3. Introduction
Developed at Google by ATAP - Advanced Technology and
Projects group.
Project Vault is a secure computing environment
Designed on a microSD card
Works with any operating system
3
4. Introduction
Extremely Secure computing environment
Authentication is executed prior to startup
Two factor authentication is used
Encryption and decryption is performed.
4
5. Current Status
At development and testing phase in google labs at ATAP
Announced by google at I/O 2015
In beta version
Live on GitHub - https://github.com/ProjectVault
Applications being prototyped 5
6. Source Code
The project is developed in embedded
version of C and is fully open source and is available at
GitHub for suggesting and making editing.The operating
manuals and guides for troubleshooting the hardware are
also provided.
Technical Specifications
6
7. Example code snippet describing data structures used in
the project :
struct PhysPageEntry {
/* How many bits skip to next level (in units of L2_SIZE). 0 for a leaf. */
uint32_t skip : 6;
/* index into phys_sections (!skip) or phys_map_nodes (skip) */
uint32_t ptr : 26;
};
7
Source Code
10. Hardware Used
FPGA Based Development PCB
Advantages of using FPGA
1. Performance
2. Time to Market
3. Cost
4. Reliability
5. Long-Term Maintenance
10
12. Why FPGA
Performance — Taking advantage of hardware parallelism, FPGAs
exceed the computing power of digital signal processors (DSPs) by
breaking the paradigm of sequential execution and accomplishing more
per clock cycle. Controlling inputs and outputs (I/O) at the hardware
level provides faster response times and specialized functionality to
closely match application requirements.
12
13. FPGA technology offers flexibility and rapid prototyping capabilities
in the face of increased time-to-market concerns.You can implement
incremental changes and iterate on an FPGA design within hours
instead of weeks. Commercial off-the-shelf (COTS) hardware is also
available with different types of I/O already connected to a user-
programmable FPGA chip.
13
Time to market
14. The very nature of programmable silicon means we have no
fabrication costs or long lead times for assembly. Because system
requirements often change over time, the cost of making incremental
changes to FPGA designs is negligible when compared to the large
expense of respinning an ASIC.
14
Cost
15. While software tools provide the programming environment, FPGA
circuitry is truly a “hard” implementation of program execution. For any
given processor core, only one instruction can execute at a time, and
processor-based systems are continually at risk of time-critical tasks
preempting one another. FPGAs, which do not use OSs, minimize
reliability concerns with true parallel execution and deterministic
hardware dedicated to every task.
15
Reliability
16. As mentioned earlier, FPGA chips are field-upgradable and do not
require the time and expense involved with ASIC redesign. Digital
communication protocols, for example, have specifications that can
change over time, and ASIC-based interfaces may cause maintenance
and forward-compatibility challenges. Being reconfigurable, FPGA
chips can keep up with future modifications that might be necessary.
16
Long-term maintenance
18. Processor’s Architecture
The core of the OR1200 is implemented in the Verilog HDL. As an open
source core, the design is fully public and may be downloaded and modified by
any individual. The official implementation is maintained by developers at
OpenCores.org. The implementation specifies a power management unit,
debug unit, tick timer, programmable interrupt controller (PIC), central
processing unit (CPU), and memory management hardware. Peripheral
systems and a memory subsystem may be added using the processor's
implementation of a standardized 32-bit bus interface.
18
19. Custom Built Real Time OS
microSEL - Custom Built Real Time Operating System
It provides advanced scheduling facilities, message passing,
interrupt management, and messaging services, as well as
many others. It also has many advanced features, including
its picokernel, preemption-threshold scheduling, event-
chaining, and a rich set of system services.
19
20. Advantages of microSEL
Small Footprint
Minimal Kernel Size: Under 2K bytes
Queue Services: 900 bytes
Semaphore Services: 450 bytes
Mutex Services: 1200 bytes
Block Memory Services: 550 bytes
Minimal RAM requirement: 500 bytes
Minimal ROM requirement: 2K bytes
20
21. microSel helps application respond to external events faster than ever before. It is
also deterministic. A high priority thread starts responding to an external event on the
order of the time it takes to perform a highly optimized context switch.
Boot Time: 300 cycles
Context Switch Time: <100 cycles
Semaphore Get: 30 cycles
21
Fast Response
23. Hardware Based Cryptography
A source computer can encrypt a message using a hardware
cryptographic unit. The encrypted message can then be sent to a destination
computer. The destination computer can then use the hardware cryptographic
unit to decrypt the message. The source computer can use a simulation of the
hardware cryptographic unit to transform an input value into a simulation
output.
23
25. Conclusion
25
Project Vault - Google I/O ATAP - Advanced Technologies and Products
● HSM - Hardware Security Module.
● High speed bulk crypto: encryption and decryption.
● Supports secure streaming operations.
● It’s able to use any OS's existing drivers.
26. Conclusion (contd …)
Vault creates a virtual file system with a single virtual read-only and a write-
only file so that, once again, any OS's existing drivers can be reused.
Vault opens a world full of applications in encrypted systems, security and
easily maintainable systems.
It being portable has a wide scope for travellers, technical enthusiasts and
army and defense purposes taking in consideration the security and
encryption it provides along with authentication.
26