Bunnie Huang is working on Betrusted [1], a communications device that is designed to be secure from state actors. The first step is Precursor (about: [2], purchase:[3]) the hardware and OS that will be the platform for the communications device.
It's designed to be secure even though it communicates via insecure wifi, for instance via tethering or at home. The CPU and most peripherals are in an FPGA with an auditable bitstream to program the device to ensure there are no back doors. Hardware and software are all open source. It has anti-tamper capability.
It's not rigorously provable, but to a large extent a "backdoored FPGA" is complete nonsense and not even worth considering.
The manufacturer/adversary knows nothing about your core design or where you'll place logic. Synthesis tools literally randomize routing and placement on each run as a natural consequence of routing being strongly NP. Further, once you add in the fact that FPGAs are often fairly high volume goods since the same chip is sold to thousands of different companies, it makes even less sense since now you have to have a backdoor that activates only on specific random designs but not any other design in regular industry use since an activation would lead to incorrect circuit behavior there. You'd also need this behavior to not show up under automated verification (you're running a verification suite against your chips, right??) which is nearing on science fiction. While, I guess you could do something like this, it'd be wildly impractical in every sense of the word.
FPGAs just have a much lower essential complexity.
Adding one undocumented latch is enough to undermine an ASIC CPU. To do that to an FPGA, you'd have to know where the layout engine is putting the circuit you intend to pwn, and good luck with that staying still under any revision.
If this did become a problem, a technique analogous to memory randomization could be employed to make any given kernel unique from the hardware's perspective.
You can’t of course know, but modifying the mask of a modern chip (millions of dollars by itself), slipping those mask(s) (you need many, one per layer of material) into production to target a subset of devices, in a way that lets you inject faults and lets you own the design the FPGA is emulating, is nuclear power level. And would imagine they would not risk it very often if at all due to the fallout it could cause.
A microcontroller on 130nm? Different story probably. Still crazy hard
It's designed to be secure even though it communicates via insecure wifi, for instance via tethering or at home. The CPU and most peripherals are in an FPGA with an auditable bitstream to program the device to ensure there are no back doors. Hardware and software are all open source. It has anti-tamper capability.
It looks well-thought-out.
1. https://betrusted.io/
2. https://www.bunniestudios.com/blog/?p=5921
3. https://www.crowdsupply.com/sutajio-kosagi/precursor