Re: Most people don't realize how how vulnerable FOGAs are
We work on FPGA security and it is indeed a complex matter.
Can you provide here more details on "device company in the Bay Area"?
We can reverse engineer netlists from Xilinx bitstreams and while such a netlist looks obfuscated in the first place, you can identify things like ring-oscillators, vectors (e.g., through following carry chains) or even constructs like AES s-boxes.
We are working on an academic tool to insert hardware Trojans (and means to detect such Trojans), so any real-world test case would be interesting for us.