82 research outputs found
Multi-Tenant Cloud FPGA: A Survey on Security
With the exponentially increasing demand for performance and scalability in
cloud applications and systems, data center architectures evolved to integrate
heterogeneous computing fabrics that leverage CPUs, GPUs, and FPGAs. FPGAs
differ from traditional processing platforms such as CPUs and GPUs in that they
are reconfigurable at run-time, providing increased and customized performance,
flexibility, and acceleration. FPGAs can perform large-scale search
optimization, acceleration, and signal processing tasks compared with power,
latency, and processing speed. Many public cloud provider giants, including
Amazon, Huawei, Microsoft, Alibaba, etc., have already started integrating
FPGA-based cloud acceleration services. While FPGAs in cloud applications
enable customized acceleration with low power consumption, it also incurs new
security challenges that still need to be reviewed. Allowing cloud users to
reconfigure the hardware design after deployment could open the backdoors for
malicious attackers, potentially putting the cloud platform at risk.
Considering security risks, public cloud providers still don't offer
multi-tenant FPGA services. This paper analyzes the security concerns of
multi-tenant cloud FPGAs, gives a thorough description of the security problems
associated with them, and discusses upcoming future challenges in this field of
study
A sensor node soC architecture for extremely autonomous wireless sensor networks
Tese de Doutoramento em Engenharia Eletrónica e de Computadores (PDEEC) (especialidade em Informática Industrial e Sistemas Embebidos)The Internet of Things (IoT) is revolutionizing the Internet of the future and the
way new smart objects and people are being connected into the world. Its pervasive
computing and communication technologies connect myriads of smart devices, presented
at our everyday things and surrounding objects. Big players in the industry
forecast, by 2020, around 50 billion of smart devices connected in a multitude of scenarios
and heterogeneous applications, sharing data over a true worldwide network.
This will represent a trillion dollar market that everyone wants to take a share.
In a world where everything is being connected, device security and device interoperability
are a paramount. From the sensor to the cloud, this triggers several
technological issues towards connectivity, interoperability and security requirements
on IoT devices. However, fulfilling such requirements is not straightforward. While
the connectivity exposes the device to the Internet, which also raises several security
issues, deploying a standardized communication stack on the endpoint device
in the network edge, highly increases the data exchanged over the network. Moreover,
handling such ever-growing amount of data on resource-constrained devices,
truly affects the performance and the energy consumption. Addressing such issues
requires new technological and architectural approaches to help find solutions to
leverage an accelerated, secure and energy-aware IoT end-device communication.
Throughout this thesis, the developed artifacts triggered the achievement of important
findings that demonstrate: (1) how heterogeneous architectures are nowadays
a perfect solution to deploy endpoint devices in scenarios where not only (heavy
processing) application-specific operations are required, but also network-related capabilities
are major concerns; (2) how accelerating network-related tasks result in a
more efficient device resources utilization, which combining better performance and
increased availability, contributed to an improved overall energy utilization; (3) how
device and data security can benefit from modern heterogeneous architectures that
rely on secure hardware platforms, which are also able to provide security-related
acceleration hardware; (4) how a domain-specific language eases the co-design and
customization of a secure and accelerated IoT endpoint device at the network edge.Internet of Things (IoT) é o conceito que está a revolucionar a Internet do futuro
e a forma como coisas, processos e pessoas se conectam e se relacionam numa infraestrutura
de rede global que interligará, num futuro próximo, um vasto número de
dispositivos inteligentes e de utilização diária. Com uma grande aposta no mercado
IoT por parte dos grandes líderes na industria, algumas visões otimistas preveem
para 2020 mais de 50 mil milhões de dispositivos ligados na periferia da rede, partilhando
grandes volumes de dados importantes através da Internet, representando
um mercado multimilionário com imensas oportunidades de negócio.
