Recent Advances in FPGA Reverse Engineering - MDPI

electronics Review

Recent Advances in FPGA Reverse Engineering Hoyoung Yu 1 , Hansol Lee 2 , Sangil Lee 2 , Youngmin Kim 1 1 2

*

and Hyung-Min Lee 2, *

School of Computer and Information Engineering, Kwangwoon University, Seoul 01897, Korea; [email protected] (H.Y.); [email protected] (Y.K.) School of Electrical Engineering, Korea University, Seoul 02841, Korea; [email protected] (H.L.); [email protected] (S.L.) Correspondence: [email protected]; Tel.: +82-2-3290-3219

Received: 18 September 2018; Accepted: 10 October 2018; Published: 12 October 2018







Abstract: In this paper, we review recent advances in reverse engineering with an emphasis on FPGA devices and experimentally verified advantages and limitations of reverse engineering tools. The paper first introduces essential components for programming Xilinx FPGAs (Xilinx, San Jose, CA, USA), such as Xilinx Design Language (XDL), XDL Report (XDLRC), and bitstream. Then, reverse engineering tools (Debit, BIL, and Bit2ncd), which extract the bitstream from the external memory to the FPGA and utilize it to recover the netlist, are reviewed, and their limitations are discussed. This paper also covers supplementary tools (Rapidsmith) that can adjust the FPGA design flow to support reverse engineering. Finally, reverse engineering projects for non-Xilinx products, such as Lattice FPGAs (Icestorm) and Altera FPGAs (QUIP), are introduced to compare the reverse engineering capabilities by various commercial FPGA products. Keywords: reverse engineering; FPGA; hardware security; bitstream; netlists; Xilinx

1. Introduction Field programmable gate arrays (FPGAs) have been widely used for embedded systems in various applications, such as consumer electronics, medical devices, security systems, and defense industry applications. FPGAs allow agile development of the embedded system because their functions can be continuously updated [1,2]. As FPGAs occupy larger portions of the embedded system market, their hardware security becomes an increasingly important issue. Reverse engineering is generally defined as a way to analyze an existing system and to design and create copies by identifying component and interrelationships [3–10]. The reverse engineering in the FPGA is a way of re-configurating the netlist inside the FPGA in various ways. The reverse engineering methods introduced in this paper improve vendor and user awareness of security issues and also prevent FPGAs from being reversed in advance. One potential approach for FPGA reverse engineering is to utilize the bitstream from an external memory to the FPGA [4–6]. Although there are a variety of memory schemes for programming, such as programmable read only memory (PROM), anti-fuse, static random access memory (SRAM), and Flash, most FPGAs have used the SRAM because of its low price, re-programmability, and so on. However, since the SRAM is a volatile memory, the FPGA needs an additional non-volatile memory outside the FPGA to store the programming codes [2]. Figure 1 shows the block diagram of the Xilinx Virtex FPGA connected with the external PROM [11]. When the FPGA board is powered up, the bitstream stored in the PROM is downloaded to the FPGA. Then, the bitstream can be extracted on the downloading path for reverse engineering. Reverse engineering by extracting bitstream files from the external memory is a non-invasive approach that does not damage the FPGA. Therefore, this method can be widely used for criminal investigation, military defense, and security industry that should not damage the target

Electronics 2018, 7, 246; doi:10.3390/electronics7100246

www.mdpi.com/journal/electronics

Electronics 2018, 7, 246 Electronics 2018, 7, x FOR PEER REVIEW

2 of 14 2 of 15

encryptionWhile for security, there have also attempts to extract encryption in order decrypt hardware. FPGA companies havebeen supported bitstream encryption for keys security, theretohave also the bitstream [12]. It should be noted that these reverse engineering methods assumed that the been attempts to extract encryption keys in order to decrypt the bitstream [12]. It should be noted that bitstream is not encrypted.methods assumed that the bitstream is not encrypted. these reverse engineering Several research groups have have attempted attempted reverse reverse engineering engineering to netlist from from the the Several research groups to recover recover the the netlist extracted bitstream bitstream[4–6]. [4–6]. paper reviews advances FPGA reverse engineering, extracted ThisThis paper reviews recent recent advances in FPGA in reverse engineering, particularly particularly those using Xilinx FPGA products that occupy a dominant portion in FPGA markets, those using Xilinx FPGA products that occupy a dominant portion in FPGA markets, and also discusses and also discusses their performance and limitations through hands-on experiments. In addition, this their performance and limitations through hands-on experiments. In addition, this paper also reviews paper also reviews several tools can support the reverse several supplementary toolssupplementary that can support thethat reverse engineering [13–15].engineering [13–15]. The rest of this paper focuses on detailed techniques for FPGA reverse engineering using the The rest of this paper focuses on detailed techniques for FPGA reverse engineering using bitstream. Section 2 describes the Xilinx design flow, tools, and related files generated during the bitstream. Section 2 describes the Xilinx design flow, tools, and related files generated during compilation. Section engineering tools, tools, targeting targeting Xilinx Xilinx products. products. Section Section 44 compilation. Section 33 reviews reviews several several reverse reverse engineering reviews the other reverse engineering projects that aim for Altera and Lattice FPGAs. Section reviews the other reverse engineering projects that aim for Altera and Lattice FPGAs. Section 55 discusses advantages advantages and andlimitations limitationsofofreverse reverseengineering engineeringtools, tools,followed followed concluding remarks discusses byby concluding remarks in in Section 6. Section 6.

Figure 1. 1. Block Block diagram diagram of of the the Xilinx Xilinx Virtex Virtex FPGA Figure FPGA and and its its external external PROM PROM [11]. [11].

2. Xilinx FPGA Design 2. Xilinx FPGA Design 2.1. ISE Design Flow 2.1. ISE Design Flow Xilinx supports two integrated development software packages, ISE and Vivado, for FPGA design Xilinxsimulation, supports two development software packages, Vivado, forVirtex-6 FPGA synthesis, andintegrated configuration. The ISE design suite supportsISE theand Spartan-6 and design synthesis, simulation, and configuration. The ISE design suite supports the Spartan-6 and devices as well as their previous generation families. Recently, Xilinx has recommended the Vivado Virtex-6suite devices as well as their previous generation Recently, recommended the design for new designs with Virtex-7, Kintex-7, families. and Artix-7. WhileXilinx Xilinxhas discontinued support Vivado design suite for new designs with Virtex-7, Kintex-7, and Artix-7. While Xilinx discontinued for the ISE design tool in 2014, the ISE has continued to be widely used for FPGA programming support the for Vivado the ISEmainly design tool inhigh-performance 2014, the ISE has continued be widely used for FPGA because supports and high-end to devices. programming because the Vivado mainly supports high-performance and2.high-end The conceptual diagram of the Xilinx ISE design flow is shown in Figure First, the devices. register-transfer The conceptual diagram of the Xilinx ISE design flow is shown in Figure 2. First, registerlevel (RTL) design (Verilog, HDL file) is converted to the Xilinx internal netlist (NGD file)the using -ngd transfer level (RTL) design (Verilog, HDL file) is converted to the Xilinx internal netlist (NGD file) build. Then, it performs technology mapping of the NGD file to circuit primitives (NCD file) using using The -ngd-par build. Then, itplaces performs technology of the NGD fileand to circuit primitives (NCD -map. command circuit primitivesmapping on the actual FPGA chip connects each primitive file) using -map. The -par command places circuit primitives on the actual FPGA chip and connects in order to generate the placed and routed (P&R’d) NCD file. The fully P&R’d primitives (P&R’d NCD eachare primitive in ordertoto the placed and routed The fully file) then translated thegenerate bitstream (BIT file) using -bitgen.(P&R’d) The BIT NCD file is file. converted to theP&R’d MCS primitives (P&R’d NCD file) are then translated to the bitstream (BIT file) using -bitgen. The file and saved in the PROM. Finally, the stored bitstream (MCS file) in the PROM is downloadedBIT to file the is converted the MCS and saved when in the the PROM. Finally, thepowered stored bitstream (MCS file) in the FPGA for theto purpose of file programming FPGA board is up. PROM is downloaded to the FPGA for the purpose of programming when the FPGA board is powered up.

