| 摘要 |
Methods of securing a programmable logic device (PLD) when an intrusion attempt is detected, e.g., methods of erasing sensitive data from the PLD or disabling configuration of the PLD in response to an attack. For example, when an attempt is made to configure the PLD with an unauthorized bitstream, a decryption key stored on the PLD can be erased, or decryption logic in the PLD can be otherwise disabled. The criteria for assuming that an attack is in progress can include, for example, the lack of a cyclic redundancy check (CRC) value included with a configuration bitstream, an attempt to operate the PLD outside normal operating ranges, receipt of an incorrect CRC value, or receipt of a predetermined number of bitstreams including incorrect CRC values. In some embodiments, an error correction procedure is performed on the bitstream, thereby preventing most transmission errors from being incorrectly interpreted as an attack.
|
