Trusted SoC Realization for Remote Dynamic IP Integration

Heutzutage bieten field-programmable gate arrays (FPGAs) enorme Rechenleistung und Flexibilität. Zudem sind sie oft auf einem einzigen Chip mit eingebetteten Multicore-Prozessoren, DSP-Engines und Speicher-Controllern integriert. Dadurch sind sie für große und komplexe Anwendungen geeignet. Gleichzeitig führten die Fortschritte auf dem Gebiet der High-Level-Synthese und die Verfügbarkeit standardisierter Schnittstellen (wie etwa das Advanced eXtensible Interface 4) zur Entwicklung spezialisierter und neuartiger Funktionalitäten durch Designhäuser. All dies schuf einen Bedarf für ein Outsourcing der Entwicklung oder die Lizenzierung von FPGA-IPs (Intellectual Property). Ein Pay-per-Use IP-Lizenzierungsmodell, bei dem diese IPs vor allen Marktteilnehmern geschützt sind, kommt den Entwicklern der IPs zugute. Außerdem handelt es sich bei den Entwicklern von FPGA-Systemen in der Regel um kleine bis mittlere Unternehmen, die in Bezug auf die Markteinführungszeit und die Kosten pro Einheit von einem solchen Lizenzierungsmodell profitieren können. Im akademischen Bereich und in der Industrie gibt es mehrere IP-Lizenzierungsmodelle und Schutzlösungen, die eingesetzt werden können, die jedoch mit zahlreichen Sicherheitsproblemen behaftet sind. In einigen Fällen verursachen die vorgeschlagenen Sicherheitsmaßnahmen einen unnötigen Ressourcenaufwand und Einschränkungen für die Systementwickler, d. h., sie können wesentliche Funktionen ihres Geräts nicht nutzen. Darüber hinaus lassen sie zwei funktionale Herausforderungen außer Acht: das Floorplanning der IP auf der programmierbaren Logik (PL) und die Generierung des Endprodukts der IP (Bitstream) unabhängig vom Gesamtdesign. In dieser Arbeit wird ein Pay-per-Use-Lizenzierungsschema vorgeschlagen und unter Verwendung eines security framework (SFW) realisiert, um all diese Herausforderungen anzugehen. Das vorgestellte Schema ist pragmatisch, weniger restriktiv für Systementwickler und bietet Sicherheit gegen IP-Diebstahl. Darüber hinaus werden Maßnahmen ergriffen, um das System vor einem IP zu schützen, das bösartige Schaltkreise enthält. Das „Secure Framework“ umfasst ein vertrauenswürdiges Betriebssystem, ein reichhaltiges Betriebssystem, mehrere unterstützende Komponenten (z. B. TrustZone- Logik, gegen Seitenkanalangriffe (SCA) resistente Entschlüsselungsschaltungen) und Softwarekomponenten, z. B. für die Bitstromanalyse. Ein Gerät, auf dem das SFW läuft, kann als vertrauenswürdiges Gerät betrachtet werden, das direkt mit einem Repository oder einem IP-Core-Entwickler kommunizieren kann, um IPs in verschlüsselter Form zu erwerben. Die Entschlüsselung und Authentifizierung des IPs erfolgt auf dem Gerät, was die Angriffsfläche verringert und es weniger anfällig für IP-Diebstahl macht. Außerdem werden Klartext-IPs in einem geschützten Speicher des vertrauenswürdigen Betriebssystems abgelegt. Das Klartext-IP wird dann analysiert und nur dann auf der programmierbaren Logik konfiguriert, wenn es authentisch ist und keine bösartigen Schaltungen enthält. Die Bitstrom-Analysefunktionalität und die SFW-Unterkomponenten ermöglichen die Partitionierung der PL-Ressourcen in sichere und unsichere Ressourcen, d. h. die Erweiterung desKonzepts der vertrauenswürdigen Ausführungsumgebung (TEE) auf die PL. Dies ist die erste Arbeit, die das TEE-Konzept auf die programmierbare Logik ausweitet. Bei der oben erwähnten SCA-resistenten Entschlüsselungsschaltung handelt es sich um die Implementierung des Advanced Encryption Standard, der so modifiziert wurde, dass er gegen elektromagnetische und stromverbrauchsbedingte Leckagen resistent ist. Das geschützte Design verfügt über zwei Gegenmaßnahmen, wobei die erste auf einer Vielzahl unterschiedler Implementierungsvarianten und veränderlichen Zielpositionen bei der Konfiguration basiert, während die zweite nur unterschiedliche Implementierungsvarianten verwendet. Diese Gegenmaßnahmen sind auch während der Laufzeit skalierbar. Bei der Bewertung werden auch die Auswirkungen der Skalierbarkeit auf den Flächenbedarf und die Sicherheitsstärke berücksichtigt. Darüber hinaus wird die zuvor erwähnte funktionale Herausforderung des IP Floorplanning durch den Vorschlag eines feinkörnigen Automatic Floorplanners angegangen, der auf gemischt-ganzzahliger linearer Programmierung basiert und aktuelle FPGAGenerationen mit größeren und komplexen Bausteine unterstützt. Der Floorplanner bildet eine Reihe von IPs auf dem FPGA ab, indem er präzise rekonfigurierbare Regionen schafft. Dadurch werden die verbleibenden verfügbaren Ressourcen für das Gesamtdesign maximiert. Die zweite funktionale Herausforderung besteht darin, dass die vorhandenen Tools keine native Funktionalität zur Erzeugung von IPs in einer eigenständigen Umgebung bieten. Diese Herausforderung wird durch den Vorschlag eines unabhängigen IP-Generierungsansatzes angegangen. Dieser Ansatz kann von den Marktteilnehmern verwendet werden, um IPs eines Entwurfs unabhängig vom Gesamtentwurf zu generieren, ohne die Kompatibilität der IPs mit dem Gesamtentwurf zu beeinträchtigen