Num mundo interligado de dispositivos, a interoperabilidade e a segurança é uma
preocupação crescente. Tal preocupação exige inúmeros esforços na exploração de
novas soluções, quer a nível tecnológico quer a nível arquitetural, que visem impulsionar
o desenvolvimento de dispositivos embebidos com maiores capacidades de
desempenho, segurança e eficiência energética, não só apenas do dispositivo em si,
mas também das camadas e protocolos de rede associados. Apesar da integração
de pilhas de comunicação e de protocolos standard das camadas de rede solucionar
problemas associados à conectividade e a interoperabilidade, adiciona a sobrecarga
inerente dos protocolos de comunicação e do crescente volume de dados partilhados
entre os dispositivos e a Internet, afetando severamente o desempenho e a disponibilidade
do mesmo, refletindo-se num maior consumo energético global.
As soluções apresentadas nesta tese permitiram obter resultados que demonstram:
(1) a viabilidade de soluções heterogéneas no desenvolvimento de dispositivos IoT,
onde não só tarefas inerentes à aplicação podem ser aceleradas, mas também tarefas
relacionadas com a comunicação do dispositivo; (2) os benefícios da aceleração de
tarefas e protocolos da pilha de rede, que se traduz num melhor desempenho do
dispositivo e aumento da disponibilidade do mesmo, contribuindo para uma melhor
eficiência energética; (3) que plataformas de hardware modernas oferecem mecanismos
de segurança que podem ser utilizados não apenas em prol da segurança do
dispositivo, mas também nas capacidades de comunicação do mesmo; (4) que o desenvolvimento
de uma linguagem de domínio específico permite de forma mais eficaz
e eficiente o desenvolvimento e configuração de dispositivos IoT inteligentes.This thesis was supported by a PhD scholarship from Fundação para a Ciência e Tecnologia, SFRH/BD/90162/201
Embedded electronic systems driven by run-time reconfigurable hardware
Abstract
This doctoral thesis addresses the design of embedded electronic systems based on run-time reconfigurable hardware technology –available through SRAM-based FPGA/SoC devices– aimed at contributing to enhance the life quality of the human beings. This work does research on the conception of the system architecture and the reconfiguration engine that provides to the FPGA the capability of dynamic partial reconfiguration in order to synthesize, by means of hardware/software co-design, a given application partitioned in processing tasks which are multiplexed in time and space, optimizing thus its physical implementation –silicon area, processing time, complexity, flexibility, functional density, cost and power consumption– in comparison with other alternatives based on static hardware (MCU, DSP, GPU, ASSP, ASIC, etc.). The design flow of such technology is evaluated through the prototyping of several engineering applications (control systems, mathematical coprocessors, complex image processors, etc.), showing a high enough level of maturity for its exploitation in the industry.Resumen
Esta tesis doctoral abarca el diseño de sistemas electrónicos embebidos basados en tecnología hardware dinámicamente reconfigurable –disponible a través de dispositivos lógicos programables SRAM FPGA/SoC– que contribuyan a la mejora de la calidad de vida de la sociedad. Se investiga la arquitectura del sistema y del motor de reconfiguración que proporcione a la FPGA la capacidad de reconfiguración dinámica parcial de sus recursos programables, con objeto de sintetizar, mediante codiseño hardware/software, una determinada aplicación particionada en tareas multiplexadas en tiempo y en espacio, optimizando así su implementación física –área de silicio, tiempo de procesado, complejidad, flexibilidad, densidad funcional, coste y potencia disipada– comparada con otras alternativas basadas en hardware estático (MCU, DSP, GPU, ASSP, ASIC, etc.). Se evalúa el flujo de diseño de dicha tecnología a través del prototipado de varias aplicaciones de ingeniería (sistemas de control, coprocesadores aritméticos, procesadores de imagen, etc.), evidenciando un nivel de madurez viable ya para su explotación en la industria.Resum
Aquesta tesi doctoral està orientada al disseny de sistemes electrònics empotrats basats en tecnologia hardware dinàmicament reconfigurable –disponible mitjançant dispositius lògics programables SRAM FPGA/SoC– que contribueixin a la millora de la qualitat de vida de la societat. S’investiga l’arquitectura del sistema i del motor de reconfiguració que proporcioni a la FPGA la capacitat de reconfiguració dinàmica parcial dels seus recursos programables, amb l’objectiu de sintetitzar, mitjançant codisseny hardware/software, una determinada aplicació particionada en tasques multiplexades en temps i en espai, optimizant així la seva implementació física –àrea de silici, temps de processat, complexitat, flexibilitat, densitat funcional, cost i potència dissipada– comparada amb altres alternatives basades en hardware estàtic (MCU, DSP, GPU, ASSP, ASIC, etc.). S’evalúa el fluxe de disseny d’aquesta tecnologia a través del prototipat de varies aplicacions d’enginyeria (sistemes de control, coprocessadors aritmètics, processadors d’imatge, etc.), demostrant un nivell de maduresa viable ja per a la seva explotació a la indústria
