A Secure Reconfigurable System-On-Programmable-Chip Computer System

A System-on-Programmable-Chip (SoPC) architecture is designed to meet two goals: to provide a role-based secure computing environment and to allow for user reconfiguration. To accomplish this, a secure root of trust is derived from a fixed architectural subsystem, known as the Security Controller. It additionally provides a dynamically configurable single point of access between applications developed by users and the objects those applications use. The platform provides a model for secrecy such that physical recovery of any one component in isolation does not compromise the system. Dual-factor authentication is used to verify users. A model is also provided for tamper reaction. Secure boot, encrypted instruction, data, and Field Programmable Gate Array (FPGA) configuration are also explored. The system hardware is realized using Altera Avalon SoPC with a NIOS II processor and custom hardware acting as the Security Controller and a second NIOS II acting as the subject application configuration. A DE2 development kit from Altera hosting a Cyclone II FPGA is used along with a Secure Digital (SD) card and a custom printed circuit board (PCB) containing a second Cyclone II to demonstrate the system. User applications were successfully run on the system which demonstrated the secure boot process, system tamper reaction, dynamic role-based access to the security objects, dual-factor authentication, and the execution of encrypted code by the subject processor. Simulations provided detailed examinations of the system execution. Actual tests were conducted on the physical hardware successfully

FPGA-Based Testbed for Fault Injection on SHA-256

In real world applications, cryptographic algorithms are implemented in hardware or software on specific devices. An active attacker may inject faults during the computation process and careful analysis of faulty results can potentially leak secret information. These kinds of attacks known as fault injection attacks may have devastating effects in the field of hardware and embedded cryptography. This research proposes a partial implementation of SHA-256 along with an onboard fault injection circuit implemented on an FPGA. The proposed fault injection circuit is used to generate glitches in the clock to induce a setup time violation in the circuit and thereby produce error(s) in the output. The main objective of this research is to study the viability of fault injection using the clock glitches on the SHA-256

Técnicas de inyección de fallos basadas en FPGAs para la evaluación de la tolerancia a fallos de tipo SEU en circuitos digitales

