Sudipta Paria,Swarup Bhunia

2023-08-05

Abstract:The current zero trust model adopted in System-on-Chip (SoC) design is vulnerable to various malicious entities, and modern SoC designs must incorporate various security policies to protect sensitive assets from unauthorized access. These policies involve complex interactions between multiple IP blocks, which poses challenges for SoC designers and security experts when implementing these policies and for system validators when ensuring compliance. Difficulties arise when upgrading policies, reusing IPs for systems targeting different security requirements, and the subsequent increase in design time and time-to-market. This paper proposes a generic and flexible framework, called DiSPEL, for enforcing security policies defined by the user represented in a formal way for any bus-based SoC design. It employs a distributed deployment strategy while ensuring trusted bus operations despite the presence of untrusted IPs. It relies on incorporating a dedicated, centralized module capable of implementing diverse security policies involving bus-level interactions while generating the necessary logic and appending in the bus-level wrapper for IP-level policies. The proposed architecture is generic and independent of specific security policy types supporting both synthesizable and non-synthesizable solutions. The experimental results demonstrate its effectiveness and correctness in enforcing the security requirements and viability due to low overhead in terms of area, delay, and power consumption tested on open-source standard SoC benchmarks.

Cryptography and Security,Hardware Architecture

Subodha Charles,Prabhat Mishra

DOI: https://doi.org/10.1145/3406661

IF: 1.447

2020-10-12

ACM Transactions on Design Automation of Electronic Systems

Abstract:Growth of the Internet-of-things has led to complex system-on-chips (SoCs) being used in the edge devices in IoT applications. The increased complexity is demanding designers to consider several critical factors, such as dynamic requirement changes, long application life, mass production, and tight time-to-market deadlines. These requirements lead to more complex security concerns. SoC manufacturers outsource some of the intellectual property cores integrated on the SoC to untrusted third-party vendors. The untrusted intellectual properties can contain malicious implants, which can launch attacks using the resources provided by the on-chip interconnection network, commonly known as the network-on-chip (NoC). Existing efforts on securing NoC have considered lightweight encryption, authentication, and other attack detection mechanisms such as denial-of-service and buffer overflows. Unfortunately, these approaches focus on designing statically optimized security solutions. As a result, they are not suitable for many IoT systems with long application life and dynamic requirement changes. There is a critical need to design reconfigurable security architectures that can be dynamically tuned based on changing requirements. In this article, we propose a tier-based reconfigurable security architecture that can adapt to different use-case scenarios. We explore how to design an efficient reconfigurable architecture that can support three popular NoC security mechanisms (encryption, authentication, and denial-of-service attack detection and localization) and implement suitable dynamic reconfiguration techniques. We evaluate our proposed framework by running standard benchmarks enabling different tiers of security and provide a comprehensive analysis of how different levels of security can affect application performance, energy efficiency, and area overhead.

computer science, software engineering, hardware & architecture

Abhishek Basak,Swarup Bhunia,Thomas Tkacik,Sandip Ray

DOI: https://doi.org/10.1109/tifs.2017.2658544

IF: 7.231

2017-07-01

IEEE Transactions on Information Forensics and Security

Abstract:Modern system-on-chip (SoC) designs involve integration of a large number of intellectual property (IP) blocks, many of which are acquired from untrusted third-party vendors. An IP containing a security vulnerability-whether inadvertent or malicious-may compromise the trustworthiness of the entire SoC, e.g., by leaking sensitive information or causing execution failures at key points. Existing functional validation approaches, post-manufacturing tests, and IP trust verification techniques are inadequate to accomplish comprehensive system-level security assurance in the presence of untrusted IPs. In this paper, we analyze security issues at the SoC level caused by untrusted IPs. We also propose a novel, resilient SoC security architecture to ensure trusted SoC operation with untrusted IPs. Our architecture realizes fine-grained IP-trust aware security policies in an efficient security policy checker that enables run-time monitoring of security issues arising from untrusted IPs. It also exploits on-chip design-for-debug architecture to ensure trusted information flow from IP blocks to the security policy checker. Unlike existing solutions to the untrusted IP problem, which rely on verification of IP trust before they are integrated into an SoC, the proposed approach follows a fundamentally different architecture-level solution based on run-time resilience. We demonstrate the effectiveness of this framework for system protection using several illustrative practical use cases. We also provide experimental results to show that the overhead of the proposed architecture is modest on representative SoC designs.