A Survey of hardware protection of design data for integrated circuits and intellectual properties

International audienceThis paper reviews the current situation regarding design protection in the microelectronics industry. Over the past ten years, the designers of integrated circuits and intellectual properties have faced increasing threats including counterfeiting, reverse-engineering and theft. This is now a critical issue for the microelectronics industry, mainly for fabless designers and intellectual properties designers. Coupled with increasing pressure to decrease the cost and increase the performance of integrated circuits, the design of a secure, efficient, lightweight protection scheme for design data is a serious challenge for the hardware security community. However, several published works propose different ways to protect design data including functional locking, hardware obfuscation, and IC/IP identification. This paper presents a survey of academic research on the protection of design data. It concludes with the need to design an efficient protection scheme based on several properties

An Improved Public Unclonable Function Design for Xilinx FPGAs for Hardware Security Applications

In the modern era we are moving towards completely connecting many useful electronic devices to each other through internet. There is a great need for secure electronic devices and systems. A lot of money is being invested in protecting the electronic devices and systems from hacking and other forms of malicious attacks. Physical Unclonable Function (PUF) is a low-cost hardware scheme that provides affordable security for electronic devices and systems. This thesis proposes an improved PUF design for Xilinx FPGAs and evaluates and compares its performance and reliability compared to existing PUF designs. Furthermore, the utility of the proposed PUF was demonstrated by using it for hardware Intellectual Property (IP) core licensing and authentication. Hardware Trojan can be used to provide evaluation copy of IP cores for a limited time. After that it disables the functionality of the IP core. A finite state machine (FSM) based hardware trojan was integrated with a binary divider IP core and evaluated for licensing and authentication applications. The proposed PUF was used in the design of hardware trojan. Obfuscation metric measures the effectiveness of hardware trojan. A moderately good obfuscation level was achieved for our hardware trojan

