On 26/9/22 04:36,
gnuarm.del...@gmail.com wrote:
> On Saturday, September 24, 2022 at 3:42:02 AM UTC-4,
gnuarm.del...@gmail.com wrote:
>> My customer is asking for a redesign of a very profitable board to deal with components that are EOL. Because of delivery issues from the EOL components, they are asking for the IP and manufacturing rights if I can't build them adequately. This seems a bit egregious, but I'm willing to do it if I can protect my financial interests.
>>
>> The ideal solution would be a device of some sort, soldered to the board, that disables the design if a serial number does not match in some way. But I can't figure out a way to do this that can't be circumvented.
>>
>> I've been assuming they would want the source code for the FPGA, but maybe not. If they have the source code, I don't think I can make the design secure. They can always alter the code to remove the dependency on the key. But if they don't demand that, a one wire chip could be added to provide adequate security. I believe Maxim will sell you registration numbers, so you have your own private devices for authentication.
>>
>> I guess I need to learn more about this.
>
> If I am going to give them source code for the FPGA, the only way I can assure they can't build units without compensation, is to have a part on the board that is essential to the operation, and is only available from me.
Firstly, if they're trying to ensure robustness against future supply
shortages, i.e they might need to change to a different FPGA, they're
going to need the source code anyway.
Secondly, if you add a smaller chip to add authentication, it needs to
perform some critical function that cannot easily be replicated. That
is, it needs to be the part that implements your core innovations.
Removing it (and changing the FPGA code) must not result in a workable
device.
If you can do that without incurring the exact same continuity problem
that you could have with the main chip, go for it. But I think this kind
of secure lockout is much harder than you think, and probably harder
that it's worth.
Another path that might work with some networked equipment is to design
it to either "phone home" periodically, or to expire an internal license
key that must be renewed to restore operation. But that's more
appropriate for a high-value device where you don't charge your
customers, and may only be legal in a rental/subscription model, not
outright ownership. It typically engenders so much ill will among buyers
that you'll sell enough more without any protection to make up the
difference.
Business is built on relationships of trust. If you don't trust these
folk, and can't get them to agree to some regime that will keep your
confidence, quit them and find someone else to do business with.
Clifford Heath.