Electronics 2018, 2018, 7, 7, 246 x FOR PEER REVIEW Electronics Electronics 2018, 7, x FOR PEER REVIEW

of 14 15 33 of 3 of 15

Figure 2. Conceptual diagram of the Xilinx ISE design flow. Figure 2. Conceptual diagram of the Xilinx ISE design flow. Figure 2. Conceptual diagram of the Xilinx ISE design flow.

The P&R’d P&R’d NCD NCD file file can can be be also also converted converted to to the the XDL XDL file file using using -ncd2xdl. -ncd2xdl. The The XDL XDL file file is is aa text text The The P&R’d NCD filethe cannetlist be also converted toform. the XDL file using -ncd2xdl. The XDLthrough file is a text document that displays in a readable This XDL file can be interpreted the document that displays the netlist in a readable form. This XDL file can be interpreted through the document that displays the netlist in aFPGA readable form. This XDL fileand canXDLRC be interpreted through the XDLRC file, which describes all of the architecture. Both XDL files play important XDLRC file, which describes all of the FPGA architecture. Both XDL and XDLRC files play important XDLRC file, which describes all of the FPGA architecture. Both XDL and XDLRC files play important roles in in bitstream-based bitstream-based reverse reverse engineering, engineering, the which will will be be explained explained in in detail detail in in roles the concepts concepts of of which roles in bitstream-based reverse engineering, the concepts of which will be explained in detail in Sections 2.2 and 2.3. Sections 2.2 and 2.3. Sections 2.2 and 2.3. 2.2. 2.2. XDLRC XDLRC 2.2. XDLRC The XDLRC Xilinx FPGA chip architecture thatthat cancan interpret the The XDLRC is isaatext textdocument documentdetailing detailingthe the Xilinx FPGA chip architecture interpret The XDLRC is a text document detailing the Xilinx FPGA chip architecture that can interpret the XDLXDL file.file. TheThe XDLRC forfor each chip can bebe generated XDL the XDLRC each chip can generatedthrough throughthe the-report -report(chip (chipname) name) of of the the XDL XDL file.provided The XDLRC forFigure each chip can abe generated through the of -report (chip name) of the XDL function provided byISE. ISE. Figure shows agraphical graphical representation ofthe the XDLRC structure, which function by 33shows representation XDLRC structure, which is function provided by ISE. Figure 3 shows a graphical representation of the XDLRC structure, which is divided into tile units. Each site consists of primitives, such as slices. The elements contained within divided into tile units. Each site consists of primitives, such as slices. The elements contained within is divided into tile units. Each site consists of primitives, such as slices. these primitives are described in detail detail in the the primitive definition definition [3]. The elements contained within these primitives are described in in primitive [3]. these primitives are described in detail in the primitive definition [3].

Figure 3. 3. Graphical Graphical representation representation of Figure of the the XDLRC XDLRC structure. structure. Figure 3. Graphical representation of the XDLRC structure.

An example code of the XDLRC text file is shown in Figure 4. The structure consists of four An example code of the XDLRC text file is shown in Figure 4. The structure consists of four sections: First, the header section includes information such as the name each chip, the sizeofoffour the An example of section the XDLRC text information file is shown in Figure 4. Theof consists sections: First, thecode header includes such as the name ofstructure each chip, the size of the tile in the chip, etc. Second, the tile section describes the detailed position information of each tile, sections: information as the name information of each chip,ofthe sizetile, of the tile in theFirst, chip, the etc.header Second,section the tileincludes section describes the such detailed position each the types of theetc. tiles (e.g., configurable logic block the (CLB), interconnect (INT), input/output buffer tile in the chip, Second, the tile section describes detailed position information of each tile, the types of the tiles (e.g., configurable logic block (CLB), interconnect (INT), input/output buffer (IOB), (IOB), and digital signal processor (DSP)), the name of the element, and the location of the primitive typesdigital of thesignal tiles (e.g., configurable logic block interconnect input/output bufferpresent (IOB), and processor (DSP)), the name of(CLB), the element, and the(INT), location of the primitive present in the element. Third,(DSP)), the primitive definitions sectionand describes the elements in detail. present Finally, and digital signal processor the name of the element, the location of the primitive in the element. Third, the primitive definitions section describes the elements in detail. Finally, the the summary section summarizes information tiles and the sites. Since the XDLRC file differs in the element. Third, the primitive definitions section describes elements detail. Finally, the summary section summarizes thethe information of of thethe tiles and sites. Since theinXDLRC file differs slightly from chip to chip, it must be well understood in order to fully explain the XDL file. Since the summary section summarizes thebeinformation of theintiles and sites. explain Since the differs slightly from chip to chip, it must well understood order to fully theXDLRC XDL file.file Since the XDLRC can construct a mapping table by correlating with the bitstream, the XDLRC files have been slightly from chip to chip, it must be well understood in order to fully explain the XDL file. Since the XDLRC can construct a mapping table by correlating with the bitstream, the XDLRC files have been utilized for various reverse engineering works. XDLRC for canvarious construct a mapping table by correlating with the bitstream, the XDLRC files have been utilized reverse engineering works.

utilized for various reverse engineering works.

Electronics 2018, 7, 246

4 of 14

Electronics 2018, 7, x FOR PEER REVIEW

4 of 15

Figure 4. Example code of the XDLRC file.

2.3. XDL

Figure 4. Example code of the XDLRC file.

The XDL file is a textual representation of the netlist; it describes the internal state of the FPGA and is equivalent to the NCD file. While the XDL format is not officially documented, it can be easily Theunderstood XDL file is textual representation ofXDL the file netlist; describes internal state the FPGA byausing the XDLRC file [4]. The can beitcreated from the the NCD file with theofxdl -ncd2xdl option, an XDL can bethe reverted to the file with the -xdl2ncd option. and is equivalent to theand NCD file.file While XDL back format is NCD not officially documented, it can be easily For example, the slice statement FXMUX:: F in the XDL file means that the F is the output of the xdl understood by using the XDLRC file [4]. The XDL file can be created from the NCD file with the FXMUX logic. In this way, the instance is created by connecting one logic to the other inside a -ncd2xdl option, and an XDL file can be reverted back to the NCD file with the -xdl2ncd option. block, and the point connecting these logics is defined as a programmable logic point (PLP). The wires Forconnecting example,created the slice statement FXMUX:: F in the XDL file means that the F net is the output of the instances to one another are considered to be nets. A user-controllable is defined FXMUXaslogic. In this way, the point instance by PIP connecting oneis logic other a program interconnect (PIP).isIncreated general, the in the FPGA called to thethe switch box.inside a block, Forconnecting example, the PIP statement, -> EL5BEG2logic in the point XDL file, indicates and the point these logicspip is INT_X0Y74 defined asSR5END2 a programmable (PLP). The wires that the SR5END2 wire in the INT block located in X0Y74 is connected to the EL5BEG2 wire. Since this connecting created instances to one another are considered to be nets. A user-controllable net is XDL file is equivalent to the NCD file, the netlist information on the target FPGA can be obtained by defined as a program interconnect point (PIP). In general, the PIP in the FPGA is called the switch extracting the XDL file from the bitstream.

