Recommended
More Related Content
What's hot
What's hot (20)
Similar to Security issues in FPGA based systems.
Similar to Security issues in FPGA based systems. (20)
Recently uploaded
Recently uploaded (20)
Security issues in FPGA based systems.
- 1. Managing Securities in FPGA- Based Embedded Systems Presenters: Rajeev Verma Pratheep Joe Siluvai Iruthayaraj
- 2. Why FPGA? ● Better performance. ○ Large number of bit level operations can be performed. ○ shifting, permutations are achieved ny just wiring. ○ extreme level of parallelism ○ low overheads ● Rapid time to market ● Flexible ● Truth tables or Lookup tables are used for hw acceleration. ● Applications ○ Face recognition systems, wireless networks, cryptographic applications, supercomputers and many security applications.
- 3. Reconfigurable systems ● Cryptographic algorithms are generally implemented on FPGA ● Encryption devices require strong isolation to segregate plaintext(red) from ciphertext(black). ● Unencrypted data should be unavailable for black network.
- 4. System Design! ● Shared resources in system ○ Shared DRAM, shared bus and shared AES encryption core. ● Domain-1 ○ MicroBlaze0, RS-232, Distinct memory portion ● Domain-2 ○ MicroBlaze1, an Ethernet interface, another distinct partition of memory
- 5. Applications need separation of data ● Aviation field. ○ Uses Commercial off-the-shelf (COTS) FPGA components. ○ Sensitive and non-sensitive data is processed in same device. ○ This isolation of the sensitive and non-sensitive data is achieved in modern FPGAs ● Intelligent video surveillance ○ FPGA provides deep computation pipelining and isolation. ○ Rely on 3 cores ■ Video interface for decoding ■ Encryption mechanism for processing the video ■ Network interface for sending data.
- 6. FPGA System Flow ● Cores can be generated by hand or by software like Xilinx Embedded Development Kit (EDK). ● Bitstream is the final code that goes to the core.
- 7. Reconfigurable Security Problems ● Design-tool subversion ● Composition ● Trusted Foundries ● Bitstream protection
- 8. Design-tool subversion ● Malicious design could destroy FPGA because of short circuit. ● Trusted tools should be used to develop trusted cores. ● Xilinx provide signed cores.
- 9. Composition problem ● As final design, we can trust the design as much as the least-trusted design path. ● Systems can be composed on ○ Device level ■ one or more IP cores resides on single chip ○ Board level ■ one or more chips on a single board ○ Network level ■ Multiple boards are connected through network ● Now, it is possible to copy the hardware from existing products. ● Protected IP could be a solution. ● a separate chip for each core can be used which can provide security advantage
- 10. Security issues with COTS ● COTS : Commercial off-the-shelf ● Manufacturer should not insert unintended functionalities into FPGA. ● All cores should be flawless so that attacker can’t exploit. ● Security flaws should not exist in running software or the compiler. ● Embedded device depends on other parts of larger nw should not be malicious.
- 11. Trusted-Foundry Problem and Bitstream Protection ● Trusted-Foundry Problem ○ ASIC is having problem of IP theft. ○ FPGA provide important security benefit over ASIC in this issue. ● Bitstream Protection ○ Securely Bitstream uploading is essential to avoid the IP-theft ○ These theft impacts the “Bottom Line” ○ Some FPGA’s can remotely updated in the field. ■ Requires secure channel and authentication.
- 12. Reconfigurable security solutions ● Life-cycle management ○ Configuration management stores software with version numbers. ○ Any new version is thoroughly tested before assignment of new version. ○ Control on development environment and tools can support accountability. ○ Alternative is to build a custom set of trusted tools for security critical HW. ○ A critical function of life-cycle protection ensure that o/p is not malicious. ● Secure Architecture ○ FPGA provides self-protected security mechanism at a low cost. ○ Examples ■ Memory Protection ■ Spatial Isolation ■ Tags ■ Secure Communication
- 13. Secure Architecture ● Memory Protection ○ Reference monitor is well known method for legal sharing of memory. ○ Reference monitor possesses ■ Self-protecting ■ Enforcement mechanisms cannot be bypassed. ■ Correct and complete. ● Spatial Isolation ○ Control on layout function provide spatial isolation in FPGA.
- 14. Secure Architecture cont.. ● Tags ○ Ability to track information and its transformation as it flows through the system. ○ Tag is metadata that can be attached to each piece of system data. ○ Tag can be used in FPGA at different granularity. ● Secure Communication ○ Cores need to share data so can’t be isolated. ○ Currently FPGA system use ■ Shared Memory ■ Direct connection ■ Shared Bus
- 15. Future Work ● Multicore Systems ○ Chip multiprocessors running multiple threads ○ SoCs with multiple single-purpose cores on single ASIC. ○ New techniques are needed to mediate secure, efficient communication of multi core system. ● Integration of security primitives. ○ If computing units are shared among security domains then temporal scheme might be required. ○ Spatial schemes, temporal scheme or tags should be designed which can meet security requirement and minimize overhead.
- 16. Future Work ● Reconfigurable Updates ○ Latest FPGA are capable of changing configuration on runtime. ○ These dynamic systems need more communication between core. ○ Cores state can be changed from executing to updated. ○ These are complicated systems and require new primitives for security. ● Channels and information leakage ○ Core are isolated still need communication through covert channel which can be insecure. ○ Another attack can be side channel attack. E.g Power-analysis attack.
- 17. Conclusion ● A Successful approach must combine life-cycle management and a coherent security architecture. ● Designing any trustworthy complex system is challenging. ● Hardware security is getting more and more important.