The Problem Every FPGA vendor keeps the bitstream format for their device secret. Only the tools provided in binary-only format by the vendor (and a select few third parties under NDA) can generate these bitstreams. Currently, this is a major impediment to the development of an open source FPGA toolchain, as well as to “next generation” FPGA designs involving evolution, self-reconfiguration, peer-reconfiguration, self-placement self-routing, and on-the-fly defect repair. Arguments for bitstream secrecy (and rebuttals) To protect our customers' designs from reverse engineering Almost every FPGA vendor offers a device that either loads an encrypted bitstream from off-chip memory (the decryption key is held in tamper-proof memory on the FPGA), or else integrates the configuration memory into the same package as the FPGA. Moreover, as NeoCad demonstrated, reverse engineering the bitstream itself isn't really that hard. In reality, this is unlikely to be a barrier to a serious reverse-engineering effort. A Xilinx employee claims that this would be “too expensive” by providing anecdotal evidence about a single unnamed firm he contacted. However, hard empirical evidence shows that this is not true in general. To protect the structure of our chip so our competitors can't mimic it It's highly dubious that the format of the bitstream would really offer much insight into the physical structure of the device. Even then, there are plenty of overseas companies which specialize in extracting dies and reconstructing a mask image from them. Ultimately the only real protection against this concern is the Semiconductor Mask Protection Act US Code, Title 17, Chapter 9, which was successfully used for exactly this purpose in Altera v. Clear Logic. Bitstream secrecy is neither necessary nor sufficient. We'd have to support people doing all sorts of strange things Of course not. If you fiddle with the microcode on your Pentium chip and go crying to Intel, they're going to laugh at you. FPGA vendors are entitled to the same boundaries. We make money off the tools Xilinx says that this is not true. Customers will damage their FPGAs with invalid bitstreams, and blame us for selling unreliable products. This used to be true when FPGAs had internal tristate resources (so you could drive the same net from competing sources); this is no longer the case for modern devices.



