Deriving an NCD file from an FPGA bitstream: Methodology, architecture and evaluation

Abstract This paper demonstrates a reverse engineering method that takes a bitstream as input and produces an NCD (Native Circuit Description) file for a Xilinx FPGA chip. The work can be divided into two parts: mapping table generation and NCD generation. The mapping tables include the mapping relation among configurable points, configurable options, control bits and control values. An automatic distributed high performance analysis architecture and offset formula theory are developed to quickly generate the test cases, work out the mapping tables and verify their correctness. Based on the tables, we generate an XDL (Xilinx Design Language) file which is equivalent to the NCD file. Our work is the first which can rebuild the NCD file for a bitstream. We also evaluate our method with respect to time consumption and accuracy rate. Benchmarks using real circuits indicate that the accuracy rate on XC5VLX50T is above 88% even in the worst case. Our method is applicable to all series of Xilinx FPGA chips and the accuracy can be guaranteed if the scale of the chip is increased.