Bitstream Reverse Engineering of Microsemi’s VersaTile-based FPGAs

Bitstream Reverse Engineering of Microsemi’s VersaTile-based FPGAs

연구 분야: Analysis

학회: 2021 IEEE Physical Assurance and Inspection of Electronics (PAINE)

Recent research has shown that it is possible to render Xilinx FPGAs vulnerable to security issues such as injecting trojans, compromising cryptographic primitives, or bypassing secure boot authentication by bitstream reverse engineering techniques. Despite bitstream encryption, side-channel analysis can break it according to previous research. Similarly, bitstream encryption of Microsemi ProASIC3 FPGAs has been reported to be broken by side-channel attacks. However, reverse engineering of the Microsemi bitstream has not yet been addressed. In this study, we reverse engineered the FPGA bitstream of Microsemi, now Microchip, for the first time. After devising bitstream analysis models for programmable logic elements, called VersaTiles, and some programmable routes, we introduced algorithmic methods of reverse engineering. Consequently, VersaTiles and the analyzed routes were recovered 100% accurately for VersaTile-based FPGAs including ProASIC3, IGLOO2, and Fusion FPGAs.