2.3. XDL

box.

Bitstreamthe Structure For2.4. example, PIP statement, pip INT_X0Y74 SR5END2 -> EL5BEG2 in the XDL file, indicates that the SR5END2 wiredevices in the in INT block located in divided X0Y74 into is connected to the EL5BEG2 Since Virtex family Xilinx FPGA chips are top and bottom parts, as shownwire. in The rows areto then columns and made up frames, e.g.,FPGA the highlighted this XDLFigure file is5.equivalent thefurther NCDdivided file, theinto netlist information onofthe target can be obtained region in yellow, which are the smallest spatial unit [16]. The bitstream has a unique frame address: by extracting the XDL file from the bitstream. frame (0–6), column (7–14), row (15–19), top/bottom (20), and block (21–23). The different devices have different frame column widths of each tile, and the bitstream column width of the Virtex-5 family is 2.4. Bitstream Structure summarized in Table 1. There are no separate frame column widths for the INT tile with nets, because it is not possible to individually address the chips bitstream INT tiles.into Therefore, INTbottom information for each Virtex family devices in Xilinx FPGA arefordivided top and parts, as shown in tile is included within the tile itself, and the bitstream can be generated by arranging column sets of Figure 5. The rows are then further divided into columns and made up of frames, e.g., the highlighted the tiles side by side.

region in yellow, which are the smallest spatial unit [16]. The bitstream has a unique frame address: frame (0–6), column (7–14), row (15–19), top/bottom (20), and block (21–23). The different devices have different frame column widths of each tile, and the bitstream column width of the Virtex-5 family is summarized in Table 1. There are no separate frame column widths for the INT tile with nets, because it is not possible to individually address the bitstream for INT tiles. Therefore, INT information for each tile is included within the tile itself, and the bitstream can be generated by arranging column sets of the tiles side by side. Table 1. Bitstream column width of the Virtex-5 devices [16].

Electronics 2018, 7, 246

5 of 14

Table 1. Bitstream column width of the Virtex-5 devices [16].

Electronics 2018, 7, x FOR PEER REVIEW

Column Type

Width in Frames

CLB DSP Block RAM IOB

36 28 30 54

5 of 15

Figure 5. Graphical representation of the bitstream structure [16]. The region highlighted in yellow is

Figure 5. Graphical representation of the bitstream structure [16]. The region highlighted in yellow is located at tile 0, bottom half, row 0, and column 2, which has a frame width of 36. located at tile 0, bottom half, row 0, and column 2, which has a frame width of 36.

The bitstream file consists of headers and packets. The header part contains information such

The bitstream file headers packets. header partofcontains such as as the chip name of consists the targetofFPGA, the and creation date, The and the number bits used.information The packet part the chip name the target FPGA, theconfiguration creation date, and the number of bits used. The packet part contains theofcommand data and the data. Writing in the FPGA configuration memory starts contains the command data and the configuration data. at the indicated frame of the Frame Address Register in (FAR). The FAR in the actualmemory bitstreamstarts is generated only once,frame as shown in Frame Figure Address 6 [6]. Writing the FPGA configuration at the indicated of the Once the FAR is set for the first frame, the next FAR is generated by the auto-generate function Register (FAR). The FAR in the actual bitstream is generated only once, as shown in Figure 6 [6].to Once download the data to the correct location. the FAR is set for the first frame, the next FAR is generated by the auto-generate function to download The configuration data, which depends on the HDL-generated circuit design, constitutes the data to the correct location. programmable points, i.e., PIP and PLP, in the FPGA. The bitstream mapping information is not The configuration data, which depends on the HDL-generated circuit design, constitutes disclosed in the official documents, but the total number of bits in the generated bitstream is listed in programmable points, i.e., PIP [2]. andSince PLP,theincommand the FPGA. bitstreamdata mapping information is not the Xilinx official documents andThe configuration in the bitstream include disclosed in the official documents, but the total number of bits in the generated bitstream is listed the mapping information, the bitstream can be used to restore the netlist with reverse engineering in the Xilinx documents [2]. Since the command and configuration data in the bitstream include tools, official which will be introduced in Section 3. the mapping information, the bitstream can be used to restore the netlist with reverse engineering tools, which will be introduced in Section 3.

Electronics 2018, 2018,7, 7,246 x FOR PEER REVIEW Electronics Electronics 2018, 7, x FOR PEER REVIEW

of 14 15 66 of 6 of 15

Figure 6. Example of the actual bitstream file [6]. Figure 6. 6. Example Example of of the the actual actual bitstream bitstream file file [6]. [6]. Figure

3. Reverse Reverse Engineering Engineering Tool Tool with with Xilinx XilinxFPGAs FPGAs 3. 3. Reverse Engineering Tool with Xilinx FPGAs 3.1. Debit Debit 3.1. 3.1. Debit Debit was targeting thethe Xilinx FPGA chipchip [4]. It Debit was the the first firstreverse reverseengineering engineeringattempt attempt targeting Xilinx FPGA [4].hasItsince has Debit the first reverse attempt targeting tools, the Xilinx chip [4]. Itreveals has since served as was a good example of engineering various reverse engineering sinceFPGA its algorithm the since served as a good example of various reverse engineering tools, since its algorithm reveals served as a between good example ofand various reverse engineering tools, since its algorithm reveals the correlation the XDL the bitstream. Figure 7 shows a conceptual diagram of the Debit the correlation between the XDL and the bitstream. Figure 7 shows a conceptual diagram of the Debit correlation between the XDL andextraction the bitstream. Figure 7 shows a conceptual diagram of the Debit flow,with withemphasis emphasis onthe theXDL XDL fromthe thebitstream. bitstream. flow, on extraction from flow, with emphasis on the XDL extraction from the bitstream.

Figure 7. Conceptual diagram of the Debit flow. Figure 7. Conceptual diagram of the Debit flow. Figure 7. Conceptual diagram of the Debit flow.

