Security Primitives for Reconfigurable Hardware-Based Systems

被引:4
作者
Huffmire, Ted [1 ]
Levin, Timothy [1 ]
Thuy Nguyen [1 ]
Irvine, Cynthia [1 ]
Brotherton, Brett [2 ]
Wang, Gang [4 ]
Sherwood, Timothy [3 ]
Kastner, Ryan [5 ]
机构
[1] USN, Postgrad Sch, Dept Comp Sci, Monterey, CA 93943 USA
[2] Special Technol Lab, Santa Barbara, CA 93111 USA
[3] Univ Calif Santa Barbara, Dept Comp Sci, Santa Barbara, CA 93106 USA
[4] Intuit, San Diego, CA 92122 USA
[5] Univ Calif San Diego, Dept Comp Sci & Engn, La Jolla, CA 92093 USA
基金
美国国家科学基金会;
关键词
Design; Security; Field Programmable Gate Arrays (FPGAs); Advanced Encryption Standard (AES); memory protection; separation; isolation; controlled sharing; hardware security; reference monitors; execution monitors; enforcement mechanisms; security policies; static analysis; security primitives; Systems-on-a-Chip (SoCs);
D O I
10.1145/1754386.1754391
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Computing systems designed using reconfigurable hardware are increasingly composed using a number of different Intellectual Property (IP) cores, which are often provided by third-party vendors that may have different levels of trust. Unlike traditional software where hardware resources are mediated using an operating system, IP cores have fine-grain control over the underlying reconfigurable hardware. To address this problem, the embedded systems community requires novel security primitives that address the realities of modern reconfigurable hardware. In this work, we propose security primitives using ideas centered around the notion of "moats and drawbridges." The primitives encompass four design properties: logical isolation, interconnect traceability, secure reconfigurable broadcast, and configuration scrubbing. Each of these is a fundamental operation with easily understood formal properties, yet they map cleanly and efficiently to a wide variety of reconfigurable devices. We carefully quantify the required overheads of the security techniques on modern FPGA architectures across a number of different applications.
引用
收藏
页数:35
相关论文
共 50 条
[41]   TrustedDB: A Trusted Hardware-Based Database with Privacy and Data Confidentiality [J].
Bajaj, Sumeet ;
Sion, Radu .
IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2014, 26 (03) :752-765
[42]   Hardware-based Novel Authentication Scheme for Advanced Metering Infrastructure [J].
Nath, Atul Prasad Deb ;
Amsaad, Fathi ;
Choudhury, Muhtadi ;
Niamat, Mohammed .
PROCEEDINGS OF THE 2016 IEEE NATIONAL AEROSPACE AND ELECTRONICS CONFERENCE (NAECON) AND OHIO INNOVATION SUMMIT (OIS), 2016, :364-371
[43]   RRAM Based Cell for Hardware Security Applications [J].
Arumi, Daniel ;
Manich, Salvador ;
Rodriguez-Montanes, Rosa .
2016 1ST IEEE INTERNATIONAL VERIFICATION AND SECURITY WORKSHOP (IVSW), 2016, :7-12
[44]   Toward Hardware-Based IP Vulnerability Detection and Post-Deployment Patching in Systems-on-Chip [J].
Tan, Benjamin ;
Elnaggar, Rana ;
Fung, Jason M. ;
Karri, Ramesh ;
Chakrabarty, Krishnendu .
IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, 2021, 40 (06) :1158-1171
[45]   A Review on Software-Based and Hardware-Based Authentication Mechanisms for the Internet of Drones [J].
Michailidis, Emmanouel T. ;
Vouyioukas, Demosthenes .
DRONES, 2022, 6 (02)
[46]   Latency, Power, and Security Optimization in Distributed Reconfigurable Embedded Systems [J].
Nam, Hyunsuk ;
Lysecky, Roman .
2016 IEEE 30TH INTERNATIONAL PARALLEL AND DISTRIBUTED PROCESSING SYMPOSIUM WORKSHOPS (IPDPSW), 2016, :124-131
[47]   Secured Data Collection With Hardware-Based Ciphers for IoT-Based Healthcare [J].
Tao, Hai ;
Bhuiyan, Md Zakirul Alam ;
Abdalla, Ahmed N. ;
Hassan, Mohammad Mehedi ;
Zain, Jasni Mohamad ;
Hayajneh, Thaier .
IEEE INTERNET OF THINGS JOURNAL, 2019, 6 (01) :410-420
[48]   Highly Stable Reconfigurable TERO PUF Architecture for Hardware Security Applications [J].
Vicuna, Kevin ;
Vatalaro, Massimo ;
Amiel, Frederic ;
Crupi, Felice ;
Trojman, Lionel .
IEEE TRANSACTIONS ON VERY LARGE SCALE INTEGRATION (VLSI) SYSTEMS, 2025,
[49]   Physically Unclonable and Reconfigurable Computing System (PURCS) for Hardware Security Applications [J].
Shanta, Aysha S. ;
Majumder, Md Badruddoja ;
Hasan, Md Sakib ;
Rose, Garrett S. .
IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, 2021, 40 (03) :405-418
[50]   Improving the Performance of Hyperspectral Image and Signal Processing Algorithms Using Parallel, Distributed and Specialized Hardware-Based Systems [J].
Plaza, Antonio ;
Plaza, Javier ;
Vegas, Hugo .
JOURNAL OF SIGNAL PROCESSING SYSTEMS FOR SIGNAL IMAGE AND VIDEO TECHNOLOGY, 2010, 61 (03) :293-315