For a while I have been looking very closely at how FPGA cores are distributed (the common term is “IP cores”, or just “IP”, but I try to minimize the use of this over-used catch-all catch phrase). In what I hope to be a series of posts, I will mostly discuss The problem (rather than solutions), as I think that that needs to be addressed and adequately defined first. I’ll start with my attempt at a concise definitions of the following:
FPGA: Field Programmable Gate Arrays are generic semiconductor devices comprising of interconnected functional blocks that can be programmed, and reprogrammed, to perform user-described logic functions.
Cores: ready-made functional descriptions that allow system developers to save on design cost and time by purchasing them from third parties and integrating them into their own design.
The “cores distribution problem” is easy to define, but challenging to solve: how can a digital design be distributed by its designer such that he can a) enable his customer to evaluate, simulate, and integrate it into its own, b) limit the amount of instances that can be made of it, and c) make it run only on specific devices. If this sounds like “Digital Rights Management” to you, that’s exactly what it is: DRM for FPGAs. Despite the abuse of some industries that made a bad name for DRM, in our application there may be benefits for both the design owner and the end user. We also know that enabling the three conditions above for a whole industry is challenging, and we are not even close to a solution.
The problem isn’t new, ASIC cores designers have been having trouble with this issue for years: run-on-fraud, copying, etc. The solution they arrived at is mostly based on trust and good reputation—valuable assets that are slowly gained yet easily lost—rather than cryptography. Big companies shaking hands with other big “trusted” companies relying on the potential reputation loss as an acceptable guarantee for honesty (plus a legal document). Apparently, this still works well for big companies, and while cryptographic solutions would be nice in order to alleviate the need for trust and provide for smaller companies world-wide, there is no real rush. “Panel unscrambles intellectual property encryption issues” has a very revealing discussion from the industry’s perspective and is well worth the read.
Back to FPGAs, with their unique use model, the trust-based system holds here as well; established companies can afford to purchase a blanket license for cores, are trusted, and that lets them use those as they like. You might have a problem, though, if you are a small and obscure company. As a poor start-up designer, you want to save time and money by taking advantage of “design-reuse”, but you can’t afford blanket licensing, and you may not be big enough, or in the right country, to be trusted even if you sign the NDA/licensing agreement. So, you either spend the time developing the design in-house, perhaps missing that three month opportunity window, or you give up. FPGA DRM could help you here because it will enable a pay-per-use model. You will be able to pay only for the instances of the core you use regardless of your company’s “trust status”, starting with small quantities until you hit it big. In turn, pay-per-use also benefits cores designers by giving them business that they wouldn’t have gotten otherwise. Both sides win. Sort of. More in Part 2.