When the power is applied to the FPGA board, the bitstream is downloaded from the external When the power is applied to the FPGA board, the bitstream is downloaded from the external memory to the power FPGA, and the frame of FPGA the configuration data is sequentially placedfrom inside FPGA When applied to the board, the bitstream is downloaded thethe external memory tothe the FPGA,isand the frame of the configuration data is sequentially placed inside the FPGA according to the FAR. Writing to the FPGA configuration memory begins at the indicated frame memory to to thethe FPGA, the frame the configuration data is sequentially inside the FPGA according FAR.and Writing to theofFPGA configuration memory begins atplaced the indicated frame of of the FAR. frame of the configuration data, except for the first frame in the actual bitstream, according toEach theframe FAR. to the FPGA configuration memory begins indicated frame of the FAR. Each ofWriting the configuration data, except for the first frame in at thethe actual bitstream, does does not Each include the FAR data, while the corresponding FAR data can throughdoes the the frame the configuration data, except FAR for the firstcan frame inbe thecalculated actual bitstream, notFAR. include the FARofdata, while the corresponding data be calculated through the autoauto-generate function. Therefore, the FAR value should be deduced from the generated bitstream. not include the FAR data, while FAR data can be the calculated through the autogenerate function. Therefore, the the FARcorresponding value should be deduced from generated bitstream. Since Since the FAR data is displayed in front of each frame of the bitstream, the auto-generate function generate Therefore, FAR valueframe should from generated bitstream. Since the FAR function. data is displayed in the front of each of be thededuced bitstream, thethe auto-generate function can be canFAR be extracted separatelyinvia the of -framedump option in the Debitthe tool. Once the FAR data has been the data is displayed front each frame of the bitstream, auto-generate function can be extracted separately via the -framedump option in the Debit tool. Once the FAR data has been extracted,separately the configuration can be separated from bitstream, and its then be extracted via the data -framedump option in thethe Debit tool. Once thetarget FAR site datacan has been extracted, the configuration data can be separated from the bitstream, and its target site can then be estimated.the It isconfiguration also possible to dump the site configuration data of each and FPGA product group through extracted, data can be separated from the bitstream, its target site can then be estimated. It is also possible to dump the site configuration data of each FPGA product group through the -sitedump function of the tool. estimated. It is also possible to Debit dump the site configuration data of each FPGA product group through the -sitedump function of the Debit tool. the -sitedump function of the Debit tool.

Electronics 2018, 7, 246 Electronics 2018, 7, x FOR PEER REVIEW

7 of 14 7 of 15

Configuration data includes three types of configuration bits, which consist of the look-up table (LUT), other slice components, and switch boxes (i.e., PIP). The LUT and other slice components components configuration occupy occupy only only about about10% 10%ofofthe thedata, data,thethe it being used to represent the restrest of of it being used to represent the PIP PIP configuration. configuration. Using the algorithm presented in the dumped dumpeddata, data,we wecan cancollect collectbits bitsfor forPIP PIPthrough throughthe thecorrelation correlation algorithm presented the Debit tooltool [4]. [4]. TheThe correlation algorithm introduced in theinDebit tool assumes that the layout of the in the Debit correlation algorithm introduced the Debit tool assumes that the layout configuration data is very regular, based on the regular structure of the FPGA. Typically, the FPGA of the configuration data is very regular, based on the regular structure of the FPGA. Typically, has the aFPGA regular structure, as structure, shown in Figure 5, and PIP bit positions within the site arewithin consistent at each has a regular as shown in the Figure 5, and the PIP bit positions the site are of the sameatsites. consistent each of the same sites. The Debit is an open source tool available from Github, and is only supported by the Linux platform. It It supports supports Virtex-2, Virtex-2, Virtex-4, Virtex-4, Virtex-5, Virtex-5, and and Spartan-3 Spartan-3products. products. In In order order to to examine examine the reverse engineering performance of the Debit tool, we created a bitstream file with a Spartan-3 FPGA and applied it to the Debit tool to generate the XDL file. Then, the reversed XDL file (by Debit) was compared with the original XDL file (by Xilinx ISE) in order to verify the accuracy accuracy of of the the Debit Debit tool. tool. Figure 8 shows the original XDL file and the XDL file reverse-engineered from the bitstream by the Debit tool. Because only part of the pip was restored in the INT tile, Debit was not able to regenerate the complete XDL code from the bitstream. Moreover, the current ISE tool cannot be used to convert the reversed XDL file into the netlist netlist file file (i.e., (i.e., NCD) NCD) because because the the XDL XDL format format is is not not compatible. compatible.

(a)

(b)

Figure 8. Reverse engineering results with debit: (a) Original XDL part, (b) Reversed XDL part: As a engineering using using the the Debit Debit tool, tool, only only some some pip pip of of the the INT INT tile tile was was reversed. reversed. result of reverse engineering

3.2. Bitstream Interpretation 3.2. Bitstream Interpretation Library Library (BIL) (BIL) The The Debit Debit tool tool was was the the interesting interesting first first step step that that introduced introduced the the possibility possibility of of FPGA FPGA reverse reverse engineering with the bitstream. Later, the BIL was proposed in order to improve the correlation method engineering with the bitstream. Later, the BIL was proposed in order to improve the correlation of the Debit tool by using theusing XDLRC, leading to more accurate reverse engineering [5]. The BIL method of the Debit tool by the XDLRC, leading to more accurate reverse engineering [5]. tool The separates the configuration data into tiles, which are the smallest units of the FPGA, when obtaining BIL tool separates the configuration data into tiles, which are the smallest units of the FPGA, when the PIP data. of theTiles sameoftype have type identical so they canso bethey separated and obtaining theTiles PIP data. the same haveconfigurations, identical configurations, can be safely separated quickly. Since the bitstream mapping table is not officially released, it must be inferred through the safely and quickly. Since the bitstream mapping table is not officially released, it must be inferred XDLRC in order to separate the configuration data. Using the XDLRC file, which describes the FPGA through the XDLRC in order to separate the configuration data. Using the XDLRC file, which architecture, correlation between can be easily estimated. Debit tool cannotThe reverse alltool the describes thethe FPGA architecture, thetiles correlation between tiles canThe be easily estimated. Debit PIP information of the FPGA by using the XDL file as a reverse source. In contrast, the BIL tool can cannot reverse all the PIP information of the FPGA by using the XDL file as a reverse source. In completely the can PIP information using the XDLRC as a reverseusing source. contrast, thereverse BIL tool completely reverse the PIP information the XDLRC as a reverse The BIL tool was released to analyze the FPGA and reverse the bitstream. Figure 9 shows the source. conceptual diagram of the BIL flow. The analysis tool includes a basic data generation function, The BIL tool was released to analyze the FPGA and reverse the bitstream. Figure 9 shows the which creates an address that processes memory of a specific devicewhich to be conceptual diagram of the layout BIL flow. The analysisthe toolconfiguration includes a basic data generation function, structured a list that describes the name and of the Virtex-5 device. of It also providesdevice functions to creates an and address layout that processes the ID configuration memory a specific to be compress XDLRC and create a table that points to all tile addresses in compressed XDLRC. The XDLRC structured and a list that describes the name and ID of the Virtex-5 device. It also provides functions compression functionand deletes redundant datapoints and compresses large amounts of data without lossThe by to compress XDLRC create a table that to all tile addresses in compressed XDLRC. converting data to the binary format. XDLRC compression function deletes redundant data and compresses large amounts of data without

loss by converting data to the binary format.

Electronics 2018, 7, x FOR PEER REVIEW

8 of 15

Electronics 2018, 7, 246

8 of 14

Electronics 2018, 7, x FOR PEER REVIEW

8 of 15

Figure 9. Conceptual diagram of the BIL flow. Figure theBIL BIL flow. Figure9.9.Conceptual Conceptual diagram diagram ofofthe flow.

