[go: up one dir, main page]

GB2260431A - Data security for programmable logic devices - Google Patents

Data security for programmable logic devices Download PDF

Info

Publication number
GB2260431A
GB2260431A GB9220584A GB9220584A GB2260431A GB 2260431 A GB2260431 A GB 2260431A GB 9220584 A GB9220584 A GB 9220584A GB 9220584 A GB9220584 A GB 9220584A GB 2260431 A GB2260431 A GB 2260431A
Authority
GB
United Kingdom
Prior art keywords
data
security arrangement
input
data security
shift register
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB9220584A
Other versions
GB9220584D0 (en
GB2260431B (en
Inventor
Kenneth Austin
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Pilkington Micro Electronics Ltd
Original Assignee
Pilkington Micro Electronics Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from GB919121591A external-priority patent/GB9121591D0/en
Application filed by Pilkington Micro Electronics Ltd filed Critical Pilkington Micro Electronics Ltd
Priority to GB9220584A priority Critical patent/GB2260431B/en
Publication of GB9220584D0 publication Critical patent/GB9220584D0/en
Publication of GB2260431A publication Critical patent/GB2260431A/en
Application granted granted Critical
Publication of GB2260431B publication Critical patent/GB2260431B/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C16/00Erasable programmable read-only memories
    • G11C16/02Erasable programmable read-only memories electrically programmable
    • G11C16/06Auxiliary circuits, e.g. for writing into memory
    • G11C16/22Safety or protection circuits preventing unauthorised or accidental access to memory cells
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C7/00Arrangements for writing information into, or reading information out from, a digital store
    • G11C7/24Memory cell safety or protection circuits, e.g. arrangements for preventing inadvertent reading or writing; Status cells; Test cells

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

A data security arrangement in semiconductor programmable logic devices (PLD) protects configuration data, which is vulnerable to illegal duplication. The configuration data is held in a read only memory in a coded format, and a data decoding means is provided in the PLD to decode the coded configuration data. The coding and decoding means each incorporate maximal length shift registers (12, 25) which generate a pseudo-random sequence of bits. A key value is input to the shift register (12) in the coding means forcing it to start at a particular point in the sequence. The decoding means in the PLD has a corresponding key value held in a non-volatile memory (28) in the PLD. <IMAGE>