computer science, theory & methods,engineering, electrical & electronic

Sandip Ray,Eric Peeters,Mark M. Tehranipoor,Swarup Bhunia

DOI: https://doi.org/10.1109/jproc.2017.2714641

IF: 20.6

2018-01-01

Proceedings of the IEEE

Abstract:Modern system-on-chip (SoC) designs include a wide variety of highly sensitive assets which must be protected from unauthorized access. A significant aspect of SoC design involves exploration, analysis, and evaluation of resiliency mechanisms against attacks to such assets. These attacks may arise from a number of sources, including malicious intellectualproperty blocks (IPs) in the hardware, malicious or vulnerable firmware and software, insecure communication of the system with other devices, and side-channel vulnerabilities through power and performance profiles. Countermeasures for these attacks are equally diverse, which include architecture, design, implementation, and validation-based protection. In this paper, we provide a comprehensive overview of the security infrastructure in modern SoC designs, including both resiliency techniques and their validation paradigms at presilicon and postsilicon stages. We identify gaps in current resiliency and analysis architectures and propose design and validation solutions to address them. Finally, we provide industry perspectives on the role and impact of current practices on SoC security, and discuss some emerging trends in this important area.

engineering, electrical & electronic

Alex Baird,Abhinandan Panda,Hammond Pearce,Srinivas Pinisetty,Partha Roop

DOI: https://doi.org/10.1109/access.2024.3357714

IF: 3.9

2024-02-03

IEEE Access

Abstract:The security of Cyber-Physical Systems (CPSs) is increasingly important as more and more of these systems are added to the Internet of Things (IoT). As we increase the complexity and connectivity of our smart systems, we likewise broaden their digital attack surface. Recorded attacks on CPSs have caused significant physical impacts making methods for mitigation of attacks of paramount importance. The use of runtime enforcement (RE) can prevent violation of security policies. Here, runtime enforcers intervene before the CPS is compromised. Two key challenges are presented: (1) for complex systems, methods for automatically composing multiple policies are lacking; and (2) runtime enforcers are themselves executed digitally—meaning they too could have potential security vulnerabilities. We present the first comprehensive runtime enforcement framework which addresses both challenges. It can compose a lot of security policies in parallel and synthesize these policies into the more trustworthy hardware layers of a system. This removes reliance on potentially vulnerable firmware and software layers. We demonstrate our approach with policies to mitigate a set of attacks on a Fused Filament Fabrication (FFF) 3D printer. The experimental results show linear growth in logic element and register usage as the number of policies increase. This compares favourably to the exponential state space explosion that occurs with the conventional approach of monolithic composition. Additionally, we find higher enforcer clock frequencies are possible with the proposed parallel approach compared to existing serial approaches.

computer science, information systems,telecommunications,engineering, electrical & electronic

Johann Knechtel,Elif Bilge Kavun,Francesco Regazzoni,Annelie Heuser,Anupam Chattopadhyay,Debdeep Mukhopadhyay,Soumyajit Dey,Yunsi Fei,Yaacov Belenky,Itamar Levi,Tim Güneysu,Patrick Schaumont,Ilia Polian

DOI: https://doi.org/10.23919/DATE48585.2020.9116483

2020-01-27

Abstract:Modern electronic systems become evermore complex, yet remain modular, with integrated circuits (ICs) acting as versatile hardware components at their heart. Electronic design automation (EDA) for ICs has focused traditionally on power, performance, and area. However, given the rise of hardware-centric security threats, we believe that EDA must also adopt related notions like secure by design and secure composition of hardware. Despite various promising studies, we argue that some aspects still require more efforts, for example: effective means for compilation of assumptions and constraints for security schemes, all the way from the system level down to the "bare metal"; modeling, evaluation, and consideration of security-relevant metrics; or automated and holistic synthesis of various countermeasures, without inducing negative cross-effects. In this paper, we first introduce hardware security for the EDA community. Next we review prior (academic) art for EDA-driven security evaluation and implementation of countermeasures. We then discuss strategies and challenges for advancing research and development toward secure composition of circuits and systems.