Reverse engineering can be conducted using the data generated by the FPGA analysis tool. The Reverse engineering can be using the the data generated byby thethe FPGA tool. FPGA FPGA Reverse tool additionally allows for the conversion of the bitstream intoanalysis an assembly code for Reverse engineering canconducted be conducted using data generated FPGA analysis tool.The The Reverse tool additionally allows for the conversion of the bitstream into an assembly code for visualization. visualization. FPGA Reverse tool additionally allows for the conversion of the bitstream into an assembly code for Like the Debit tool, the BIL tool has been released as an open source tool, providing a reverse visualization. Likefunction the Debit tool, thebe BIL toolinin has been released as an open source tool, providing a the reverse engineering that can used the same environments asas Debit. We also used the BILBIL tool to engineering function that can be used the same environments Debit. We also used tool engineering function that can be used in the same environments as Debit. We also used the BIL tool verify its accuracy in reverse engineering. The XDL file reversed through the BIL was compared with to verify its accuracy in reverse engineering. The XDL file reversed through the BIL was compared to its accuracy inin reverse engineering. The XDL filethe reversed through the BIL was compared the XDL file infile Figure 10. It canItbe observed that BIL generate all the of theofINT withoriginal theverify original XDL Figure 10. can be observed that thecan BIL can generate allPIPs the PIPs the with the original XDL file in Figure 10. It can be observed that the BIL can generate all the PIPs of the tiles, but not PIPthe data the primitive site and other tiles. The tiles. resultsThe indicate that the correlation INT tiles, butthe not PIPofdata of the primitive site and other results indicate that the INT tiles, but not the PIP data of the primitive site and other tiles. The results indicate that the algorithm the BIL does the not mapping information of theinformation primitive sites correlationintroduced algorithminintroduced in not theprovide BIL does provide the mapping of and the correlation algorithm introduced in the BIL does not provide the mapping information of the the PIP of other tiles beyond the INT tile. primitive sites and the PIP of other tiles beyond the INT tile. primitive sites and the PIP of other tiles beyond the INT tile.

(a)

(b)

Figure 10. Reverse engineering (a) results with the BIL tool: (a) Original XDL file(b) generated by Xilinx ISE, (b) Reversed XDL file generated by BIL.

Figure 10. Reverse engineering results with the BIL tool: (a) Original Original XDL file file generated generated by Xilinx Xilinx ISE, ISE, file generated by BIL. (b) Reversed XDL file generated by BIL. 3.3. Bit2ncd

3.3. Bit2ncd The previous Debit and BIL tools were unable to provide the pip mapping information of the 3.3. Bit2ncd

primitive sites and other tiles, resulting in incomplete recovery. In [6], it has been experimentally

The previous Debit and BIL were unable to provide the pip mapping information of the The previous andshare BIL tools tools were unable provide mapping information verified that PIPDebit and PLP the same control bit,toand neitherthe the pip Debit nor BIL can reverse theof the primitive sites and resulting incomplete In [6], PLP parts, theytiles, do not consider in such redundant recovery. data. primitive sites because and other other tiles, resulting in incomplete recovery. In [6], it it has has been been experimentally experimentally verified that PIP and PLP share the same control bit, and neither the Debit nor BIL can Figure shows a conceptual of the Bit2ncd Onethe example the BIL seedreverse XDLreverse filethe is PLP verified that PIP11and PLP share the diagram same control bit, andflow. neither Debitofnor can the parts, because they do not consider such redundant data. shownbecause in Figurethey 12a. do Thenot circuit must such be created with the primitives in the FPGA devices such as PLP parts, consider redundant data. Figure 11 shows shows aa conceptual conceptualdiagram diagramof ofthe theBit2ncd Bit2ncdflow. flow.One Oneexample exampleofofthe the seed XDL Figure 11 seed XDL filefile is is shown in Figure 12a. The circuit must be created with the primitives in the FPGA devices such shown in Figure 12a. The circuit must be created with the primitives in the FPGA devices such as as LUTs, Muxes, and FFs, and they must be fixed at specific locations using a UCF file specifying I/O pins to find the pattern when creating the bitstream. Once the seed XDL has been generated,

Electronics 2018, 7, x FOR PEER REVIEW

9 of 15

LUTs, Muxes, and FFs, and they must be fixed at specific locations using a UCF file specifying I/O Electronics 2018, 7, x FOR PEER REVIEW

9 of 15

pins to2018, find7, the Electronics 246 pattern when creating the bitstream. Once the seed XDL has been generated, CLB 9 of 14 information can and be found in they XDLRC, it must be modified forusing only aone FFY in LUTs, Muxes, FFs, and mustand be fixed at specific locations UCFPLP file (e.g., specifying I/Othe example), as highlighted in Figure 12b. When the XDL is modified with all possible PLPs of the FFY, pins to find the pattern when creating the bitstream. Once the seed XDL has been generated, CLB CLB information can be found in XDLRC, and it must be modified for only one PLP (e.g., FFY in a set of modified is then ready. The set, i.e., analysis script(e.g., group information can XDL be found in XDLRC, and generated it must be XDL modified for only one PLP FFY(ASG), in the is theconverted example), as highlighted in Figure 12b. When the XDL is modified with all possible PLPs of the into an NCD fileinthrough -xdl2ncd provided the ISE design suite, and theFFY, NCD example), as highlighted Figure 12b. When the XDL is by modified with all possible PLPsthen of the FFY, of modified modified XDL isthen then ready. generated set,is i.e., analysis group fileaa isset intoXDL the isbitstream through -bitgen. This process very similar to constructing setconverted of ready. TheThe generated XDLXDL set, i.e., analysis script script group (ASG), (ASG), is a is converted into anan NCD file through -xdl2ncd providedbyby the design suite, the NCD mapping table of PLP and PIP, as explained in [6]. converted into NCD file through -xdl2ncd provided the ISEISE design suite, andand thenthen the NCD file isfile converted intointo thethe bitstream through Thisprocess processis isvery very similar to constructing a is converted bitstream through-bitgen. -bitgen. This similar to constructing a mapping of PLP PIP, explainedinin[6]. [6]. mapping tabletable of PLP andand PIP, as as explained

Figure 11. Conceptual diagram of the Bit2ncd flow.

Figure 11.11.Conceptual ofthe theBit2ncd Bit2ncd flow. Figure Conceptual diagram diagram of flow.

(a)

(b)

(a) (b) Figure Example codes analysis script group (ASG) generation option Figure 12.12. Example codes of of thethe analysis script group (ASG) generation forfor thethe FFYFFY option [6]:[6]: (a) (a) Seed Figure 12. Example codes of the analysis Seed (b) FFY option modified XDL, (b)XDL, FFY option modified XDL. XDL. script group (ASG) generation for the FFY option [6]: (a) Seed XDL, (b) FFY option modified XDL.

