comment on this article

Microsemi reacts to ProASIC3 fpga 'backdoor' claim

Microsemi's ProASIC3 fpga

Two researchers claim to have used a variant of differential power analysis (dpa) to bypass the security settings in Microsemi's ProASIC3 fpgas – whose applications include secure military systems. Using pipeline emission analysis (pea) techniques, the researchers say they have managed to disable all security settings, while reprogramming other features.

In their paper (for more, follow the link below), the researchers claim they were able to detect and analyse a backdoor in ProASIC3 chips. They say this backdoor exists in silicon, rather than in firmware, and leaves devices open to a range of attacks.
The researchers claim that, by using pea techniques, they could discover a 'secret key' which allows access to an internal test mode, through which it is possible to disable all security on the chip. Microsemi has responded, claiming there is no designed feature in ProASIC3 fpgas that would enable user security to be circumvented.
In a statement, the company said the internal test mode could only be accessed by customers entering a passcode. It added that, because the researchers have not been in contact, their claims cannot be verified.
In the past, fpgas have been seen as a potential weak link when it comes to design security because, in many cases, the fpga's program would be loaded from a discrete memory and that data flow is open to abuse. However, more recent designs have addressed this issue through the use of AES encryption.
Nevertheless, Microsemi has acknowledged that fpgas are potentially vulnerable to dpa style attacks. "Microsemi anticipated the increasing threats to silicon device security from dpa type attacks and took action several years ago by licensing the dpa patent portfolio of Cryptography Research," it noted. This technology is said to be a feature of a new fpga range due to be launched shortly by Microsemi.
Meanwhile, it says users have the ability to program fpgas using the highest security setting. By selecting this, the use of any passcode to gain access to any device configuration is disabled.
The research paper does concede that ProASIC3 devices are 'at least 100 times harder to attack using DPA than non protected conventional microcontrollers' and that any attacks on the chips would be 'quite a challenging task'.

Graham Pitcher

Comment on this article

This material is protected by MA Business copyright See Terms and Conditions. One-off usage is permitted but bulk copying is not. For multiple copies contact the sales team.

What you think about this article:

Add your comments


Your comments/feedback may be edited prior to publishing. Not all entries will be published.
Please view our Terms and Conditions before leaving a comment.

Related Articles

Pushing the envelope

The demands of the IoT are pushing wireless MCU developers to create devices ...

The quest for power

The race is on to develop new battery chemistries and manufacturing processes – ...

Silicon stowaways

Trojans aren’t restricted to the software domain; in some instances, hardware ...

Power management IC

A power management IC, known as the ARG82800, has been launched by Allegro ...

HES conference

The High-End Sensors (HES) international conference will be held between April ...

MicroTech 2018

On April 9-10, 2018 the MicroTech exhibition will be held at the Royal Holloway ...

Get to market faster

A quick look at using Vicor's PFM and AIM in VIA packaging for your AC to Point ...

Embedding voice

As usual, the Consumer Electronics Show (CES) saw a bewildering array of smart ...

Tech trends

Last year was a busy one for technology and 2018 is unlikely to be any ...

Shaping the future

Alexander Everke, the CEO of ams, started his career in the semiconductor ...