Cryptography and Security

Sami Ul Islam Sami,Tao Zhang,Amit Mazumder Shuvo,Saad Ul Haque,Paul E. Calzada,Kimia Zamiri Azar,Hadi Mardani Kamali,Fahim Rahman,Farimah Farahmandi,Mark Tehranipoor,Md Sami Ul Islam Sami,Md Saad Ul Haque

DOI: https://doi.org/10.1109/access.2024.3375874

IF: 3.9

2024-04-09

IEEE Access

Abstract:The semiconductor industry has adopted heterogeneous integration (HI), incorporating modular intellectual property (IP) blocks (chiplets) into a unified system-in-package (SiP) to overcome the slowdown in Moore's Law and Dennard scaling and to respond to the increasing demand for advanced integrated circuits (ICs). Despite the manifold benefits of HI, such as enhanced performance, reduced area overhead, and improved yield, this transformation has also led to security vulnerabilities in the SiP supply chain and in-field operations, ranging from chiplet piracy and SiP reverse engineering (RE) to information leakage. Although conventional countermeasures provide the desired robustness for monolithic ICs, they are insufficient for addressing these challenges in the context of HI. To address these concerns, this paper presents a novel root-of-trust architecture, augmenting the process of integration using a centralized chiplet hardware security module (CHSM), aiming to provide comprehensive and robust protection throughout the SiP supply chain and in-field operations. Also, the proposed architecture equipped with the CHSM effectively addresses potential security breaches while providing robust protection against zero-day attacks through its reconfigurable capabilities. Throughout five detailed case studies, this paper performs a comprehensive security analysis to illustrate the resilience of CHSM against contemporary attack scenarios in the HI domain.

computer science, information systems,telecommunications,engineering, electrical & electronic

Kevin Immanuel Gubbi,Banafsheh Saber Latibari,Muhtasim Alam Chowdhury,Afrooz Jalilzadeh,Erfan Yazdandoost Hamedani,Setareh Rafatirad,Avesta Sasan,Houman Homayoun,Soheil Salehi

DOI: https://doi.org/10.1109/tcsi.2024.3364160

2024-01-01

Abstract:The globalization of the manufacturing process and the supply chain for electronic hardware has been driven by the need to maximize profitability while lowering risk in a technologically advanced silicon sector. However, many hardware IPs’ security features have been broken because of the rise in successful hardware attacks. Existing security efforts frequently ignore numerous dangers in favor of fixing a particular vulnerability. This inspired the development of a unique method that uses emerging spin-based devices to obfuscate circuitry to secure hardware intellectual property (IP) during fabrication and the supply chain. We propose an Optimized and Automated Secure IC (OASIC) Design Flow, a defense-in-depth approach that can minimize overhead while maximizing security. Our EDA tool flow uses a dynamic obfuscation method that employs dynamic lockboxes, which include switch boxes and magnetic random access memory (MRAM)-based look-up tables (LUT) while offering minimal overhead and being flexible and resilient against modern SAT-based attacks and power side-channel attacks. An EDA tool flow for optimized lockbox insertion is also developed to generate SAT-resilient design netlists with the least power and area overhead. PPA metrics and security (SAT attack time) are provided to the designer for each lockbox insertion run. A verification methodology is provided to verify locked and unlocked designs for functional correctness. Finally, we use ISCAS’85 benchmarks to show that the EDA tool flow provides a secure hardware netlist with maximum security while considering power and area constraints. Our results indicate that the proposed OASIC design flow can maximize security while incurring less than 15% area overhead and maintaining a similar power footprint compared to the original design. OASIC design flow demonstrates improved performance as design size increases, which demonstrates the scalability of the proposed approach.

engineering, electrical & electronic

Jitendra Bhandari,Animesh Basak Chowdhury,Mohammed Nabeel,Ozgur Sinanoglu,Siddharth Garg,Ramesh Karri,Johann Knechtel

