SRAM-based FPGA(Field Programmable Logic Arrays) requires external memory since its internal memory gets erased when power is cut off. The process of transmitting the circuit netlist in bitstream from external memory during power-up in FPGA is vulnerable to malicious attacks such as bitstream theft and tampering. Previous FPGA reverse-engineering methods focus on FPGAs, supported by ISE (ISE Design Suite). This is because ISE provides XDLRC (Xilinx Design Language Routing Configurable logic) and XDL (Xilinx Design language) files, which are essential for reverse engineering. However, Vivado Design Suite (Vivado) does not offer those files, making it impossible to extend the coverage of reverse engineering to the FPGAs supported by Vivado. In this paper, we propose a method to generate XDLRC and XDL through Vivado. According to experimental results, the XDLRC and XDL generated through Vivado, respectively, match 99% and 75% with those generated in ISE for Artix-7 100T. As a result, this paper has expanded the scope of reverse engineering from being mainly focused on ISE to now also include Vivado. It is important to note that this paper does not encourage bitstream attacks through reverse engineering but rather highlights the risk associated with malicious attacks and emphasizes the importance of security.
Read full abstract