Description

DATA SECURITY ARRANGEMENTS FOR SEMICONDUCTOR PROGRAMMABLE LOGIC DEVICES The present invention relates to data security arrangements for semiconductor programmable logic devices.
The invention finds particular utility in semiconductor programmable logic devices (PLDs) of the type including an associated storage means e.g. a static random access memory (SRAM) in which circuit configuration data, necessary for the device to operate, is retained.
It is well known that prior to a PLD being loaded with appropriate circuit configuration data, such data is normally held in an external storage medium e.g. an erasable programmable read only memory (EPROM). A disadvantage of the present circuit configuration data loading arrangements to the PLD is that a copy can be readily taken and as a consequence valuable and sensitive circuit information can be easily and illegally duplicated. It is extremely desirable, therefore, to protect circuit information from being copied.
An aim of this invention is to overcome this disadvantage by the provision of a data security arrangement for loading configuration data which prevents illegal duplication of such circuit information.
According to the present invention, there is provided a data security arrangement for a semiconductor programmable logic device comprising data coding means, first storage means, and incorporated within the programmable logic device, data decoding means together with associated second storage means, wherein the data coding means codes originating operating data, and the first storage means stores the coded originating operating data and wherein the data decoding means decodes the coded originating operating data read from the first storage means into the originating operating data form prior to loading to the associated second storage means.
Preferably the data coding means and the data decoding means each include a pseudo-random sequence generator constituted by a 31-bit maximal length shift register having a preload input and a DATA input, the shift register generating a pseudo-random sequence equivalent to 2,147,483,647 bits in overall length.
Preferably bit 28 and bit 31 outputs of the maximal length shift register are input to an EXCLUSIVE-OR logic function whose output is connected to the DATA input of the maximal length shift register.
The maximal length shift register is preferably forced to start the pseudo-random sequence at a particular point in the sequence by the application of a predetermined sequence start code constituted by a 31-bit "key value" to the preload input.
The application of the sequence start code to the maximal length shift register in the data coding means may be input from a keyboard or from a secure file, whereas the application of the sequence start code to the maximal shift register in the data decoding means is preferably input from a non-volatile memory within the programmable logic device.
The data employed to enable the programmable logic device to operate is preferably circuit configuration data and it is arranged in the data coding means for the circuit configuration data and the pseudo-random sequence to be input to an EXCLUSIVE-OR logic function to provide an output of coded circuit configuration data.
Preferably in the data decoding means the pseudo-random sequence and the coded circuit configuration data are input to an EXCLUSIVE-OR logic function to provide an output of decoded circuit configuration data.
The first storage means may be constituted by a read only memory, whereas the associated second storage means is constituted by static random access memories.
The invention will be more readily understood from the following description of an exemplary embodiment which should be read in conjunction with the accompanying drawing.
The drawing illustrates a block schematic circuit diagram of the data security arrangements in accordance with this invention.
Referring to the drawing, a programmable logic device 11 is represented by the block designated PLD. To facilitate security of data loaded to the PLD, a data coding means is provided to code circuit configuration data, termed originating operating data, which is to be loaded to the PLD, and similarly a corresponding data decoding means is provided in the PLD to decode the coded circuit configuration data in the PLD.
Referring to the data coding means in more detail, a particular form of shift register 12 is provided which generates a maximal length pseudo-random output string. This type of shift register is known as a "maximal length shift register" and in the present application the overall length of the pseudo-random sequence is arranged to be equivalent to 2,147,483,647 bits (see CMOS COOK BOOK by Don Lancaster pages 318-323, published by Howard W Sams Corp 1980).
This is achieved by feeding back to a DATA input 13 of the register, particular outputs 14 and 15 of the register in a particular manner. In this instance both outputs 14, 15 which provide bits B28 and B31 are input to an EXCLUSIVE-OR gate 16 and the output of this gate is input to the DATA input 13. Providing the register 12 is continuously driven by a clock input signal 17, the generated pseudo-random sequence is continuously repeated.
In the data coding means the register 12 is preloaded (in parallel form) with a predetermined one of different "key values", each of 31 bits, typically input to a preload input 18 by way of a keyboard 19 or alternatively from a secure file. The "key value" which may be termed a sequence start code, forces the shift register 12 to start the pseudo-random sequence at a particular point in the sequence and thereby recreate an identical sequence at any time as required.
The pseudo-random sequence output from the EXCLUSIVE-OR gate 16 is input at 21 to a further EXCLUSIVE-OR gate 20.
Circuit configuration data CDI (generated from circuit configuration layout software) which is to be coded is input at 22 to the gate 20. The output 23 from the EXCLUSIVE-OR gate 20 generates coded circuit configuration data CDOC.
The coded circuit configuration data CDOC is output from gate 20 to a first storage means 24, typically, a read only memory, where it is held until required by the programmable logic device 11. The circuit configuration data now stored in the first storage medium 24 is coded and secure, and if copied in this form would not yield any useful circuit information to the data copier.
To make use of the circuit configuration data in the programmable logic device 11 when it is read from the first storage medium 24, the data needs to be reproduced in its original form and this is achieved by data decoding means.
The data decoding means is required to regenerate the same pseudo-random sequence of bits as was employed in the data coding means. Accordingly, the programmable logic device 11 incorporates a 31-bit maximal length shift register 25 of the same form as the register 12 employed in the data coding means.
For decoding to be accurate and effective the shift register 25 must commence its pseudo-random sequence at the corresponding point at which the shift register 12 commenced its sequence. Accordingly the identical predetermined 31-bit "key-value" or sequence start code which was used to start register 12 must be applied, in parallel form, to a preload input 26 of the register 25 to force it to start its sequence at the same point in the sequence as register 12, and thereby genrate an identical paseudo-random sequence.
The required 31-bit "key value" is input at 27 and stored in a form of non-volatile memory on the PLD 11, for example, an EPROM 28 or fusible links.
The shift register 25 operates in a manner similar to shift register 12, the output bits B28 and B31 being input to an EXCLUSIVE-OR gate 29 whose output is fed to the DATA input 30 of the register. The register 25 is driven by the clock signal CLK input at 32.
The pseudo-random sequence output from EXCLUSIVE-OR gate 29 forms an input 33 to a further EXCLUSIVE-OR gate 34 and coded circuit configuration data CDIC which is output from the first storage means 24 on line 35 forms a second input 36 to the gate 34.
The EXCLUSIVE-OR function of the gate 34 upon its two signal-inputs produces an output 37, in serial form, of the originating operating data (the circuit configuration data).
This originating operating data is now available for use within the programmable logic device PLD, for instance, loading into associated second storage means in the form of static random access memories SRAM 38.

Claims (13)

