--- Quote Start ---
Depends what you mean by 'secure'. You could have a generic FPGA image that gets distributed to all users, but you have a microSD/SD card attached to the FPGA, that only your startup code can read, that has the 'secure' keys that you distribute that is user specific. Or if it does not need to be replaceable use a separate soldered down SPI flash memory chip that has the secure data that is specific to each board (in case 'removable' storage for the data is not an option).
--- Quote End ---
The consequences of the data being compromised is that our product (a security method) could be then used to tamper with devices that "trust" it, i.e. spoofing or impersonating a trusted device. The IP core protocol engine is not so much a concern as is the contents of that ROM. The method itself has been published and wouldn't be difficult to mock up in an HDL. The ROM contents are the "identity" of the particular device in a system. In our targeted market, customers (ideally) would like "absolute security" if such a thing were possible.
A custom block solution would be feasible since AES decryption is relatively inexpensive. It would require access to an AES key provisioned somewhere having the same type of security the ROM data has.
Thanks both for your input.
Honored Contributor