Este trabajo de tesis doctoral presenta nuevas técnicas de inyección de fallos transitorios en elementos de memoria, que permiten la evaluación del comportamiento de los complejos circuitos digitales actuales en presencia de fallos SEU (Single Event Upset). Se han propuesto técnicas de inyección que dan solución a la evaluación de la tolerancia a fallos SEU para distintos componentes de los sistemas digitales actuales, en los que se tiende a integrar distintos tipos de circuitos en un mismo chip, SoCs (System on Chip). El entorno de inyección en las soluciones propuestas en esta tesis se basa en emulación con dispositivos programables, FPGAs, realizándose las tareas relacionadas con la inyección desde la plataforma hardware de emulación. La implementación hardware del sistema de inyección minimiza la comunicación necesaria entre el hardware y un computador, siendo dicha comunicación la mayor limitación en la velocidad del proceso de inyección. En primer lugar, se presenta una técnica de inyección de fallos basada en la emulación de fallos con FPGA, que permite evaluar un circuito digital cuando se dispone de su descripción en un lenguaje de alto nivel, como VHDL. Por otro lado, se propone una solución para la inyección de fallos en circuitos microprocesadores basada en el uso de la infraestructura de depuración integrada en el propio microprocesador (OCD, On-Chip Debugger), para acceder a sus recursos internos (memorias y registros), en un componente comercial o prototipo final del microprocesador. Cuando se dispone de la descripción del circuito, éste se implementa junto con el sistema de inyección en la FPGA y no es necesario establecer una comunicación con el exterior durante el desarrollo de una campaña de inyección, por lo que esta propuesta se ha denominado Emulación Autónoma. Al implementar el sistema completo de inyección en un único dispositivo (la FPGA) se aumentan la observabilidad y controlabilidad de los elementos del circuito. En este trabajo de investigación se han propuesto optimizaciones del proceso de inyección, basadas en la mayor accesibilidad al circuito que proporciona la Emulación Autónoma, para mejorar la eficiencia de las tareas de inyección de fallos y observación del comportamiento del circuito en presencia de fallos. En esta tesis se describen y desarrollan tres implementaciones de técnicas de inyección basadas en Emulación Autónoma, denominadas Time-Multiplexed, State-Scan y Mask-Scan. Cada una de las tres implementaciones ofrece un compromiso distinto entre velocidad del proceso de inyección y recursos necesarios para su aplicación. La técnica Time-Multiplexed incluye el mayor número de optimizaciones y mejoras por lo que es la técnica que mayor velocidad consigue en el proceso de evaluación pero, para ello, requiere una cantidad de recursos también mayor que las otras dos implementaciones. Las otras dos técnicas son simplificaciones de la primera, por lo que utilizan menos recursos hardware en la emulación de fallos. Además, se han desarrollado modelos de memoria que permiten aplicar la técnica Time-Multiplexed a circuitos con memorias empotradas. Los modelos se basan en controlar (para insertar los fallos) y observar (para detectar los errores y sus efectos) el contenido de memoria a través de las señales de control, el bus de datos y el bus de direcciones, evitando recorrer todas las palabras de datos. La inyección de fallos en circuitos con memorias empotradas es un problema de gran interés, puesto que éstas últimas son un componente cada vez más habitual en los diseños actuales. Además no se había propuesto hasta la fecha ninguna solución eficiente para la emulación de fallos en memorias. Esta aportación de la tesis permite inyectar fallos de forma rápida en memorias empotradas resolviendo el problema de su limitada accesibilidad. También para los modelos de memoria, se han propuesto distintas implementaciones en función de las prestaciones conseguidas y recursos hardware necesarios, denominados modelo Básico y modelo ECAM. El modelo Básico requiere menos recursos para su implementación, mientras que el modelo ECAM proporciona una mayor capacidad de análisis de los fallos. Los experimentos realizados, tanto sobre circuitos de prueba como sobre circuitos industriales reales, prueban que la Emulación Autónoma acelera el proceso de inyección con respecto a otras soluciones propuestas, permitiendo inyectar millones de fallos en unos pocos segundos. La aceleración conseguida es de dos órdenes de magnitud, con la técnica Time-Multiplexed, con respecto a otras soluciones basadas en emulación, que a su vez proporcionan una aceleración de cuatro órdenes de magnitud con respecto a técnicas basadas en simulación. Esta notable aceleración en la inyección de fallos permite evaluar circuitos de gran tamaño, como los circuitos actuales, donde los posibles fallos suponen un número elevado, y para obtener una medida significativa de su tolerancia a fallos es necesario inyectar un gran conjunto de fallos en un tiempo razonable. Se ha comprobado experimentalmente la viabilidad de la solución presentada para la inyección de fallos en memoria y las características de los modelos de memoria propuestos, para ello se han realizado campañas de inyección sobre un microprocesador industrial en el que se inyectan fallos tanto en los biestables como en la memoria. Por otro lado, la técnica de inyección que se propone en la tesis orientada a microprocesadores realiza la inyección de fallos y observación de sus efectos en el circuito a través de su OCD. El avance de las capacidades e infraestructuras de depuración en los microprocesadores actuales se debe al auge de SoCs y sistemas empotrados en los que, de otra forma, el acceso para depuración a dicho componente sería inviable o muy costoso. Estas capacidades proporcionan un mecanismo eficaz para acceder a los recursos internos del microprocesador, necesario para realizar la inyección de fallos y observar el comportamiento del circuito. El sistema de inyección propuesto controla el OCD mediante su interfaz JTAG, el más común para acceder a los microprocesadores actuales. Al igual que en el sistema de Emulación Autónoma, todas las tareas de inyección se realizan desde el hardware, una FPGA, que se conecta al microprocesador bajo estudio a través de su interfaz JTAG. Esta solución es aplicable a cualquier microprocesador con OCD e interfaz JTAG, lo que son características habituales en la actualidad. Los experimentos desarrollados sobre microprocesadores comerciales (ARM y PowerPC) demuestran que esta técnica proporciona una solución para la inyección de fallos en componentes microprocesadores comerciales eficiente, de gran