Unbreakable Security: How PolarFire FPGAs Use PUF Technology to Eliminate System Cloning

Introduction

With the rise of connected embedded systems in critical applications such as defense, industrial automation, and edge computing, hardware security is more important than ever. A common threat facing hardware manufacturers is system cloning, where attackers replicate devices to bypass authentication, steal IP, or introduce counterfeit products. To combat this, Physical Unclonable Function (PUF) technology has emerged as a cornerstone of hardware-level security. Microchip PolarFire ® FPGAs integrate PUF technology directly into their silicon, offering a low-power, tamper-resistant platform to implement secure, anti-cloning systems without external key storage or secure elements.

What is a Physical Unclonable Function (PUF)?

A Physical Unclonable Function uses the inherent, uncontrollable manufacturing variations in silicon to create a unique fingerprint for each chip. This fingerprint can be used to derive cryptographic keys on-demand, eliminating the need to store keys in memory—thereby reducing attack surfaces such as side-channel or physical probing attacks.

Key Properties of PUFs:

  • Uniqueness: Each chip produces a distinct and non-reproducible response.

  • Unclonability: The physical response cannot be replicated, even by the original manufacturer.

  • Tamper resistance: Physical tampering alters the response, breaking key derivation.

  • No key storage: Keys are dynamically generated, reducing risk of key compromise.

PUFs thus serve as a Hardware Root of Trust (HRoT) for device authentication, secure key management, and anti-cloning protection.

How PUFs Prevent System Cloning

By tying critical security operations—such as boot authentication, bitstream decryption, and key management—to PUF-derived secrets, devices can prevent attackers from replicating functionality, even with a full copy of the system firmware or FPGA design.

Anti-Cloning Use Case:

  • During provisioning, a device-specific secret is derived from the PUF and used to encrypt critical assets (e.g., bitstream or firmware).

  • When the device boots, it reconstructs the same secret from its PUF response using stored helper data.

  • Cloned devices—even with the same firmware and configuration—cannot reconstruct the correct key and fail secure boot or decryption.

The strength of this approach lies in the fact that the key never exists in non-volatile storage and can only be regenerated by the original silicon.

PolarFire FPGA PUF Capabilities

Microchip PolarFire and PolarFire SoC FPGAs integrate a secure and lightweight non-volatile Flash-based PUF architecture. This implementation exploits subtle process variations in flash memory cells to derive device-unique secrets.

Key Features:

  • On-demand key generation: Secrets are derived from the PUF during boot or runtime.

  • Secure helper data management: Helper data (used to stabilize the PUF response) is stored securely and does not reveal the key.

  • No key storage: The cryptographic key is not persistently stored in the device.

  • Tamper resistance: PUF behavior changes under physical attack, invalidating key reconstruction.

  • Integration with secure boot and bitstream decryption.

While Microchip allows multiple PUF-based keys to be derived depending on configuration, the exact number is not publicly documented and may depend on the implementation of the secure key storage services within the FPGA fabric.

Cryptographic Integration:

PolarFire FPGAs also feature integrated cryptographic accelerators (AES, SHA, ECC) that work alongside PUF to implement secure boot, secure updates, and encrypted configuration loading. Though designed with NIST-recommended cryptographic standards, explicit FIPS 140-2 validation for the PUF subsystem is not listed in current public certifications.

Implementing PUF-Based Anti-Cloning Security in SOM1 and SOM1 SOC

Step 1: Provisioning

  • PUF is enrolled in a secure environment.

  • A cryptographic key is derived from the PUF response.

  • Helper data is generated to allow key reconstruction and stored in a protected, non-volatile area.

Step 2: Secure Deployment

  • On power-up, the device reconstructs the PUF key using the helper data.

  • The key is used to decrypt the bitstream or validate the firmware image.

  • Any device lacking the same physical PUF response will produce an incorrect key, and the boot will fail.

Step 3: Runtime Integrity

  • Application-level keys and credentials can also be tied to the PUF.

  • Secure debug access, firmware updates, or feature activation can be gated by the device-unique PUF identity.

Applications of PUF on PolarFire FPGAs

Application Benefit
Secure Boot Only devices with the correct PUF response can decrypt and execute firmware.
Bitstream Protection Prevents unauthorized duplication or reverse engineering of FPGA configurations.
Device Identity & Authentication Enables cryptographic device ID without storing credentials.
License & Feature Management Ties feature sets or application licenses to a single, authentic device.
Trusted Supply Chain Supports anti-counterfeiting and end-to-end device verification.

Conclusion

Physical Unclonable Function (PUF) technology provides an intrinsic, silicon-based mechanism for anchoring device identity and cryptographic keys. By incorporating PUF directly into the FPGA fabric, Microchip PolarFire FPGAs allow developers to implement anti-cloning, secure boot, and device authentication without relying on external key storage or complex hardware security modules.

While helper data and secure provisioning are part of the design, the system remains highly tamper-resistant and scalable. For applications requiring a low-power, secure, and customizable platform, PolarFire FPGAs with integrated PUF offer a robust solution rooted in hardware.

References