2011047062A1 (en) | Protecting electronic systems from counterfeiting and reverse-engineering | |
| US10691855B2 (en) | Device and method for detecting points of failures | |
| US20210243041A1 (en) | System and method for performing netlist obfuscation for a semiconductor device | |
| US20050283690A1 (en) | Wrapper serial scan chain functional segmentation | |
| US6557161B2 (en) | Method for prototyping asynchronous circuits using synchronous devices | |
| Kareem et al. | Xilinx FPGA-based ring oscillator PUFs: design challenges and solutions | |
| CN112347429A (en) | Method and device for preventing FPGA program from divulging secrets, FPGA and storage medium | |
| Kareem et al. | Towards performance optimization of ring oscillator PUF using Xilinx FPGA | |
| US20190034562A1 (en) | High-level synthesis device, high-level synthesis method, and computer readable medium | |
| Chakraborty et al. | Evaluating the security of delay-locked circuits | |
| US7535789B1 (en) | Circuits and methods of concatenating FIFOs | |
| CN116388748A (en) | Self-gating flip-flop for dynamic power reduction | |
| CN104951579A (en) | Circuit credibility design method based on ID and FSM combination | |
| CN110518897B (en) | Method for removing reset and set pins of D flip-flop, D flip-flop and circuit | |
| Sahoo et al. | Fault tolerant implementations of delay-based physically unclonable functions on FPGA | |
| US7085978B2 (en) | Validating test signal connections within an integrated circuit | |
| US20210342509A1 (en) | All-digital camouflage circuit | |
| Celebucki et al. | Reversing a Lattice ECP3 FPGA for bitstream protection | |
| US9268891B1 (en) | Compact and efficient circuit implementation of dynamic ranges in hardware description languages | |
| KR20070059626A (en) | A retention flip-flop reduction method using the register-transfer level modeling and simulation for mtcmos circuit |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210209 |