February 17, 2014

FTDI FT232RL: real vs fake

For quite some time when you buy FTDI FT232RL chips from shady suppliers you have a good chance of getting mysteriously buggy chip which only works with drivers 2.08.14 or earlier. We've got a pair of such FTDI FT232RL chips - one genuine and one fake and decided to check if there is an internal difference between them. On the following photo - left one is genuine, right one is fake. One can notice difference in marking - on genuine chip it's laser engraved while on buggy it is printed (although this is not a universal distinguishing factor for other chips).



Genuine FT232RL



After etching metal layers:


Let's take a closer look at different parts of the chip. Here are rows of auto-synthesized standard cells:


EEPROM:


SRAM:


Fake FT232RL

This chip is completely different! We can notice right away that number of contact pads is much higher than needed. Chip has marking "SR1107 2011-12 SUPEREAL"


After etching metal layers:


Closer look at standard cells:


Different block of the chip has different look of standard cells. It is likely that some modules were licensed(?) as layout, not HDL:


First type of SRAM:


Second type of SRAM:


Finally - mask ROM programmed on poly level, so we can clearly see firmware data:


Comparison of manufacturing technology

ChipDie sizeTechnologySRAM cell area
FTDI FT232RL3288x3209 µm600-800 nm123 µm2
Fake FT232RL3489x3480 µm500 nm68 µm2 and 132 µm2

While technology node is comparable, it seems that original FT232RL used less metals, hence much lower logic cell density. Fake chip is slightly larger despite slightly more advanced technology.

Resume

It seems that in this case Chinese designers implemented protocol-compatible "fake" chip, using mask-programmable microcontroller. This way they only needed to redo 1 mask - this is much cheaper than full mask set, and explains a lot of redundant pads on the die. Fake chip was working kinda fine until FTDI released drivers update, which were able to detect fake chips via USB and send only 0's in this case. It was impossible to foresee any possible further driver checks without full schematic recovery and these hidden tricks saved FTDI profits.

What's the economic reason of making software fake of well-known chip instead of making new one under your own name? This way they don't need to buy USB VID, sign drivers in Microsoft, no expenses on advertisement. This fake chip will be used right away in numerous mass-manufactured products. New chip will require designing new products (or revisions) - so sales ramp up will happen only 2-3 years later. Die manufacturing cost is roughly the same for both dies (~10-15 cents) .

From now on one should pay more and more attention when working with small shady distributors. Their slightly lower price could cause numerous hours of debugging fun.

Update 23th of October 2014: In our original conversation with FTDI representatives back in February we suggested that making chips send 0's is a bad solution because it causes a lot of debugging headache for lots of people and that we feel the most adequate solution would have been to have drivers send "FAKECHIP" string. In this case the issue would have been immediately obvious for everyone, with a temporary, non-convenient workaround of using old drivers.

Unfortunately, current update of FTDI drivers in windows made things much worse: software-compatible chips abusing "FTDI" marking are now silently bricked by FTDI drivers by resetting their PID. This makes whole situation even more damaging for lots of end users who bought legitimate products built with good faith for the last 2 years and had no chance to know they were based on fake chip.

There is no doubt that FTDI have the right to protect their IP and products, but current situation causes way too much damage. As a company they should fight other companies and shady suppliers, instead of retrospectively punishing end users who cannot possibly know origin of each chip used by the product they bought year ago.

We are also worried by potential FTDI's liability for causing intentional damage to products they do not own. Misusing PID/VID is strictly not a crime (you just cannot put USB mark on your device), and we are not sure that all "compatible" chips are abusing FTDI's logo.

Update: Temporary unbrick solution available (although quite time consuming).

Update 25th of October 2014: FTDI driver in question is currently removed from Windows Update. Also, there is an update in official FTDI blog.