Reversing a Lattice ECP3 FPGA for Bitstream Protection

Document Type

Conference Proceeding

Publication Date



Field programmable gate arrays are used in nearly every industry, including consumer electronics, automotive, military and aerospace, and the critical infrastructure. The reprogrammability of field programmable gate arrays, their computational power and relatively low price make them a good fit for low-volume applications that cannot justify the non-recurring engineering costs of application-specific integrated circuits. However, field programmable gate arrays have security issues that stem from the fact that their configuration files are not protected in a satisfactory manner. Although major vendors offer some sort of encryption, researchers have demonstrated that the encryption can be overcome. The security problems are a concern because field programmable gate arrays are widely used in industrial control systems across the critical infrastructure. This chapter explores the reverse engineering process of a Lattice Semiconductor ECP3 field programmable gate array configuration file in order to assist infrastructure owners and operators in recognizing and mitigating potential threats.


The "Link to Full Text" opens the conference paper, hosted at the publisher website by the Springer Nature SharedIt content sharing initiative. A PDF download is available from that view.

The rights of this work are transferred to the extent transferable according to Title 17 U.S.C. 105. © This is a U.S. government work and not under copyright protection in the United States; foreign copyright protection may apply 2018

Source Publication

IFIP Advances in Information and Communication Technology -- Critical Infrastructure Protection XII. ICCIP 2018