PLDs and FPGAs
Depending on the product, protecting your intellectual property inside programmable logic devices (PLDs) and field programmable gate arrays (FPGAs) can be just as important as protecting firmware and data in memory. Essentially, SRAM-based devices are the most vulnerable to attack due to their requirement to have configuration memory external to the device (stored in separate nonvolatile memory or program firmware), which is then loaded into the FPGA on power-up. The bit stream between the configuration memory and FPGA simply needs to be monitored to retrieve the entire FPGA configuration.
Be sure to implement protection against simple I/O scan attacks, in which an adversary attempts to reverse-engineer a programmable logic design by cycling through all possible combinations of inputs and then monitoring the outputs to determine the internal logic functions. This type of attack is easiest against low-density PLDs with dedicated inputs and outputs and for designs containing only asynchronous circuits and latches. A solution would be to use unused pins on the device to detect probing or tampering. Pins could be set to inputs, and if they detect a level change, the device can assume it is being probed and perform a countermeasure or response. Additionally, when designing state machines in FPGAs, ensure that all conditions are covered and that defaults are in place for unused conditions. Otherwise, an attacker may be able to put the FPGA into an indeterminate state through fault-generation attacks.
Consider adding digital "watermarks" to your design in the form of unique features or attributes that can be used later, if necessary, to prove that a design claimed by a competitor to be original is actually a copy. With any type of device used, take advantage of any on-chip security features that the device may offer. Even enabling the simple security fuse/software protection bit adds a level of protection compared to not enabling it at all.