bitstream secrecy

Sébastien Bourdeauducq sebastien.bourdeauducq at
Tue Sep 7 18:54:04 EDT 2010

Forgot to say that:
* the Xilinx toolchain accepts EDIF: so it can be interfaced with an open 
source synthesis front-end
* the Xilinx toolchain can convert between the proprietary/binary NCD format 
and the human readable XDL format.
* The NCD format (used by most of the Xilinx tools) is basically a bitstream 
in a different format and with additional information (net names, unrouted 
nets, etc.) that is stripped down before downloading to a FPGA chip. It can be 
edited at chip level using a tool called "FPGA Editor", and can be converted 
into bitstream format. So a 3rd party P&R tool can be made to put out XDL for 
debugging both with the real chip and by examining the result in FPGA Editor - 
without any reverse engineering of the bitstream format proper, just by using 
the XDL format and appropriate XDL->NCD and NCD->BIT conversion programs.

By the way: NCD stands for "NeoCAD Circuit Description". At one point, one 
startup company, NeoCAD, was developing alternative P&R and timing tools for 
Xilinx devices (via reverse engineering it seems). After somewhat conflicting 
relations with Xilinx, they eventually got bought out by Xilinx 
( who 
"blessed" the NeoCAD suite as their default toolchain. Interestingly enough, 
the Lattice tools are also "rebranded" NeoCAD tools, but I do not know the 
story behind this.

If you used the Xilinx tools in command line (even in 2010), you can clearly 
see the NeoCAD legacy in the very program output:

So you see, reverse engineering is possible ;)

Another interesting paper on the bitstream format:


More information about the discussion mailing list