Towards Runtime Customizable Trusted Execution Environment on FPGA-SoC

Yanling Wang,Xiaolin Chang,Haoran Zhu,Jianhua Wang,Yanwei Gong,Lin Li
2023-09-13
Abstract:Processing sensitive data and deploying well-designed Intellectual Property (IP) cores on remote Field Programmable Gate Array (FPGA) are prone to private data leakage and IP theft. One effective solution is constructing Trusted Execution Environment (TEE) on FPGA-SoCs (FPGA System on Chips). Researchers have integrated this type TEE with Trusted Platform Module (TPM)-based trusted boot, denoted as FPGA-SoC tbTEE. But there is no effort on secure and trusted runtime customization of FPGA-SoC TEE. This paper extends FPGA-SoC tbTEE to build Runtime Customizable TEE (RCTEE) on FPGA-SoC by additive three major components (our work): 1) CrloadIP, which can load an IP core at runtime such that RCTEE can be adjusted dynamically and securely; 2) CexecIP, which can not only execute an IP core without modifying the operating system of FPGA-SoC TEE, but also prevent insider attacks from executing IPs deployed in RCTEE; 3) CremoAT, which can provide the newly measured RCTEE state and establish a secure and trusted communication path between remote verifiers and RCTEE. We conduct a security analysis of RCTEE and its performance evaluation on Xilinx Zynq UltraScale+ XCZU15EG 2FFVB1156 MPSoC.
Cryptography and Security,Hardware Architecture
What problem does this paper attempt to address?
### Problems Addressed by the Paper The paper primarily addresses the issues of privacy leakage and IP theft when deploying sensitive data and meticulously designed IP cores on remote Field Programmable Gate Arrays (FPGAs). Specifically, the paper aims to construct a Runtime Customizable Trusted Execution Environment (RCTEE). #### Specific Goals 1. **Dynamically and Securely Loading IP Cores**: Developed the CrloadIP component to ensure that only IP cores that pass integrity checks can be deployed into the FPGA-SoC TEE. 2. **Secure and Flexible Execution of IP Cores**: Through the CexecIP component, any IP core can be executed without modifying the operating system, preventing internal attackers from executing IP cores deployed in the RCTEE. 3. **Establishing a Secure and Trusted Communication Path**: The CremoAT component provides a remote attestation protocol, allowing remote users to verify the state of the newly launched FPGA-SoC TEE and establish a secure and trusted communication path. #### Solution Background Current solutions include: - Pure FPGA TEE: The entire FPGA acts as an independent TEE, but it has issues with static logic occupying hardware resources and the lack of isolation between static and dynamic logic. - Host-FPGA TEE: The FPGA acts as an extension of the CPU-TEE, but it faces challenges with dynamically replacing software encryption algorithms. - FPGA-SoC TEE: Part of the FPGA-SoC acts as a TEE, while the rest acts as a REE. This is further divided into two subcategories: those not using processor-built-in security technologies and those using processor-built-in security technologies. The paper focuses on enhancing FPGA-SoC security using ARM TrustZone technology. #### New Features RCTEE not only inherits the security features of FPGA-SoC TEE but also introduces the following unique features: 1. **Runtime Customizable Security**: CrloadIP handles the security of dynamic IP deployment. 2. **Secure and Flexible Use of IP Cores**: CexecIP provides a unified input-output format, allowing any IP core to be used without modifying the operating system. 3. **Secure and Trusted Data Transmission**: CremoAT is responsible for providing new RCTEE state measurements and allowing remote verification of its trustworthiness. Through these improvements, RCTEE not only addresses the issues present in existing solutions but also enhances the overall system's security and flexibility.