generalidad y que alcanza un compromiso entre velocidad y coste. En resumen, se ha propuesto una solución precisa, rápida y de bajo coste para evaluar la tolerancia a fallos de tipo SEU de los circuitos digitales actuales, permitiendo la inyección de fallos en circuitos de gran tamaño con memorias y microprocesadores empotrados. ____________________________________________This PhD thesis presents new transient fault injection techniques to allow evaluating the behaviour of complex digital circuits, as modern circuits, with transient faults in memory elements, i.e., SEU (Single Event Upset) faults. Fault injection techniques have been proposed to solve SEU tolerance evaluation in different components of systems on chip (SoCs). The fault injection environment of the proposed solutions in this thesis is emulation-based with FPGA, performing injection tasks from the emulation hardware platform. The hardware implementation of the injection system minimises the required communication between hardware and host computer that is a bottleneck in speed injection process. First of all, a transient fault emulation technique in FPGA devices aimed at evaluating a circuit, whose description is available in a hardware description language (as VHDL), is presented. Secondly, a fault injection technique aimed at evaluating fault tolerance in microprocessors is proposed. Such proposal is applied on a final prototype or a commercial component and it consists in using the debugger infrastructure integrated in the circuit (OCD, On-Chip Debugger) to access the microprocessor’s internal resources (memory and registers). On the one side, when the circuit description is available, the circuit is implemented in the FPGA together with the injection system and therefore the communication with the host PC is avoided during fault injection campaign. This fault injection technique has been called Autonomous Emulation. The monolithic hardware implementation for the injection system (a unique FPGA) provides better controllability and observability of the circuit under test, than other solutions. Some injection process optimisations are proposed in this research work in order to enhance the efficiency and the speed of the different injection tasks. In this work, three implementations of the Autonomous Emulation system are proposed and developed. They are called Time-Multiplexed, State-Scan and Mask- Scan. Each one provides a different trade-off between area overhead and injection process speed-up. Time-Multiplexed technique includes more optimisations than the other techniques. Therefore, it obtains the highest speed-up in the evaluation process, but it requires more area overhead than the other implementations. State-Scan and vi Mask-Scan techniques are simplified versions of Time-Multiplexed implementation, using less hardware resources to perform the fault emulation. Furthermore, memory models have been developed in order to apply the Time- Multiplexed technique to digital circuits with embedded memories. Such models are based on controlling (to insert faults) and observing (to detect the errors and watch their effects) the memory data by means of the control signals, data bus and memory address bus, instead of accessing every memory word, that is a slow task, specially for large memories. The fault injection in embedded memories is a very interesting problem as they are components more and more usual in current digital designs. Besides, there is not an efficient solution for fault emulation in memories in the literature. This thesis’ contribution allows the fault injection in embedded memories in a fast way, solving the accessibility limitation problem. Different implementations have been also proposed for the memory models, according to the trade-off between performance and hardware resources requirements; they are named basic model and ECAM model. The basic model involves less hardware resources, whilst the ECAM model provides a better performance in the result analysis task. The experiments developed in this thesis consist in performing fault injection campaigns in benchmark circuits as well as in real ones. The experimental results prove that Autonomous Emulation speeds-up the injection process with respect to other existing solutions, making possible the injection of millions of faults in a few seconds. The injection process speed increases around two orders of magnitude using Time- Multiplexed with respect to other emulation-based solutions, what are faster than simulation-based techniques in four orders of magnitude. This notable enhancement in the injection speed allows the evaluation of the fault tolerance in large circuits, as the current ones. In modern circuits, all the possible SEU faults suppose a very high number of faults, and in order to obtain a significant measurement of the fault tolerance, injecting a large set of faults in reasonable time is necessary. The feasibility of the proposed memory models has also been analyzed performing fault campaigns in an industrial microprocessor, injecting faults in flip-flops as well as in memory. On the other side, the fault injection technique, proposed in this PhD thesis, aimed at evaluating microprocessors using the OCD to insert the faults and to observe their effects in the circuit. Nowadays, enhanced debugging capabilities and integrated infrastructures are available in current microprocessors, due to the increasing use of SoCs and embedded systems, where, without an OCD, the debugging process would be infeasible or require a high cost. The OCD provides a mechanism to access microprocessor’s internal resources and so it can be used to inject faults and to observe the circuit behaviour. The proposed fault injection system controls the OCD by means of the JTAG interface, what is the most common interface to access modern microprocessors. As in the Autonomous Emulation System, all the injection tasks are performed in hardware, in an FPGA, that is connected to the microprocessor under test by means of the JTAG interface. This solution could be applicable to any microprocessor circuit with an OCD and a JTAG interface, what are the most common features nowadays. Developed experiments in commercial microprocessors (ARM and PowerPC) show this technique provides an efficient solution to inject faults in microprocessors devices, applicable to a wide range of different processors and offering a trade-off between the injection process speed and its cost. In summary, a fast, accurate and low cost solution to evaluate the SEU fault tolerance in modern digital circuits has been proposed. It allows fault injection in large circuits with embedded memories and microprocessors

Enhancing Real-time Embedded Image Processing Robustness on Reconfigurable Devices for Critical Applications

Nowadays, image processing is increasingly used in several application fields, such as biomedical, aerospace, or automotive. Within these fields, image processing is used to serve both non-critical and critical tasks. As example, in automotive, cameras are becoming key sensors in increasing car safety, driving assistance and driving comfort. They have been employed for infotainment (non-critical), as well as for some driver assistance tasks (critical), such as Forward Collision Avoidance, Intelligent Speed Control, or Pedestrian Detection. The complexity of these algorithms brings a challenge in real-time image processing systems, requiring high computing capacity, usually not available in processors for embedded systems. Hardware acceleration is therefore crucial, and devices such as Field Programmable Gate Arrays (FPGAs) best fit the growing demand of computational capabilities. These devices can assist embedded processors by significantly speeding-up computationally intensive software algorithms. Moreover, critical applications introduce strict requirements not only from the real-time constraints, but also from the device reliability and algorithm robustness points of view. Technology scaling is highlighting reliability problems related to aging phenomena, and to the increasing sensitivity of digital devices to external radiation events that can cause transient or even permanent faults. These faults can lead to wrong information processed or, in the worst case, to a dangerous system failure. In this context, the reconfigurable nature of FPGA devices can be exploited to increase the system reliability and robustness by leveraging Dynamic Partial Reconfiguration features. The research work presented in this thesis focuses on the development of techniques for implementing efficient and robust real-time embedded image processing hardware accelerators and systems for mission-critical applications. Three main challenges have been faced and will be discussed, along with proposed solutions, throughout the thesis: (i) achieving real-time performances, (ii) enhancing algorithm robustness, and (iii) increasing overall system's dependability. In order to ensure real-time performances, efficient FPGA-based hardware accelerators implementing selected image processing algorithms have been developed. Functionalities offered by the target technology, and algorithm's characteristics have been constantly taken into account while designing such accelerators, in order to efficiently tailor algorithm's operations to available hardware resources. On the other hand, the key idea for increasing image processing algorithms' robustness is to introduce self-adaptivity features at algorithm level, in order to maintain constant, or improve, the quality of results for a wide range of input conditions, that are not always fully predictable at design-time (e.g., noise level variations). This has been accomplished by measuring at run-time some characteristics of the input images, and then tuning the algorithm parameters based on such estimations. Dynamic reconfiguration features of modern reconfigurable FPGA have been extensively exploited in order to integrate run-time adaptivity into the designed hardware accelerators. Tools and methodologies have been also developed in order to increase the overall system dependability during reconfiguration processes, thus providing safe run-time adaptation mechanisms. In addition, taking into account the target technology and the environments in which the developed hardware accelerators and systems may be employed, dependability issues have been analyzed, leading to the development of a platform for quickly assessing the reliability and characterizing the behavior of hardware accelerators implemented on reconfigurable FPGAs when they are affected by such faults

Embedded electronic systems driven by run-time reconfigurable hardware

Abstract This doctoral thesis addresses the design of embedded electronic systems based on run-time reconfigurable hardware technology –available through SRAM-based FPGA/SoC devices– aimed at contributing to enhance the life quality of the human beings. This work does research on the conception of the system architecture and the reconfiguration engine that provides to the FPGA the capability of dynamic partial reconfiguration in order to synthesize, by means of hardware/software co-design, a given application partitioned in processing tasks which are multiplexed in time and space, optimizing thus its physical implementation –silicon area, processing time, complexity, flexibility, functional density, cost and power consumption– in comparison with other alternatives based on static hardware (MCU, DSP, GPU, ASSP, ASIC, etc.). The design flow of such technology is evaluated through the prototyping of several engineering applications (control systems, mathematical coprocessors, complex image processors, etc.), showing a high enough level of maturity for its exploitation in the industry.Resumen Esta tesis doctoral abarca el diseño de sistemas electrónicos embebidos basados en tecnología hardware dinámicamente reconfigurable –disponible a través de dispositivos lógicos programables SRAM FPGA/SoC– que contribuyan a la mejora de la calidad de vida de la sociedad. Se investiga la arquitectura del sistema y del motor de reconfiguración que proporcione a la FPGA la capacidad de reconfiguración dinámica parcial de sus recursos programables, con objeto de sintetizar, mediante codiseño hardware/software, una determinada aplicación particionada en tareas multiplexadas en tiempo y en espacio, optimizando así su implementación física –área de silicio, tiempo de procesado, complejidad, flexibilidad, densidad funcional, coste y potencia disipada– comparada con otras alternativas basadas en hardware estático (MCU, DSP, GPU, ASSP, ASIC, etc.). Se evalúa el flujo de diseño de dicha tecnología a través del prototipado de varias aplicaciones de ingeniería (sistemas de control, coprocesadores aritméticos, procesadores de imagen, etc.), evidenciando un nivel de madurez viable ya para su explotación en la industria.Resum Aquesta tesi doctoral està orientada al disseny de sistemes electrònics empotrats basats en tecnologia hardware dinàmicament reconfigurable –disponible mitjançant dispositius lògics programables SRAM FPGA/SoC– que contribueixin a la millora de la qualitat de vida de la societat. S’investiga l’arquitectura del sistema i del motor de reconfiguració que proporcioni a la FPGA la capacitat de reconfiguració dinàmica parcial dels seus recursos programables, amb l’objectiu de sintetitzar, mitjançant codisseny hardware/software, una determinada aplicació particionada en tasques multiplexades en temps i en espai, optimizant així la seva implementació física –àrea de silici, temps de processat, complexitat, flexibilitat, densitat funcional, cost i potència dissipada– comparada amb altres alternatives basades en hardware estàtic (MCU, DSP, GPU, ASSP, ASIC, etc.). S’evalúa el fluxe de disseny d’aquesta tecnologia a través del prototipat de varies aplicacions d’enginyeria (sistemes de control, coprocessadors aritmètics, processadors d’imatge, etc.), demostrant un nivell de maduresa viable ja per a la seva explotació a la indústria

Software-based methods for Operating system dependability

Guaranteeing correct system behaviour in modern computer systems has become essential, in particular for safety-critical computer-based systems. However all modern systems are susceptible to transient faults that can disrupt the intended operation and function of such systems. In order to evaluate the sensitivity of such systems, different methods have been developed, and among them Fault Injection is considered a valid approach widely adopted. This document presents a fault injection tool, called Kernel-based Fault-Injection Tool Open-source (KITO), to analyze the effects of faults in memory elements containing kernel data structures belonging to a Unix-based Operating System and, in particular, elements involved in resources synchronization. This tool was evaluated in different stages of its development with different experimental analyses by performing Faults Injections in the Operating System, while the system was subject to stress from benchmark programs that use different elements of the Linux kernel. The results showed that KITO was capable of generating faults in different elements of the operating systems with limited intrusiveness, and that the data structures belonging to synchronization aspects of the kernel are susceptible to an appreciable set of possible errors ranging from performance degradation to complete system failure, thus preventing benchmark applications to perform their task. Finally, aiming at overcoming the vulnerabilities discovered with KITO, a couple of solutions have been proposed consisting in the implementation of hardening techniques in the source code of the Linux kernel, such as Triple Modular Redundancy and Error Detection And Correction codes. An experimental fault injection analysis has been conducted to evaluate the effectiveness of the proposed solutions. Results have shown that it is possible to successfully detect and correct the noxious effects generated by single faults in the system with a limited performance overhead in kernel data structures of the Linux kernel

Proceedings of the 5th International Workshop on Reconfigurable Communication-centric Systems on Chip 2010 - ReCoSoC\u2710 - May 17-19, 2010 Karlsruhe, Germany. (KIT Scientific Reports ; 7551)

ReCoSoC is intended to be a periodic annual meeting to expose and discuss gathered expertise as well as state of the art research around SoC related topics through plenary invited papers and posters. The workshop aims to provide a prospective view of tomorrow\u27s challenges in the multibillion transistor era, taking into account the emerging techniques and architectures exploring the synergy between flexible on-chip communication and system reconfigurability

Sustainable Fault-handling Of Reconfigurable Logic Using Throughput-driven Assessment

A sustainable Evolvable Hardware (EH) system is developed for SRAM-based reconfigurable Field Programmable Gate Arrays (FPGAs) using outlier detection and group testing-based assessment principles. The fault diagnosis methods presented herein leverage throughput-driven, relative fitness assessment to maintain resource viability autonomously. Group testing-based techniques are developed for adaptive input-driven fault isolation in FPGAs, without the need for exhaustive testing or coding-based evaluation. The techniques maintain the device operational, and when possible generate validated outputs throughout the repair process. Adaptive fault isolation methods based on discrepancy-enabled pair-wise comparisons are developed. By observing the discrepancy characteristics of multiple Concurrent Error Detection (CED) configurations, a method for robust detection of faults is developed based on pairwise parallel evaluation using Discrepancy Mirror logic. The results from the analytical FPGA model are demonstrated via a self-healing, self-organizing evolvable hardware system. Reconfigurability of the SRAM-based FPGA is leveraged to identify logic resource faults which are successively excluded by group testing using alternate device configurations. This simplifies the system architect\u27s role to definition of functionality using a high-level Hardware Description Language (HDL) and system-level performance versus availability operating point. System availability, throughput, and mean time to isolate faults are monitored and maintained using an Observer-Controller model. Results are demonstrated using a Data Encryption Standard (DES) core that occupies approximately 305 FPGA slices on a Xilinx Virtex-II Pro FPGA. With a single simulated stuck-at-fault, the system identifies a completely validated replacement configuration within three to five positive tests. The approach demonstrates a readily-implemented yet robust organic hardware application framework featuring a high degree of autonomous self-control

Design Space Exploration for MPSoC Architectures

Multiprocessor system-on-chip (MPSoC) designs utilize the available technology and communication architectures to meet the requirements of the upcoming applications. In MPSoC, the communication platform is both the key enabler, as well as the key differentiator for realizing efficient MPSoCs. It provides product differentiation to meet a diverse, multi-dimensional set of design constraints, including performance, power, energy, reconfigurability, scalability, cost, reliability and time-to-market. The communication resources of a single interconnection platform cannot be fully utilized by all kind of applications, such as the availability of higher communication bandwidth for computation but not data intensive applications is often unfeasible in the practical implementation. This thesis aims to perform the architecture-level design space exploration towards efficient and scalable resource utilization for MPSoC communication architecture. In order to meet the performance requirements within the design constraints, careful selection of MPSoC communication platform, resource aware partitioning and mapping of the application play important role. To enhance the utilization of communication resources, variety of techniques such as resource sharing, multicast to avoid re-transmission of identical data, and adaptive routing can be used. For implementation, these techniques should be customized according to the platform architecture. To address the resource utilization of MPSoC communication platforms, variety of architectures with different design parameters and performance levels, namely Segmented bus (SegBus), Network-on-Chip (NoC) and Three-Dimensional NoC (3D-NoC), are selected. Average packet latency and power consumption are the evaluation parameters for the proposed techniques. In conventional computing architectures, fault on a component makes the connected fault-free components inoperative. Resource sharing approach can utilize the fault-free components to retain the system performance by reducing the impact of faults. Design space exploration also guides to narrow down the selection of MPSoC architecture, which can meet the performance requirements with design constraints.Siirretty Doriast