CLAIMS:
1. A data security arrangement for a semiconductor programmable logic device characterised by the data security arrangement comprising data coding means, first storage means, and incorporated within the programmable logic device, data decoding means together with associated second storage means, wherein the data coding means codes originating operating data, and the first storage means stores the coded originating operating data and wherein the data decoding means decodes the coded originating operating data read from the first storage means into the originating operating data from prior to loading to the associated second storage means.
2. A data security arrangement as claimed in claim 1, wherein the data coding means and the data decoding means each include a pseudo-random sequence generator.
3. A data security arrangement as claimed in claim 2, wherein the pseudo-random sequence generator is constituted by a 31-bit maximal length shift register which generates a pseudo-random sequence equivalent to bits in overall length.
4. A data security arrangement as claimed in claim 3, wherein the maximal length shift register has a preload input and a DATA input.
5. A data security arrangement as claimed in claim 4, wherein bit and bit outputs of the maximal length shift register are input to an EXCLUSIVE-OR logic function whose output is connected to the DATA input of the maximal length shift register.
6. A data security arrangement as claimed in claim 4 or claim 5, wherein the maximal length shift register is forced to start the pseudo-random sequence at a particular point in the sequence by the application of a predetermined sequence start code constituted by a 31-bit "key-value" to the preload input.
7. A data security arrangement as claimed in claim 6, wherein the application of the sequence start code to the maximal length shift register in the data coding means is input from a keyboard or from a secure file.
8. A data security arrangement as claimed in claim 6 or claim 7, wherein the application of the sequence start code to the maximal shift register in the data decoding means is input from a non-volatile memory within the programmable logic device.
9. A data security arrangement as claimed in any one claim from claim 3 to claim 8, wherein the originating operating data is circuit configuration data and wherein in the data coding means the circuit configuration data and the pseudo-random sequence are input to an EXCLUSIVE-OR logic function which outputs coded circuit configuration data.
10. A data security arrangement as claimed in claim 9, wherein the pseudo-random sequence and the coded circuit configuration data are input to an EXCLUSIVE-OR logic function in the data decoding means to provide an output of decoded circuit configuration data.
11. A data security arrangement as claimed in any one preceding claim, wherein the first storage means is constituted by a read only memory.
12. A data security arrangement as claimed in claim 11, wherein the associated second storage means is constituted by static random access memories.
13. A data security arrangement substantially as described herein, with reference to, and as shown, in the accompanying drawing.
GB9220584A 1991-10-11 1992-09-30 Data security arrangements for semiconductor programmable logic devices Expired - Fee Related GB2260431B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB9220584A GB2260431B (en) 1991-10-11 1992-09-30 Data security arrangements for semiconductor programmable logic devices

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB919121591A GB9121591D0 (en) 1991-10-11 1991-10-11 Data security arrangement for semiconductor programmable logic devices
GB9220584A GB2260431B (en) 1991-10-11 1992-09-30 Data security arrangements for semiconductor programmable logic devices

Publications (3)

Publication Number Publication Date
GB9220584D0 GB9220584D0 (en) 1992-11-11
GB2260431A true GB2260431A (en) 1993-04-14
GB2260431B GB2260431B (en) 1995-06-14

Family

ID=26299678

Family Applications (1)

Application Number Title Priority Date Filing Date
GB9220584A Expired - Fee Related GB2260431B (en) 1991-10-11 1992-09-30 Data security arrangements for semiconductor programmable logic devices

Country Status (1)

Country Link
GB (1) GB2260431B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8051303B2 (en) * 2002-06-10 2011-11-01 Hewlett-Packard Development Company, L.P. Secure read and write access to configuration registers in computer devices

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0114522A2 (en) * 1982-12-27 1984-08-01 Synertek Inc. ROM protection device
EP0162707A2 (en) * 1984-05-22 1985-11-27 American Microsystems, Incorporated ROM protection scheme
US5007082A (en) * 1988-08-03 1991-04-09 Kelly Services, Inc. Computer software encryption apparatus

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0114522A2 (en) * 1982-12-27 1984-08-01 Synertek Inc. ROM protection device
EP0162707A2 (en) * 1984-05-22 1985-11-27 American Microsystems, Incorporated ROM protection scheme
US5007082A (en) * 1988-08-03 1991-04-09 Kelly Services, Inc. Computer software encryption apparatus

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8051303B2 (en) * 2002-06-10 2011-11-01 Hewlett-Packard Development Company, L.P. Secure read and write access to configuration registers in computer devices

Also Published As

Publication number Publication date
GB9220584D0 (en) 1992-11-11
GB2260431B (en) 1995-06-14

Similar Documents

Publication Publication Date Title
CA2080299C (en) Data security arrangement for semiconductor programmable logic devices
US4593353A (en) Software protection method and apparatus
US5915017A (en) Method and apparatus for securing programming data of programmable logic device
US5343525A (en) Hard disk data security device
US4573119A (en) Computer software protection system
US6160734A (en) Method for ensuring security of program data in one-time programmable memory
US4319079A (en) Crypto microprocessor using block cipher
EP0614147A2 (en) Software data protection mechanism
KR20070118589A (en) Method and system for microprocessor data security
JPH01296361A (en) Memory card
US4698617A (en) ROM Protection scheme
KR920003166A (en) Security circuit
CN101116081A (en) Method and system for microprocessor data security
KR960004734B1 (en) Information protection method and information memory media
KR100657240B1 (en) Random data generator
KR920018775A (en) Parity check circuit
GB2260431A (en) Data security for programmable logic devices
US5729725A (en) Mask data generator and bit field operation circuit
JPH03204053A (en) Read-only memory
JPS5986348A (en) Integrated circuit element for holding secret of data code
EP0171456A1 (en) Computer software protection system
US5687354A (en) Memory system and method for protecting the contents of a ROM type memory
JPH07219852A (en) Semiconductor memory device
JP2000181802A (en) Semiconductor storage device
GB2129586A (en) Improvements in or relating to memory systems

Legal Events

Date Code Title Description
PCNP Patent ceased through non-payment of renewal fee

Effective date: 20010930