In order to ensure that an FPGA-enabled system is adequately secure, there are a number of security-related components that must be considered when designing a system. Just like the links of a chain, each of these components is important - the failure of any of them will break the "security chain" and will leave a system vulnerable and open to attacks.
Xilinx has made significant investments in the area of FPGA security. It is important to note that security does not end at the FPGA device; it must always be a part of an overall system-level security solution. In general, for an overall secure system solution the following areas of concern must be addressed:
The FPGA designer must have the ability protect the intellectual property (IP) and sensitive data that might exist in an FPGA-enabled system from physical attacks. This protection (in the form of tamper resistance) needs to be effective before, during, and after the FPGA has been configured by a bitstream.
The ability to control system failure modes through fault-tolerant design requires an implementation methodology that ensures fault propagation can be controlled. Single-chip fault tolerance by various techniques including modular redundancy, watchdog alarms, segregation by safety level / classification, and isolation of test logic for safe removal must be provided. Please refer to the Isolation Design Flow site, for additional details on Xilinx's fault tolerant design methodology.
Xilinx Secure Solutions were designed to support the worldwide concern about the safety and security of a system and IP. Our solutions can easily be applied to various defense and commercial applications:
Wherever a system is deployed, Xilinx Secure Solutions can be used as part of an overall system solution to aid not only in the protection of valuable IP and / or data but also in meeting critical safety needs.
Please refer to the Design Security Solutions site, for additional details on Xilinx's Secure Solutions.