FPGA based remote code integrity verification of programs in distributed embedded systems

The explosive growth of networked embedded systems has made ubiquitous and pervasive computing a reality. However, there are still a number of new challenges to its widespread adoption that include scalability, availability, and, especially, security of software. Among the different challenges in software security, the problem of remote-code integrity verification is still waiting for efficient solutions. This paper proposes the use of reconfigurable computing to build a consistent architecture for generation of attestations (proofs) of code integrity for an executing program as well as to deliver them to the designated verification entity. Remote dynamic update of reconfigurable devices is also exploited to increase the complexity of mounting attacks in a real-word environment. The proposed solution perfectly fits embedded devices that are nowadays commonly equipped with reconfigurable hardware components that are exploited to solve different computational problems

Securing Critical Infrastructures

1noL'abstract è presente nell'allegato / the abstract is in the attachmentopen677. INGEGNERIA INFORMATInoopenCarelli, Albert

Towards Runtime Customizable Trusted Execution Environment on FPGA-SoC

Processing sensitive data and deploying well-designed Intellectual Property (IP) cores on remote Field Programmable Gate Array (FPGA) are prone to private data leakage and IP theft. One effective solution is constructing Trusted Execution Environment (TEE) on FPGA-SoCs (FPGA System on Chips). Researchers have integrated this type TEE with Trusted Platform Module (TPM)-based trusted boot, denoted as FPGA-SoC tbTEE. But there is no effort on secure and trusted runtime customization of FPGA-SoC TEE. This paper extends FPGA-SoC tbTEE to build Runtime Customizable TEE (RCTEE) on FPGA-SoC by additive three major components (our work): 1) CrloadIP, which can load an IP core at runtime such that RCTEE can be adjusted dynamically and securely; 2) CexecIP, which can not only execute an IP core without modifying the operating system of FPGA-SoC TEE, but also prevent insider attacks from executing IPs deployed in RCTEE; 3) CremoAT, which can provide the newly measured RCTEE state and establish a secure and trusted communication path between remote verifiers and RCTEE. We conduct a security analysis of RCTEE and its performance evaluation on Xilinx Zynq UltraScale+ XCZU15EG 2FFVB1156 MPSoC

RHINO software-defined radio processing blocks

This MSc project focuses on the design and implementation of a library of parameterizable, modular and reusable Digital IP blocks designed around use in Software-Defined Radio (SDR) applications and compatibility with the RHINO platform. The RHINO platform has commonalities with the better known ROACH platform, but it is a significantly cut-down and lowercost alternative which has similarities in the interfacing and FPGA/Processor interconnects of ROACH. The purpose of the library and design framework presented in this work aims to alleviate some of the commercial, high cost and static structure concerns about IP cores provided by FPGA manufactures and third-party IP vendors. It will also work around the lack of parameters and bus compatibility issues often encountered when using the freely available open resources. The RHINO hardware platform will be used for running practical applications and testing of the blocks. The HDL library that is being constructed is targeted towards both novice and experienced low-level HDL developers who can download and use it for free, and it will provide them experience of using IP Cores that support open bus interfaces in order to exploit SoC design without commercial, parameter and bus compatibility limitations. The provided modules will be of particularly benefit to the novice developers in providing ready-made examples of processing blocks, as well as parameterization settings for the interfacing blocks and associated RF receiver side configuration settings; all together these examples will help new developers establish effective ways to build their own SDR prototypes using RHINO

A Reactive and Cycle-True IP Emulator for MPSoC Exploration

The design of MultiProcessor Systems-on-Chip (MPSoC) emphasizes intellectual-property (IP)-based communication-centric approaches. Therefore, for the optimization of the MPSoC interconnect, the designer must develop traffic models that realistically capture the application behavior as executing on the IP core. In this paper, we introduce a Reactive IP Emulator (RIPE) that enables an effective emulation of the IP-core behavior in multiple environments, including bitand cycle-true simulation. The RIPE is built as a multithreaded abstract instruction-set processor, and it can generate reactive traffic patterns. We compare the RIPE models with cycle-true functional simulation of complex application behavior (tasksynchronization, multitasking, and input/output operations). Our results demonstrate high-accuracy and significant speedups. Furthermore, via a case study, we show the potential use of the RIPE in a design-space-exploration context