In In order to efficiently generate a mapping table, a distributed processing system is used. Its design order to efficiently generate a mapping table, a distributed processing system is used. Its In order to efficiently generate a mapping table, a distributed processing system is used. Its design is introduced in a separate paper the Bit2ncd software A server generates seed XDL is introduced in a separate paper on the on Bit2ncd software [6]. A[6]. server generates thethe seed XDL and design is introduced in a separate paper on the Bit2ncd software [6]. A server generates the seed XDL and distributes it to eachThe node. The node then generates ASG,a creates a mapping and it distributes it to each node. node then generates the ASG,the creates mapping table, andtable, transmits and distributes it to each node. The node then generates the ASG, creates a mapping table, and to the server. The server consolidates thetables mapping tables generated by each node into a to transmits thetransmits server.it The consolidates mapping generated by each node into a single it to server the server. The server the consolidates the mapping tables generated by each node into a one. one. As a result, it takes 50 days to createtable a mapping table ofchip one with FPGA chip with 50 the PCs.mapping Also, Assingle a result, it takes days create a mapping of one table FPGA 50 PCs. Also, single one. As a50 result, itto takes 50 days to create a mapping of one FPGA chip with 50 PCs. Also, thethe mapping table must be reconfigured for each FPGA chip. table must be reconfigured for each FPGA chip. mapping table must be reconfigured for each FPGA chip. Figure 13a and b bshow the view original NCDand andthe the reversed NCD, respectively. Figure 13a and show thenetlist netlist view by the originalNCD NCD NCD, respectively. Figure 13a,b show the netlist view by by thethe original and thereversed reversed NCD, respectively. As shown, the original NCD and the reversed NCD are the same. The simulation results also indicate As shown, the original NCD and the reversedNCD NCD are the simulation results also indicate As shown, the original NCD and the reversed thesame. same.The The simulation results also indicate that the original XDL and the reversed XDL are identical. In addition, Bit2ncd can be applied to the that the original XDL and the reversed XDL are identical. In addition, Bit2ncd can be applied to theto that the original XDL and the reversed XDL are identical. In addition, Bit2ncd can be applied the xdl2ncd option provided ISE while keeping ISE XDL format, so it caneasily easilycreate create NCD file. xdl2ncd option providedby by while keepingISE ISE XDL XDL format, NCD file. xdl2ncd option ISEISE while keeping format,sosoititcan can easily create NCD file. Electronics 2018, 7,provided x FOR PEERby REVIEW 10 of 15

(a)

(b)

Figure Reverseengineering engineeringresults resultswith with the the Bit2ncd tool Reversed NCD. Figure 13.13. Reverse tool [6]: [6]:(a) (a)Original OriginalNCD, NCD,(b)(b) Reversed NCD.

3.4. Supplementary Tool Using XDL: Rapidsmith Commercial FPGAs offer several advantages for programming, but researchers have often found them inconvenient, due to the restricted functions of FPGA design tools. FPGA databases are typically proprietary, and the tools generally have rigid design flows, limiting various experiments

Electronics 2018, 7, 246

10 of 14

(a)

(b)

Figure 13. Reverse engineering results with the Bit2ncd tool [6]: (a) Original NCD, (b) Reversed NCD. 3.4. Supplementary Tool Using XDL: Rapidsmith

Commercial FPGAsTool offer several 3.4. Supplementary Using XDL: advantages Rapidsmith for programming, but researchers have often found them inconvenient, due to the restricted functions of FPGA design tools. FPGA databases are typically Commercial FPGAs offer several advantages for programming, but researchers have often proprietary, and theinconvenient, tools generally have rigid design flows, limiting various with found them due to the restricted functions of FPGA design tools.experiments FPGA databases areFPGAs. In ordertypically to overcome these issues, the Rapidsmith tooldesign was flows, developed Xilinx FPGAs [13,14]. proprietary, and the tools generally have rigid limitingfor various experiments with FPGAs. In order overcome these issues,engineering, the Rapidsmith was developed Xilinx Even though Rapidsmith isto not a tool for reverse it tool provides valuablefortips andFPGAs information [13,14]. Even though Rapidsmith is not a tool for reverse engineering, it provides valuable tips and using XDL files. information using XDL files. Figure 14 shows how the Rapidsmith works, along with the Xilinx CAD tool. While the Figure 14 shows how the Rapidsmith works, along with the Xilinx CAD tool. While the configuration process of the FPGA asexplained explained in Figure 2, Rapidsmith can configuration process of Xilinx the Xilinx FPGAisisidentical, identical, as in Figure 2, Rapidsmith can supportsupport translation, mapping, placing, and routing forthe the XDL translation, mapping, placing, and routingfunctions functions for XDL file.file. RTL file

BIT file Bitgen

Translate

NGD file

Mapping

Translated XDL file

NCD file

P&R

Mapped XDL file

P&R’d NCD file

P&R’d XDL file

Rapidsmith FigureFigure 14. Conceptual diagram XilinxISE ISEand and Rapidsmith 14. Conceptual diagramof ofthe the Xilinx Rapidsmith flow.flow.

The previously introduced XDL tools filesofof FPGA design tool the input The previously introduced XDL toolsuse usethe the output output files thethe FPGA design tool as the as input files and convert them to XDL files. On the other hand, Rapidsmith uses the converted XDL file as files and convert them to XDL files. On the other hand, Rapidsmith uses the converted XDL an file as an input and manipulates as desired theuser. user.The The manipulated XDL file file is then fed back theinto the input and manipulates it as itdesired byby the manipulated XDL is then fedinto back XDL tools and converted to files that are compatible with the Xilinx design tools. XDL tools and converted to files that are compatible with the Xilinx design tools. From a reverse-engineering perspective, it is paramount to consider hacking attack scenarios to From a reverse-engineering perspective, is paramount to consider attack scenarios to prevent hacking of the FPGAs. A few papersithave introduced ways to utilizehacking Rapidsmith for FPGA prevent security. hacking Tavaragiri of the FPGAs. A few papers have introduced ways to utilize Rapidsmith for FPGA et al. have demonstrated that on-chip antennas can be built by using security.programmable Tavaragiri et interconnects al. have demonstrated thatThey on-chip antennas can be built by using programmable as a pallet [17]. developed a unique flow to concatenate a large network unused[17]. routing resources in the aFPGA, forming curve network to work asof anunused interconnects asof a pallet They developed unique flow atotwo-dimensional concatenate a large on-chip antenna built with the programmable interconnects of the FPGA. The authors used their own routing resources in the FPGA, forming a two-dimensional curve to work as an on-chip antenna built tool to manipulate XDL files, but Rapidsmith can perform the same function to support XDL files. with the programmable interconnects of the FPGA. The authors used their own tool to manipulate XDL Söll et al. demonstrated that malicious circuits, such as hardware Trojans, can be detected through files, butside-channel Rapidsmithanalysis can perform theused same functionto toimplement support XDL files. Söll et al.Trojan demonstrated that [18]. They Rapidsmith the denial-of-service into an Electronics 2018, 7, x FOR PEER REVIEW 11 of 15 malicious circuits, such as hardware Trojans, can be detected through side-channel analysis [18]. They used Rapidsmith to implement the denial-of-service into an AES block by manipulating P&R’d(EM) XDL files. AES block by manipulating P&R’d XDL Trojan files. They then used localized electro-magnetic They measurements then used localized electro-magnetic (EM) measurements to find the Trojan-infiltrated circuit to find the Trojan-infiltrated circuit in the FPGA chip. Figure 15 shows the location ofin the FPGAthe chip. Figure 15 shows the(black location ofon thethe malicious Trojan (black area) on the FPGA chip malicious Trojan circuit area) FPGA chip and circuit its EM measurement result in order to and detect the Trojan result circuit.in order to detect the Trojan circuit. its EM measurement

(a)

(b)

Figure 15.Trojan (a) Trojan placed at the top-right corner the FPGAchip chip(highlighted (highlighted by by a a red red square) Figure 15. (a) placed at the top-right corner onon the FPGA square) and its EM measurement (b) itsand EM(b) measurement [18]. [18].

