Luna Innovations Incorporated (NASDAQ: LUNA), a leading player in integrated circuits security, has developed technology that uses reverse engineering of field-programmable gate array (FPGA) bitstream design files to improve design integrity and further enhance cybersecurity.
Luna makes it possible to perform high-reliability verification of FPGA designs at a bitstream level to detect any malicious functionality. This is particularly important to keep defense microelectronic systems trusted, safe and mission ready.
FPGAs function as programmable processing chips and are widely used in defense systems because commercially produced FPGAs are affordable and customizable.
“Our technology is like a virus scan for field-programmable gate array designs,” said Jonathan Graf, Director of Secure Computing and Communications Technologies for Luna. “The FPGA is a microelectronic device and the bitstream tells it what to do. Now, our customers are able to directly verify that the bitstream does what they want it to do and nothing else. Luna’s technology provides the unprecedented ability to detect errors and potential security compromises.”About $4 billion in FPGAs are purchased each year for use in computing and telecommunications systems. Initially proven in the Defense Advanced Research Projects Agency’s TRUST in Integrated Circuits program, Luna’s bitstream conversion technology creates trust in FPGA designs by verifying design integrity, ensuring no additional operations are performed, and assuring that a bitstream-level design operates as the designer intended. The technology also has potential in commercial applications. An FPGA bitstream is a vendor‐specific binary format, and until now there have not been sufficient methods to guarantee that it contains exactly what a designer intended. Traditionally, verification of the final design implementation is limited to spot checking the design in hardware. Unfortunately, this type of testing often cannot provide full coverage of a design, and cannot fully address the potential for errors. This is of particular concern to high‐reliability systems that must confirm that their bitstream is exactly as intended.