Microsemi tackles FPGA security worries
The FPGA is used in military and aerospace designs, including the Boeing 787 Dreamliner. Last year researchers at QVL Labs, part of the University of Cambridge, used new algorithms for differential power analysis (DPA) to acquire the encryption key from the device with basic lab setup (left). The lab also found issues with security in many other commercial devices.
Microsemi denies there is a risk, but also points out that it has licensed DPA technology that will be used in its next generation of ‘soon to be announced’ FPGAs. The ProASIC3 devices were designed in 2002 and launched in 2005 by Actel.
“The researchers assertion is that with the discovery of a security key, a hacker can gain access to a privileged internal test facility typically reserved for initial factory testing and failure analysis,” said the company. “Microsemi verifies that the internal test facility is disabled in all shipped devices and can only be entered in a cusotme4r programmed device when the customer supplies their passcode thus preventing unauthorized access by Microsemi or anyone else.”
“We anticipated the increasing threats to silicon device security from DPA-type attacks and proactively took action several years ago by licensing the DPA-patent portfolio of Cryptography Research Inc for in our next generation devices.”
The researchers believe they may have found a deliberate backdoor to the device, a claim Microsemi denies. “We can confirm that there is no designed feature that would enable the circumvention of the user security,” said the company.