They have procured programmable logic chips (FPGA) with the feature that the configuration data that defines the function on powerup can be encrypted/signed.
The configuration is commonly stored in a small serial eeprom (tiny 8-pin chip) and automatically read when the FPGA powers up. The content of this chip is often called "bitstream", this configuration eeprom/flash is sometimes also internal to the FPGA.
The key this configuration is encrypted with is supposed to be stored securely inside the FPGA, but they managed to extract it using undocumented commands on the "debug port" (JTAG) that the vendor explicitly claimed did not exist.
Note: This is an interface that normally is not easily accessible from the outside, but sometimes connected to a microcontroller to update the FPGA configuration.
Theoretically someone who gets access ("normal" computer backdoor over the network) to such a device might be able to re-program the chip thereby causing malfunction or add a flaw deliberately. The second scenario would be to decrypt the configuration information, "decompile" it and learn about secret algorithms or functions.
The configuration is commonly stored in a small serial eeprom (tiny 8-pin chip) and automatically read when the FPGA powers up. The content of this chip is often called "bitstream", this configuration eeprom/flash is sometimes also internal to the FPGA.
The key this configuration is encrypted with is supposed to be stored securely inside the FPGA, but they managed to extract it using undocumented commands on the "debug port" (JTAG) that the vendor explicitly claimed did not exist.
Note: This is an interface that normally is not easily accessible from the outside, but sometimes connected to a microcontroller to update the FPGA configuration.
Theoretically someone who gets access ("normal" computer backdoor over the network) to such a device might be able to re-program the chip thereby causing malfunction or add a flaw deliberately. The second scenario would be to decrypt the configuration information, "decompile" it and learn about secret algorithms or functions.