Interesting People mailing list archives
Cadence Official Position on Protected Code
From: David Farber <farber () central cis upenn edu>
Date: Mon, 27 Sep 1993 18:14:40 -0400
From: Bruce R Koball <bkoball () well sf ca us> Date: Mon, 27 Sep 1993 15:04:42 -0700 Dave, The following is an article that I posted in the EFF conf on the WELL. I thought it might be grist for your interesting people mill. -------- A recent anonymous posting in the comp.lang.verilog newsgroup on Usenet has generated a raging controversey and threatens to shake up the electronic design automation (EDA) community. The posting was a program that broke the encryption scheme used to protect the proprietary libraries that are part of Cadence Design Systems high-end IC design tool Verilog-XL. Verilog is a sophisticated CAD tool that allows engineers to design and simulate new chips before they are manufacturered. These libraries contain detailed descriptions of integrated circuit building blocks (called cells) and are usually supplied by different chip manufacturers in an encrypted format because their information could be used to reverse engineer the proprietary cells and the chips built with them. Cadence also uses the encryption to prevent these libraries from being used with lower-cost Verilog clones that are available. The anonymous poster claimed that he was doing this in protest of Cadence's pricing policies. The program was written in Perl, a Unix scripting language, and contained Verilog encryption tables. It exploited debugging features that were left in Verilog by Cadence programmers to break Verilog's rather simple encryption scheme. Cadence's response on the net was swift and strongly worded:
Newsgroups: comp.lang.verilog From: robert () cadence com (Robert Donohue) Subject: Cadence Official Position on Protected Code Organization: Cadence Design Systems, Inc. Date: Thu, 16 Sep 1993 00:11:36 GMT On September 14, 1993, someone posted on the 'Internet' a program relating to Cadence Design Systems Verilog technology. This disclosure was unauthorized by Cadence and is illegal. Any copying of the program or any use of it would be unlawful, subjecting the infringer to substantial civil and, potentially, criminal penalties. Cadence is investigating this unauthorized disclosure and copying, and will take all available legal actions against the person who made the disclosure when his or her identity is learned. Any person or entity using such illegally posted code will also be the subject of the same legal action. You should immediately destroy any copy you may have made of the program. Anyone having information about the illegal posting should contact Robert Donohue, Cadence's General Counsel, at 'robert () cadence com' or telephone (408) 944-7748 or fax at (408) 944-0215 in the United States.
As might be expected, much heat has been generated in subsequent net discussions. Several issues are at stake. There has been some discussion over the legality of the posting and potential subsequent use of the Perl script. Cadence has apparently received heat from its users for what some have perceived as its heavy-handed reaction. Some Verilog users have complained that hacking on the libraries is sometimes necessary because of the insufficient documentation of their contents. Perhaps the most serious implication for the EDA community is the apparent ease with which the protection of numerous ASCI vendor's intellectual property was broached. The data contained in these libraries are the "crown jewels" for these chip manufacturers and are typically protected by non-disclosure agreements between the manufacturers and their customers. There has been some mention of liability on Cadence's part for any unauthorized disclosure that may occur. Finally, this incident will undoubtedly provide more ammunition for those who have been criticising the growing phenomenon of anonymous remailing services on the net.
Current thread:
- Cadence Official Position on Protected Code David Farber (Sep 27)