2024-07-01

Abstract:Power side-channel (PSC) analysis is pivotal for securing cryptographic hardware. Prior art focused on securing gate-level netlists obtained as-is from chip design automation, neglecting all the complexities and potential side-effects for security arising from the design automation process. That is, automation traditionally prioritizes power, performance, and area (PPA), sidelining security. We propose a "security-first" approach, refining the logic synthesis stage to enhance the overall resilience of PSC countermeasures. We introduce ASCENT, a learning-and-search-based framework that (i) drastically reduces the time for post-design PSC evaluation and (ii) explores the security-vs-PPA design space. Thus, ASCENT enables an efficient exploration of a large number of candidate netlists, leading to an improvement in PSC resilience compared to regular PPA-optimized netlists. ASCENT is up to 120x faster than traditional PSC analysis and yields a 3.11x improvement for PSC resilience of state-of-the-art PSC countermeasures

Cryptography and Security,Machine Learning

Davide Zoni,Andrea Galimberti,Davide Galli

2024-07-25

Abstract:Attacks based on side-channel analysis (SCA) pose a severe security threat to modern computing platforms, further exacerbated on IoT devices by their pervasiveness and handling of private and critical data. Designing SCA-resistant computing platforms requires a significant additional effort in the early stages of the IoT devices' life cycle, which is severely constrained by strict time-to-market deadlines and tight budgets. This manuscript introduces a hardware-software framework meant for SCA research on FPGA targets. It delivers an IoT-class system-on-chip (SoC) that includes a RISC-V CPU, provides observability and controllability through an ad-hoc debug infrastructure to facilitate SCA attacks and evaluate the platform's security, and streamlines the deployment of SCA countermeasures through dedicated hardware and software features such as a DFS actuator and FreeRTOS support. The open-source release of the framework includes the SoC, the scripts to configure the computing platform, compile a target application, and assess the SCA security, as well as a suite of state-of-the-art SCA attacks and countermeasures. The goal is to foster its adoption and novel developments in the field, empowering designers and researchers to focus on studying SCA countermeasures and attacks while relying on a sound and stable hardware-software platform as the foundation for their research.

Cryptography and Security,Hardware Architecture

Bo Mei,Zhengbin Zhu,Peijie Li,Bo Zhao

DOI: https://doi.org/10.1049/2024/2023349

2024-04-12

IET Information Security

Abstract:System on Wafer (SoW) based on chiplets may be implanted with hardware Trojans (HTs) by untrustworthy third-party chiplet vendors. However, traditional HTs protection techniques cannot guarantee complete protection against HTs, which poses a great challenge to the hardware security of SoW. In this paper, we propose a computing architecture based on endogenous security theory—dynamic heterogeneous redundant computing architecture (DHRCA) that can tolerate and detect HTs at runtime. The security of our approach is analyzed by building a generalized stochastic coloring petri net (GSCPN) model of DHRCA. The simulation results based on the GSCPN model show that our method can improve the system security probability to 0.8690 and the system availability probability to 0.9750 in the steady state compared with typical triple-mode redundancy and runtime monitoring methods. Furthermore, the impact of different attack and defense strategies on system security of different methods is simulated and analyzed in this paper.

computer science, information systems, theory & methods

Zhenliang An,Weike Wang,Wenxin Li,Senyang Li,Dexue Zhang

DOI: https://doi.org/10.3390/mi14081525

IF: 3.4

2023-07-30

Micromachines

Abstract:The growing prevalence of embedded systems in various applications has raised concerns about their vulnerability to malicious code reuse attacks. Current software-based and hardware-assisted security techniques struggle to detect or block these attacks with minor performance and implementation overhead. To address this issue, this paper presents a lightweight hardware-assisted scheme to enhance the security of embedded systems against code reuse attacks. We develop an on-chip lightweight hardware shadow stack to validate target addresses at runtime for backward-edge control flow integrity, which backs up valid return addresses during function calls and automatically verifies actual return addresses during the return phase. Additionally, we propose a lightweight stream cipher circuit that encrypts and decrypts critical stack data related to control flow manipulation, preventing attackers from analyzing or tampering with them. When designing and implementing the security mechanism for embedded systems, we fully consider the constraints of limited system resources and performance, optimizing both the architecture design and implementation of the proposed hardware. Finally, we integrate both the proposed lightweight hardware shadow stack and the runtime data encryption hardware into the OR1200 processor. We have verified the system security function on the Terasic DE1-SoC FPGA platform and evaluated the system performance as well as implementation overhead. The results show that the proposed lightweight hardware-assisted scheme can provide a dedicated defense capability against code reuse attacks for embedded systems, with an average system performance overhead of 0.39% and an area footprint of 0.316 mm2.