A Comprehensive Survey on Non-Invasive Fault Injection Attacks
Non-invasive fault injection attacks have emerged as significant threats to a spectrum of microelectronic systems ranging from commodity devices to high-end customized processors. Unlike their invasive counterparts, these attacks are more affordable and can exploit system vulnerabilities without altering the hardware physically. Furthermore, certain non-invasive fault injection strategies allow for remote vulnerability exploitation without the requirement of physical proximity. However, existing studies lack extensive investigation into these attacks across diverse target platforms, threat models, emerging attack strategies, assessment frameworks, and mitigation approaches. In this paper, we provide a comprehensive overview of contemporary research on non-invasive fault injection attacks. Our objective is to consolidate and scrutinize the various techniques, methodologies, target systems susceptible to the attacks, and existing mitigation mechanisms advanced by the research community. Besides, we categorize attack strategies based on several aspects, present a detailed comparison among the categories, and highlight research challenges with future direction. By underlining and discussing the landscape of cutting-edge, non-invasive fault injection, we hope more researchers, designers, and security professionals examine the attacks further and take such threats into consideration while developing effective countermeasures
On Information-centric Resiliency and System-level Security in Constrained, Wireless Communication
The Internet of Things (IoT) interconnects many heterogeneous embedded devices either locally between each other, or globally with the Internet. These things are resource-constrained, e.g., powered by battery, and typically communicate via low-power and lossy wireless links. Communication needs to be secured and relies on crypto-operations that are often resource-intensive and in conflict with the device constraints. These challenging operational conditions on the cheapest hardware possible, the unreliable wireless transmission, and the need for protection against common threats of the inter-network, impose severe challenges to IoT networks. In this thesis, we advance the current state of the art in two dimensions.
Part I assesses Information-centric networking (ICN) for the IoT, a network paradigm that promises enhanced reliability for data retrieval in constrained edge networks. ICN lacks a lower layer definition, which, however, is the key to enable device sleep cycles and exclusive wireless media access. This part of the thesis designs and evaluates an effective media access strategy for ICN to reduce the energy consumption and wireless interference on constrained IoT nodes.
Part II examines the performance of hardware and software crypto-operations, executed on off-the-shelf IoT platforms. A novel system design enables the accessibility and auto-configuration of crypto-hardware through an operating system. One main focus is the generation of random numbers in the IoT. This part of the thesis further designs and evaluates Physical Unclonable Functions (PUFs) to provide novel randomness sources that generate highly unpredictable secrets, on low-cost devices that lack hardware-based security features.
This thesis takes a practical view on the constrained IoT and is accompanied by real-world implementations and measurements. We contribute open source software, automation tools, a simulator, and reproducible measurement results from real IoT deployments using off-the-shelf hardware. The large-scale experiments in an open access testbed provide a direct starting point for future research
Survey of FPGA applications in the period 2000 – 2015 (Technical Report)
Romoth J, Porrmann M, Rückert U. Survey of FPGA applications in the period 2000 – 2015 (Technical Report).; 2017.Since their introduction, FPGAs can be seen in more and more different fields of applications. The key advantage is the combination of software-like flexibility with the performance otherwise common to hardware. Nevertheless, every application field introduces special requirements to the used computational architecture. This paper provides an overview of the different topics FPGAs have been used for in the last 15 years of research and why they have been chosen over other processing units like e.g. CPUs
- …