4. Reverse Engineering Tools with Non-Xilinx FPGAs 4.1. Icestorm with Lattice FPGAs Icestorm is a project related to the reverse engineering that utilizes the bitstream from the Lattice

Electronics 2018, 7, 246

11 of 14

4. Reverse Engineering Tools with Non-Xilinx FPGAs 4.1. Icestorm with Lattice FPGAs Icestorm is a project related to the reverse engineering that utilizes the bitstream from the Lattice ice40 FPGA with a custom-designed programming tool [7]. Its FPGA board has a minimal and regular architecture with limited types of tiles and function units to facilitate reverse engineering [19]. The Icestorm project targets the Ice40 LP/HX 1K/4K/8K chips. Figure 16 shows conceptual diagrams meant to compare the iCEcube2 design flow officially supported by the Lattice semiconductor [20] and the custom-designed Icestorm design flow [8]. In Figure 16a, the iCEcube 2 design flow consists of several steps, as follows (1) Add RTL design files and constraint files; (2) Synthesize the design and make netlists; (3) Perform placement and routing process using place & route tools in iCEcube2 and generate programming and configuration files; (4) Program the FPGA with the bitstream. The design flow of the Icestorm project, shown in Figure 16b, is similar to the iCEcube2 flow, while the Icestorm uses custom-designed tools. Icestorm is an open source project that provides three main tools: Yosys, Arachne-pnr, and Icepack. Yosys is a framework that converts Verilog code to a different format, such as FLIG, EDIF, BTOR, SMT-LIB, and simple RTL Verilog [21]. It has a Verilog 2005 support and provides a basic synthesis set [9]. Yosys performs functions similar to the iCEcube2 synthesis. Arachne-pnr supports placement and routing functions using BLIF files, physical constraints, and place & route scripts, ultimately generating the Icestorm TXT file. It operates in the same way as the iCEcube2 Place & Route tool. Then, the IcePack converts the TXT file into the Electronics 2018, 12 of 15 bitstream [21].7, x FOR PEER REVIEW

(a)

(b)

Figure 16. Design flow. Design flow flow comparison: (a) (a) iCEcube2 iCEcube2 design flow, (b) Icestorm design flow.

The Icestorm project has reported that the ice40 HX 1K and and 8K 8K boards boards can can be bereverse-engineered, reverse-engineered, especially for for Ice40 Ice40HK HK1K-TQ144 1K-TQ144and andIce40 Ice40HX8K-CT256 HX8K-CT256 products [7]. For reverse engineering, products [7]. For reverse engineering, the the Icestorm utilizes Icebox_vlog tool, which extensionsoftware softwareused usedtotoreverse reversethe the BIN BIN file to Icestorm utilizes thethe Icebox_vlog tool, which is is anan extension the Verilog file. Figure 17 shows an example code for bitstream conversion to the Verilog file using the Icebox_vlog tool. The file “example.v” implements an AND logic module, and the output y is assigned as a logical result of a AND b. This example uses the Yosys, Arachne-pnr, and Icepack tools to create the bitstream. The bitstream is then applied to the Icebox_vlog tool, generating the recovered Verilog code, which includes the conditional operator, assign y = b ? a:0. This means that if b is 1, y

(a)

(b)

Figure 16. Design flow comparison: (a) iCEcube2 design flow, (b) Icestorm design flow.

The Icestorm project has reported that the ice40 HX 1K and 8K boards can be reverse-engineered, 12 of 14 especially for Ice40 HK 1K-TQ144 and Ice40 HX8K-CT256 products [7]. For reverse engineering, the Icestorm utilizes the Icebox_vlog tool, which is an extension software used to reverse the BIN file to the Verilog code forfor bitstream conversion to the Verilog file file using the Verilogfile. file.Figure Figure17 17shows showsananexample example code bitstream conversion to the Verilog using Icebox_vlog tool. The file “example.v” implements an AND logic module, and the output y is assigned the Icebox_vlog tool. The file “example.v” implements an AND logic module, and the output y is as a logical of aresult ANDofb.aThis example uses the Yosys, Arachne-pnr, and Icepack to create assigned asresult a logical AND b. This example uses the Yosys, Arachne-pnr, andtools Icepack tools the bitstream. The bitstream is then applied the Icebox_vlog tool, generating the recovered Verilog to create the bitstream. The bitstream is then to applied to the Icebox_vlog tool, generating the recovered code, which includes the conditional operator, assign y =assign b ? a:0.yThis thatmeans if b is 1, y becomes Verilog code, which includes the conditional operator, = b ?means a:0. This that if b is 1, a, y and if b isa,0,and y becomes indicating that y is a that logical of both AND verifies becomes if b is 0, y0,becomes 0, indicating y isresult a logical resulta of bothb.a This ANDexample b. This example that reverse is possible for specific Since theSince Icestorm utilized verifies that engineering reverse engineering is possible for Lattice specificFPGA Latticeproducts. FPGA products. the Icestorm custom-designed tools for Verilog-to-bit file conversion, its reverse engineering tool (i.e., Icebox_vlog) utilized custom-designed tools for Verilog-to-bit file conversion, its reverse engineering tool (i.e., for bit-to-Verilog file conversionfile was also easilywas implemented customized [10]. Icebox_vlog) for bit-to-Verilog conversion also easily and implemented and customized [10].

Electronics 2018, 7, 246

// example.v module top (input a, b, output y); assign y = a & b; endmodule Comparison Module chip (output y, input b, input a); Wire y, b, a; assign y = b ? a : 0; endmodule

Yosys Arachne-pnr icePack FPGA bitstream Icebox_vlog Tool

File

Figure 17. Example code of the bitstream conversion to the Verilog Verilog file. file.

4.2. QUIP with Altera FPGA The Quartus University Interface Program (QUIP) supplied by Altera provides FPGA researchers with several design capabilities: It can create a netlist of technology specific entities as well as access the device architecture and key timing information. It can also specify the placement of logic elements and routing for FPGA design [15]. The QUIP provides documentation about a Verilog Quartus module (VQM) file format as well as a grammar that researchers can use to create VQM files with a technology specific listing. Accessing the architecture and key timing information obtained using the QUIP can support the development of FPGA flow. For example, the intra-cell delay shows time information about port to port, so that researchers can interpret the timing numbers. The QUIP can modify the placement and routing information, which can be applied to the Quartus II FPGA. The QUIP is convenient and flexible because it can change certain parts of placement and routing while enabling the replacement of parts in the FPGA flow with custom tools. However, the QUIP does not provide the detailed information file to construct a router, as does the XDL [14]. Moreover, the QUIP only supports the Quartus II FPGA, which significantly limits its usage in reverse engineering for Altera FPGAs. 5. Discussion Table 2 summarizes reverse engineering tools for FPGAs. Debit attempts reverse engineering using the correlation method between XDL and Bitstream files, but it suffers from low accuracy due to the lack of information in XDL. BIL complements Debit’s correlation method using XDLRC and completely reverses the PIP information of INT tiles. However, the PLP information cannot be extracted due to the lack of information in XDLRC. Debit and BIL were released as an open-source tool, and we directly tried those tools to experimentally verify their performance and limitations. Reversed XDL files extracted by Debit and BIL were compared with the original XDL generated by the ISE design flow as shown in Figure 8 (Debit) and 10 (BIL). Both reverse engineering tools show low accuracy as a result of extracting limited tile resources.