chemistry, analytical,nanoscience & nanotechnology,instruments & instrumentation,physics, applied

Avani Dave,Nilanjan Banerjee,Chintan Patel

DOI: https://doi.org/10.48550/arXiv.2101.06148

2021-01-15

Abstract:Recent technological advancements have enabled proliferated use of small embedded and IoT devices for collecting, processing, and transferring the security-critical information and user data. This exponential use has acted as a catalyst in the recent growth of sophisticated attacks such as the replay, man-in-the-middle, and malicious code modification to slink, leak, tweak or exploit the security-critical information in malevolent activities. Therefore, secure communication and software state assurance (at run-time and boot-time) of the device has emerged as open security problems. Furthermore, these devices need to have an appropriate recovery mechanism to bring them back to the known-good operational state. Previous researchers have demonstrated independent methods for attack detection and safeguard. However, the majority of them lack in providing onboard system recovery and secure communication techniques. To bridge this gap, this manuscript proposes SRACARE- a framework that utilizes the custom lightweight, secure communication protocol that performs remote/local attestation, and secure boot with an onboard resilience recovery mechanism to protect the devices from the above-mentioned attacks. The prototype employs an efficient lightweight, low-power 32-bit RISC-V processor, secure communication protocol, code authentication, and resilience engine running on the Artix 7 Field Programmable Gate Array(FPGA) board. This work presents the performance evaluation and state-of-the-art comparison results, which shows promising resilience to attacks and demonstrate the novel protection mechanism with onboard recovery. The framework achieves these with only 8 % performance overhead and a very small increase in hardware-software footprint.

Cryptography and Security

Mohammed Nabeel,Mohammed Ashraf,Satwik Patnaik,Vassos Soteriou,Ozgur Sinanoglu,Johann Knechtel

DOI: https://doi.org/10.1109/TC.2020.3020777

2020-09-30

Abstract:Dedicated, after acceptance and publication, in memory of the late Vassos Soteriou. For the first time, we leverage the 2.5D interposer technology to establish system-level security in the face of hardware- and software-centric adversaries. More specifically, we integrate chiplets (i.e., third-party hard intellectual property of complex functionality, like microprocessors) using a security-enforcing interposer. Such hardware organization provides a robust 2.5D root of trust for trustworthy, yet powerful and flexible, computation systems. The security paradigms for our scheme, employed firmly by design and construction, are: 1) stringent physical separation of trusted from untrusted components, and 2) runtime monitoring. The system-level activities of all untrusted commodity chiplets are checked continuously against security policies via physically separated security features. Aside from the security promises, the good economics of outsourced supply chains are still maintained; the system vendor is free to procure chiplets from the open market, while only producing the interposer and assembling the 2.5D system oneself. We showcase our scheme using the Cortex-M0 core and the AHB-Lite bus by ARM, building a secure 64-core system with shared memories. We evaluate our scheme through hardware simulation, considering different threat scenarios. Finally, we devise a physical-design flow for 2.5D systems, based on commercial-grade design tools, to demonstrate and evaluate our 2.5D root of trust.

