We define a security model for FPGAs that provides virtualization and sharing of the reconfigurable fabric. The approach is to encapsulate the reconfigurable fabric within the context of a standard OS process, separated from the security-sensitive resources iff the process is a user-mode one. The key elements of the model are the software application loader and the physical interface between the processor and reconfigurable fabric. The basic approach is to virtualize the reconfigurable fabric by encapsulating it within the virtual memory confines of the application process(es) that uses it. A fabric configuration file must pass a number of security checks before it gains the trust of the system software. The system loader only loads images signed by a locally recognized entity and applies standard tamper detection tests to the executable images and to the fabric configuration files. Before the fabric is loaded, the interconnection points in the configuration file are checked for location, direction, and routing of the signals that cross the interface to the processor. System software applies functional tests before enabling a minimal set of signals and the full interface only after the file passes additional tests. Privileged signals are only available for certified privileged-mode fabric configurations. We implemented the model in the eMIPS dynamically extensible processor [25]. A standard MIPS ISA operates in conjunction with one or more reconfigurable Extension slots. Applications of eMIPS include zero-overhead online software verification, application-specific hardware accelerators, a secure and extensible software debugger, and loadable I/O peripherals and bus interfaces. The new functionality supports additional security defenses. Two instances include debugging support and intrusion detection.