Electronics 2018, 7, 246

13 of 14

Bit2ncd is not an open-source tool and has not been tested directly. Bit2ncd compares the ASG bitstream with the original bitstream as shown in Figure 12 to create a mapping table. Figure 13 shows a complete reverse engineering result using Bit2ncd. However, it takes a quite long time (50 days) to create a mapping table for reverse engineering, while requiring huge computational resources (50 PCs), according to the paper. Table 2. Performance comparison of the reverse engineering tools for FPGAs. Tool

Input

Output

Supported Device

Pros

Cons

Debit

BIT file

XDL file

Virtex-2,3,4,5/Spartan-3

Simple

Low accuracy

BIL

XDLRC, XDL, BIT file

XDL file XML file

Virtex-5

Perfect reversing pip in INT tile

Low accuracy

Bit2ncd

BIT file

XDL file NCD file

Spartan-3,3E/Virtex-2,4,5

Perfect reversing all tile types

Long time

Rapidsmith

XDL file, XDLRC file

XDL file

All devices

Flexible

Depending on other tools

Icestorm

BIT file

Verilog file

Ice40

High accuracy

Limited target devices

Rapidsmith can manipulate the XDL to modify and customize the netlist file, which can be applicable to all devices. Rapidsmith alone cannot be used for reverse engineering in FPGA, while it can provide the flexible function for manipulating XDL to assist the other reverse engineering tools. Icestorm uses a custom-designed programming tool, as shown in Figure 16b, which also leads to the design of a custom reverse engineering tool. Unlike conventional reverse engineering tools, Icestorm can accurately extract the Verilog code from the bitstream, as shown in Figure 17. However, the Icestorm project is only applicable to Lattice FPGA products. 6. Conclusions Debit is the first attempt to reverse engineer the FPGAs through bitstream extraction, and the BIL improves the bitstream correlation method by utilizing XDLRC files. As a further improvement, Bit2ncd reverse engineers all tiles by creating a mapping table while modifying both PLP and PIP in XDL files. However, the latter requires tremendous computational resources and is not an open source tool, so it cannot be verified by other users. Further research on FPGA reverse engineering is still needed, not only for improving the existing tools but also for reverse engineering the other FPGAs, such as recent Xilinx products using Vivado design flow. Author Contributions: Conceptualization, Methodology, Data Curation, Validation, Writing Paper, H.Y., H.L., and S.L.; Funding Acquisition, H.-M.L.; Investigation, Supervision, Writing-Review & Editing, Project Administration, Y.K. and H.-M.L. Funding: This work was supported as part of Military Crypto Research Center (UD170109ED) funded by Defense Acquisition Program Administration (DAPA) and Agency for Defense Development (ADD). Conflicts of Interest: The authors declare no conflict of interest.

References 1.

2. 3.

Fong, R.J.; Harper, S.J.; Athanas, P.M. A versatile framework for FPGA field updates: an application of partial self-reconfiguration. In Proceedings of the IEEE International Workshop on Rapid Systems Prototyping, San Diego, CA, USA, 9–11 June 2003; pp. 117–123. Virtex-5 FPGA Configuration User Guide, 2017. Available online: https://www.xilinx.com/support/ documentation/user_guides/ug191.pdf (accessed on 18 September 2018). Lee, J.-K.; Jhang, K.-S.; Cho, H.-J. Verilog functional model extraction from FPGA design data. J. KIISE: Comput. Pract. Lett. 2012, 18, 380–388.

Electronics 2018, 7, 246

4.

5.

6. 7. 8.

9. 10.

11. 12.

13.

14.

15.

16.

17.

18.

19. 20. 21.

14 of 14

Note, J.-B.; Rannaud, É. From the bitstream to the netlist. In Proceedings of the International ACM/SIGDA Symposium on Field Programmable Gate Arrays (FPGA), Monterey, CA, USA, 24–26 February 2008; Volume 18, p. 264. Benz, F.; Seffrin, A.; Huss, S.A. Bil: A tool-chain for bitstream reverse-engineering. In Proceedings of the International Conference on Field Programmable Logic and Applications (FPL), Oslo, Norway, 29–31 August 2012; pp. 735–738. Ding, Z.; Wu, Q.; Zhang, Y.; Zhu, L. Deriving an NCD file from an FPGA bitstream: Methodology, architecture and evaluation. Microprocess. Microsyst. 2013, 37, 299–312. [CrossRef] Project IceStorm. Available online: http://www.clifford.at/icestorm (accessed on 18 September 2018). Wolf, C. A free and Open Source Verilog-to-Bitstream Flow for iCE40 FPGAs. Online Presentation, 2015. Available online: https://media.ccc.de/v/32c3-7139-a_free_and_open_source_verilog-to-bitstream_flow_ for_ice40_fpgas (accessed on 18 September 2018). Yosys Open Synthesis Suite, Online Tutorial. Available online: http://www.clifford.at/yosys (accessed on 18 September 2018). Romanov, A.; Romanov, M.; Kharchenko, A. FPGA-based control system reconfiguration using open source software. In Proceedings of the IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus), St. Petersburg, Russia, 1–3 February 2017. Yui, C.C.; Swift, G.M.; Carmichael, C.; Koga, R.; George, J.S. SEU mitigation testing of Xilinx Virtex II FPGAs. In Proceedings of the IEEE Radiation Effects Data Workshop, Monterey, CA, USA, 25–25 July 2003; pp. 92–97. Moradi, A.; Barenghi, A.; Kasper, T.; Paar, C. On the vulnerability of FPGA bitstream encryption against power analysis attacks. In Proceedings of the ACM Conference on Computer and Communications Security, Chicago, IL, USA, 17–21 October 2011; pp. 111–124. Lavin, C.; Padilla, M.; Lundrigan, P.; Nelson, B.; Hutchings, B. Rapid prototyping tools for FPGA designs: Rapidsmith. In Proceedings of the International Conference on Field-Programmable Technology, Beijing, China, 8–10 December 2010. Lavin, C.; Padilla, M.; Lamprecht, J.; Lundrigan, P.; Nelson, B.; Hutchings, B. Rapidsmith: Do-it-yourself CAD tools for Xilinx FPGAs. In Proceedings of the International Conference on Field Programmable Logic and Applications, Chania, Greece, 5–7 September 2011. Malhotra, S.; Borer, T.; Singh, D.; Brown, S. The Quartus University Interface Program: Enabling advanced FPGA research. In Proceedings of the IEEE International Conference on Field-Programmable Technology, Brisbane, NSW, Australia, 6–8 December 2004; pp. 225–230. Soni, R.K.; Steiner, N.; French, M. Open-source bitstream generation. In Proceedings of the IEEE International Symposium on Field-Programmable Custom Computing Machines, Seattle, WA, USA, 28–30 April 2013; pp. 105–112. Tavaragiri, A.; Couch, J.; Athanas, P. Exploration of FGPA interconnect for the design of unconventional antennas. In Proceedings of the ACM/SIGDA International Symposium on Field Programmable Gate Arrays, Monterey, CA, USA, 27 February–1 March 2011; pp. 219–226. Söll, O.; Korak, T.; Muehlberghuber, M.; Hutter, M. EM-based detection of hardware trojans on FPGAs. In Proceedings of the IEEE International Symposium on Hardware-Oriented Security and Trust, Arlington, VA, USA, 6–7 May 2014. iCE40 LP/HX Family Data Sheet. Available online: http://www.latticesemi.com/en/Products/ FPGAandCPLD/iCE40 (accessed on 18 September 2018). iCEcube 201708 Tutorial. Available online: http://www.latticesemi.com/Products/DesignSoftwareAndIP/ FPGAandLDS/iCEcube2 (accessed on 18 September 2018). Krieg, C.; Wolf, C.; Jantsch, A. Malicious LUT: A stealthy FPGA trojan injected and triggered by the design flow. In Proceedings of the International Conference on Computer-Aided Design (ICCAD), Austin, TX, USA, 7–10 November 2016. © 2018 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).