Managing Security in FPGA-Based Embedded Systems

  title={Managing Security in FPGA-Based Embedded Systems},
  author={Ted Huffmire and Brett Brotherton and Timothy Sherwood and Ryan Kastner and Timothy E. Levin and Thuy D. Nguyen and Cynthia E. Irvine},
  journal={IEEE Design \& Test of Computers},
FPGAs combine the programmability of processors with the performance of custom hardware. As they become more common in critical embedded systems, new techniques are necessary to manage security in FPGA designs. This article discusses FPGA security problems and current research on reconfigurable devices and security, and presents security primitives and a component architecture for building highly secure systems on FPGAs. 

Figures from this paper

New techniques to enhance FPGA based system security
This paper proposes some threat models and defense models against possible attacks for FPGA based systems, and considers security aspects of FPGAs as the primary interest.
A hardware security scheme for RRAM-based FPGA
  • Yi-Chung Chen, Wei Zhang, Hai Helen Li
  • Computer Science
    2013 23rd International Conference on Field programmable Logic and Applications
  • 2013
A hardware security scheme for nonvolatile resistive random access memory (RRAM) based FPGA, in which internal block RAM (BRAMs) are used for configuration and temporary data storage is proposed.
A Novel Technique to Enhance Security of Logic Circuits Using a Modified Programmable Secured Logic Module
This paper proposes a new technique which enhances security of digital systems and design of a programmable logic module for secured systems which works on the principle of the new technique.
A novel PUF-based encryption protocol for embedded System on Chip
A novel security mechanism for sensitive data stored, acquired or processed by a complex electronic circuit implemented as System-on-Chip (SoC) on an FPGA reconfigurable device based on encrypted and authenticated communications between the microprocessor cores, FPGAs fabric and peripherals inside the SoC.
A survey on security and trust of FPGA-based systems
  • Jiliang Zhang, G. Qu
  • Computer Science, Mathematics
    2014 International Conference on Field-Programmable Technology (FPT)
  • 2014
For each party involved in FPGA supply and demand, the security and trust problems they need to be aware of and the solutions that are available are shown.
A security embedded system base on TCM and FPGA
In this solution, a security FPGA checked the integrity of instructions and data in flash chip before running of the embedded processor, and indicated that the content in the flash chip was modified.
FPGA-Based Remote-Code Integrity Verification of Programs in Distributed Embedded Systems
The use of reconfigurable computing is proposed to build a consistent architecture for generation of attestations (proofs) of code integrity for an executing program as well as to deliver them to the designated verification entity.
Recent Attacks and Defenses on FPGA-based Systems
This survey reviews the security and trust issues related to FPGA-based systems from the market perspective, where the market is model with the following parties: FGPA vendors, foundries, IP vendors, EDA tool vendors, FPGAs-based system developers, and end-users.
In-place Logic Obfuscation for Emerging Nonvolatile FPGAs
A hardware security scheme for nonvolatile resistive random access memory (RRAM) based FPGA, in which internal block RAM (BRAMs) are used for configuration and temporary data storage, and a encrypted addressing to secure communication ports with encrypted address is proposed.
Secure On-Chip Communication Architecture for Reconfigurable Multi-Core Systems
A secure communication architecture has been presented by designing an identity and address verification (IAV) security module, which is embedded in each router at the communication level, and has presented reduced area and power consumption overhead when compared with similar existing solutions.


Designing secure systems on reconfigurable hardware
The goal of this project is to evaluate recently proposed security primitives for reconfigurable hardware by building a real embedded system with several cores on a single FPGA and implementing these primitives on the system.
New technology is introduced that will provide the industry with an FPGA-based single chip cryptographic solution for type I Cryptographic equipment.
Trusted Design in FPGAs
  • S. Trimberger
  • Computer Science
    2007 44th ACM/IEEE Design Automation Conference
  • 2007
Using FPGAs, a designer can separate the design process from the manufacturing flow. Therefore, the owner of a sensitive design need not expose the design to possible theft and tampering during its
Policy-Driven Memory Protection for Reconfigurable Hardware
This work investigates the design and synthesis of a memory protection mechanism capable of enforcing policies expressed as a formal language and includes a specialized compiler that translates a policy of legal sharing to reconfigurable logic blocks which can be directly transferred to an FPGA.
Reconfigurable computing: a survey of systems and software
The hardware aspects of reconfigurable computing machines, from single chip architectures to multi-chip systems, including internal structures and external coupling are explored, and the software that targets these machines is focused on.
Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems
This work proposes an isolation primitive, moats and drawbridges, that are built around four design properties: logical isolation, interconnect traceability, secure reconfigurable broadcast, and configuration scrubbing, and each is a fundamental operation with easily understood formal properties, yet maps cleanly and efficiently to a wide variety of reconfigured devices.
A cautionary note regarding the data integrity capacity of certain secure systems
This work discusses the general integrity property that systems can only be trusted to manage modifiable data whose integrity is at or below that of their interface components, and describes some of these systems as a class of architecture subject to these limitations.
A quick safari through the reconfiguration jungle
This work organizes this design space as the reconfiguration hierarchy, and discusses the design methods that deal with it, and surveys existing commercial platforms that support reconfigured systems and situate them in the reconfigured jungle.
Computer Security Technology Planning Study
This document is intended to assist in the management of government procurement operations and will not be used for other purposes other than a definitely related government procurement operation.
Subversion as a Threat in Information Warfare
A constructive system engineering technique to mitigate the subversion threat is identified and will be defined and characterized as a warfare tool.