Design News is part of the Informa Markets Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Secure Your Hardware or Pay the Price

Secure Your Hardware or Pay the Price

Hackers are coming after your hardware. You might think they only want your credit card or banking information, but they are also interested in stealing your designs, particularly those that are microcontroller- and FPGA-based.

If you stop and think about it, your design is probably much more valuable than what a hacker could get by stealing your credit card. How many months or years have you and your team invested in your design? And how about that nifty algorithm that your competition knows nothing about? That would probably be valuable to the right person. If you think it is difficult to reverse engineer your design because it is in hardware and hard to duplicate, think again.

MCUs and FPGAs all use memory as configuration and code storage. It's fairly easy to just read out the memory from your MCU or to copy the configuration flash memory that your FPGA uses. With this information someone can easily copy your design. It doesn't stop there, however. There are tools that convert the raw bits from these memories into human readable code like C++ or Verilog. It might take a few hours to figure out your precious algorithm from there, but that's a very small fraction of the time that it took you and your team to create it.

Even if the key algorithm isn't reverse engineered, a hacker could use the memory dump and the board layout to quickly copy your complete design. Even more worrisome: If you use a contract manufacturer, what's keeping it from just taking all of the information you provided and making some copies to sell on the black market. You might not even know this until familiar systems show up at big discounts. Want to get the company lawyers involved? Perhaps, but the damage to your organization, in sales, market share, and reputation, has been done.

So what are you going to do? Luckily, MCU and FPGA manufacturers are adding security features to their devices to make it easier for you to protect your designs. And, by the way, these features often make it easier to protect data that might flow through your design, like credit card or banking information, if your hardware is part of a communications system used for transaction processing.

Some features are pretty simple to understand. For example, most MCUs allow you to make sections of the program code that is stored unavailable for reading out, even during debugging and testing. You can also disable any JTAG testing or probe features so the code can't be accessed via a "back door." This protects your code once it is in the field, but how can you protect the code when it is being programmed by the contract manufacturer?

The MCU and FPGAs folks have a solution for protecting your code even during programming in an unsecured facility. They can use on-chip cryptographic functions to decode encrypted versions of the programming information prior to loading it into on-chip memory. They use a secret key stored on-chip that only you, the developer, has access to (and even that access can be protected). Special hardware for executing cryptographic functions and for generating random numbers keep all the secure algorithms located on-chip and away from probes and hardware "sniffers." This security hardware protects your design so that even if a contract manufacturer took your encrypted code, they couldn't reverse engineer or copy it.

Using these types of features, you can begin to protect your design.

Warren Miller has more than 30 years of experience in electronics and has held a variety of positions in engineering, applications, strategic marketing, and product planning with large electronics companies like Advanced Micro Devices, Actel, and Avnet, as well as with a variety of smaller startups. He has in-depth experience of programmable devices (PLDs, FPGAs, MCUs, and ASICs) in industrial, networking, and consumer applications and holds several device patents.

Like reading Design News? Then have our content delivered to your inbox every day by registering with DesignNews.com and signing up for Design News Daily plus our other e-newsletters. Register here!

Image Map

Design News will be in Orlando in November! Design & Manufacturing South will be in Orlando Nov. 18-19. Get up close with the latest design and manufacturing technologies, meet qualified suppliers for your applications, and expand your network. Learn from experts at educational conferences and specialty events. Register today for our premier industry showcase in Orlando.
Hide comments
account-default-image

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish