FPGA based remote code integrity verification of programs in distributed embedded systems

The explosive growth of networked embedded systems has made ubiquitous and pervasive computing a reality. However, there are still a number of new challenges to its widespread adoption that include scalability, availability, and, especially, security of software. Among the different challenges in software security, the problem of remote-code integrity verification is still waiting for efficient solutions. This paper proposes the use of reconfigurable computing to build a consistent architecture for generation of attestations (proofs) of code integrity for an executing program as well as to deliver them to the designated verification entity. Remote dynamic update of reconfigurable devices is also exploited to increase the complexity of mounting attacks in a real-word environment. The proposed solution perfectly fits embedded devices that are nowadays commonly equipped with reconfigurable hardware components that are exploited to solve different computational problems

Lightweight reconfiguration security services for AXI-based MPSoCs

International audienceNowadays, security is a key constraint in MPSoC development as many critical and secret information can be stored and manipulated within these systems. Addressing the protection issue in an efficient way is challenging as information can leak from many points. However one strategic component of a bus-based MPSoC is the communication architecture as all information that an attacker could try to extract or modify would be visible on the bus. Thus monitoring and controlling communications allows an efficient protection of the whole system. Attacks can be detected and discarded before system corruption. In this work, we propose a lightweight solution to dynamically update hardware firewall enhancements which secure data exchanges in a bus-based MPSoC. It provides a standalone security solution for AXI-based embedded systems where no user intervention is required for security mechanisms update. An FPGA implementation demonstrates an area overhead of around 11% for the adaptive version of the hardware firewall compared to the static one

Secure execution environments through reconfigurable lightweight cryptographic components

Software protection is one of the most important problems in the area of computing as it affects a multitude of players like software vendors, digital content providers, users, and government agencies. There are multiple dimensions to this broad problem of software protection. The most important ones are: (1) protecting software from reverse engineering. (2) protecting software from tamper (or modification). (3) preventing software piracy. (4) verification of integrity of the software;In this thesis we focus on these areas of software protection. The basic requirement to achieve these goals is to provide a secure execution environment, which ensures that the programs behave in the same way as it was designed, and the execution platforms respect certain types of wishes specified by the program;We take the approach of providing secure execution environment through architecture support. We exploit the power of reconfigurable components in achieving this. The first problem we consider is to provide architecture support for obfuscation. This also achieves the goals of tamper resistance, copy protection, and IP protection indirectly. Our approach is based on the intuition that the software is a sequence of instructions (and data) and if the sequence as well the contents are obfuscated then all the required goals can be achieved;The second problem we solve is integrity verification of the software particularly in embedded devices. Our solution is based on the intuition that an obfuscated (permuted) binary image without any dynamic traces reveals very little information about the IP of the program. Moreover, if this obfuscation function becomes a shared secret between the verifier and the embedded device then verification can be performed in a trustworthy manner;Cryptographic components form the underlying building blocks/primitives of any secure execution environment. Our use of reconfigurable components to provide software protection in both Arc 3 D and TIVA led us to an interesting observation about the power of reconfigurable components. Reconfigurable components provide the ability to use the secret (or key) in a much stronger way than the conventional cryptographic designs. This opened up an opportunity for us to explore the use of reconfigurable gates to build cryptographic functions

Vulnerability analysis of satellite-based synchronized smart grids monitoring systems

The large-scale deployment of wide-area monitoring systems could play a strategic role in supporting the evolution of traditional power systems toward smarter and self-healing grids. The correct operation of these synchronized monitoring systems requires a common and accurate timing reference usually provided by a satellite-based global positioning system. Although these satellites signals provide timing accuracy that easily exceeds the needs of the power industry, they are extremely vulnerable to radio frequency interference. Consequently, a comprehensive analysis aimed at identifying their potential vulnerabilities is of paramount importance for correct and safe wide-area monitoring system operation. Armed with such a vision, this article presents and discusses the results of an experimental analysis aimed at characterizing the vulnerability of global positioning system based wide-area monitoring systems to external interferences. The article outlines the potential strategies that could be adopted to protect global positioning system receivers from external cyber-attacks and proposes decentralized defense strategies based on self-organizing sensor networks aimed at assuring correct time synchronization in the presence of external attacks

Trusted execution environments leveraging reconfigurable FPGA technology

Compartmentalization techniques like Trusted Execution Environments (TEEs) are a well-established security strategy to provide increasing integrity and confidentiality for applications, from the edge to the cloud. TEEs are used to protect sensitive data and run security-critical applications on secure execution environments, isolated from the rest of the system. Notwithstanding, over the last few years, TEEs have been proven weak, as either TEEs built upon security-oriented hardware extensions (Arm TrustZone, Intel SGX) or resorting to dedicated secure elements were exploited multiple times. We present and discuss a novel TEE design that leverages reconfigurable FPGA technology. The main novelty relies on leveraging the programmable logic (PL) to create secure enclaves by instantiating a customized and dedicated security processor per application on a per-need basis. Unlike other TEE designs, our approach can provide high-bandwidth connections and physical on-chip isolation. We present a proof-of-concept (PoC) implementation targeting a Xilinx Zynq Ultrascale+ based platform and we detail how our design is interoperable with existing TEE stacks and compliant with the GlobalPlatform specification. To demonstrate the practicability of our approach in real-world applications, we run a legacy open-source bitcoin wallet.This work has been supported by FCT - Fundação para a Ciência e Tecnologia (FCT) within the R&D Units Project Scope UIDB/00319/2020 and grant SFRH/BD/145209/2019