Implementação de redes 5G baseadas em código aberto

Recently, a growth of mobile networks, from a huge connection of only a few devices, to the need for constant maintenance with support even with different technological needs. This requires increasing the capacity of networks to respond to user needs, increasing connection speeds and decreasing latencies. In many cases, the demand for the capabilities offered by the new generation of mobile networks, 5G, remains unanswered with conventional structures, especially in urban areas. As a viable option for these needs, the use of small cells emerged. The use of this equipment is facilitated due to the flexibility offered by the architecture of 5G mobile networks that facilitate the division of the same into functional units with a virtual implementation, thus helping to spread the coverage area. The growing interest in 5G mobile networks and the immense possibilities they offer have given rise to projects focused on the development of 5G mobile networks that are made available for consultation and use by the interested community. These networks are mostly implemented in a virtual way, with the exception of the component responsible for the emission of the radio signal, where some options will be presented for this purpose during the course of the dissertation. As a target of study and evaluation of the state of development and usefulness throughout this dissertation, OpenAirInterface was chosen from among these open-source projects. The complete implementation of the same is presented and described, as well as the tests carried out in order to determine which are the functional bandwidths and which are the options for optimizing its operation. To conclude the work carried out, the results and balance of these tests are presented in the form of speed and latency tests in various bandwidths, verification of occupancy of the same, flexibility in modifying the emission frequency, as well as the result of a test of connecting elements of mobile networks developed by different open-source projects as a way of evaluating the flexibility of these networks.Recentemente temos assistido a um crescimento enorme de redes móveis, desde a conexão de apenas alguns dispositivos, até à necessidade de manter ligação constante com múltiplos equipamentos com necessidades tecnológicas diferentes. Isto requer o aumento da capacidade das redes para dar resposta às necessidades dos utilizadores, aumentar velocidades de conexão e diminuir latências. Em muitos casos, a procura pelas capacidades oferecidas pela nova geração de redes móveis, o 5G, continua sem resposta com as estruturas convencionais, especialmente em áreas urbanas. Como opção viável para essas necessidades, surgiu o uso de small cells. O uso desse equipamento é facilitado devido à flexibilidade oferecida pela arquitetura de redes móveis 5G que facilitam a divisão da mesma em unidades funcionais com uma implementação virtual ajudando assim à propagação da área de cobertura. O interesse crescente de redes móveis 5G e as imensas possibilidades que as mesmas oferecem, fizeram surgir projetos focados no desenvolvimento de redes móveis 5G que são colocados disponíveis para consulta e uso da comunidade interessada. Estes redes são maioritariamente implementadas de forma virtual à exceção do componente responsável pela emissão do sinal rádio, onde serão apresentadas algumas opções para o efeito no decorrer da dissertação. Como alvo de estudo e avaliação do estado de desenvolvimento e utilidade ao longo desta dissertação, foi escolhida a OpenAirInterface de entre esses projetos open-source. É apresentada e descrita a implementação completa da mesma, assim como os testes efetuados no sentido de apurar quais as larguras de banda funcionais e quais as opções de otimização de funcionamento da mesma. Para concluir o trabalho realizado, é apresentado o resultado e balanço desses testes na forma de testes de velocidade e latência em várias larguras de banda, verificação de ocupação da mesma, flexibilidade em modificar a frequência de emissão, assim como o resultado de um teste de conexão de elementos de redes móveis desenvolvidos por projetos open-source diferentes como forma de avaliar a flexibilidade destas redes.Mestrado em Engenharia Eletrónica e Telecomunicaçõe