Cryptography and Security,Hardware Architecture

Haji Akhundov,Erik van der Sluis,Said Hamdioui,Mottaqiallah Taouil

DOI: https://doi.org/10.5121/csit.2019.91328

2020-02-04

Abstract:Nowadays, Internet of Things (IoT) is a trending topic in the computing world. Notably, IoT devices have strict design requirements and are often referred to as constrained devices. Therefore, security techniques and primitives that are lightweight are more suitable for such devices, e.g., Static Random-Access Memory (SRAM) Physical Unclonable Functions (PUFs) and Elliptic Curve Cryptography (ECC). SRAM PUF is an intrinsic security primitive that is seeing widespread adoption in the IoT segment. ECC is a public-key algorithm technique that has been gaining popularity among constrained IoT devices. The popularity is due to using significantly smaller operands when compared to other public-key techniques such as RSA (Rivest Shamir Adleman). This paper shows the design, development, and evaluation of an application-specific secure communication architecture based on SRAM PUF technology and ECC for constrained IoT devices. More specifically, it introduces an Elliptic Curve Diffie-Hellman (ECDH) public-key based cryptographic protocol that utilizes PUF-derived keys as the root-of-trust for silicon authentication. Also, it proposes a design of a modular hardware architecture that supports the protocol. Finally, to analyze the practicality as well as the feasibility of the proposed protocol, we demonstrate the solution by prototyping and verifying a protocol variant on the commercial Xilinx Zynq-7000 APSoC device.

Cryptography and Security

Xi Tan,Zheyuan Ma,Sandro Pinto,Le Guan,Ning Zhang,Jun Xu,Zhiqiang Lin,Hongxin Hu,Ziming Zhao

2024-05-14

Abstract:Arm Cortex-M processors are the most widely used 32-bit microcontrollers among embedded and Internet-of-Things devices. Despite the widespread usage, there has been little effort in summarizing their hardware security features, characterizing the limitations and vulnerabilities of their hardware and software stack, and systematizing the research on securing these systems. The goals and contributions of this paper are multi-fold. First, we analyze the hardware security limitations and issues of Cortex-M systems. Second, we conducted a deep study of the software stack designed for Cortex-M and revealed its limitations, which is accompanied by an empirical analysis of 1,797 real-world firmware. Third, we categorize the reported bugs in Cortex-M software systems. Finally, we systematize the efforts that aim at securing Cortex-M systems and evaluate them in terms of the protections they offer, runtime performance, required hardware features, etc. Based on the insights, we develop a set of recommendations for the research community and MCU software developers.

Cryptography and Security,Hardware Architecture

Mohammed Shayan,Kanad Basu,Ramesh Karri

DOI: https://doi.org/10.48550/arXiv.2010.13155

2020-10-25

Cryptography and Security

Abstract:With transistor scaling reaching its limits, interposer-based integration of dies (chiplets) is gaining traction. Such an interposer-based integration enables finer and tighter interconnect pitch than traditional system-on-packages and offers two key benefits: 1. It reduces design-to-market time by bypassing the time-consuming process of verification and fabrication. 2. It reduces the design cost by reusing chiplets. While black-boxing of the slow design stages cuts down the design time, it raises significant security concerns. We study the security implications of the emerging interposer-based integration methodology. The black-boxed design stages deploy security measures against hardware Trojans, reverse engineering, and intellectual property piracy in traditional systems-on-chip (SoC) designs and hence are not suitable for interposer-based integration. We propose using functionally diverse chiplets to detect and thwart hardware Trojans and use the inherent logic redundancy to shore up anti-piracy measures. Our proposals do not rely on access to the black-box design stages. We evaluate the security, time and cost benefits of our plan by implementing a MIPS processor, a DCT core, and an AES core using various IPs from the Xilinx CORE GENERATOR IP catalog, on an interposer-based Xilinx FPGA.

Francesco Restuccia,Andres Meza,Ryan Kastner

DOI: https://doi.org/10.48550/arXiv.2106.13263

2021-06-25

Abstract:Modern systems on a chip (SoCs) utilize heterogeneous architectures where multiple IP cores have concurrent access to on-chip shared resources. In security-critical applications, IP cores have different privilege levels for accessing shared resources, which must be regulated by an access control system. AKER is a design and verification framework for SoC access control. AKER builds upon the Access Control Wrapper (ACW) -- a high performance and easy-to-integrate hardware module that dynamically manages access to shared resources. To build an SoC access control system, AKER distributes the ACWs throughout the SoC, wrapping controller IP cores, and configuring the ACWs to perform local access control. To ensure the access control system is functioning correctly and securely, AKER provides a property-driven security verification using MITRE common weakness enumerations. AKER verifies the SoC access control at the IP level to ensure the absence of bugs in the functionalities of the ACW module, at the firmware level to confirm the secure operation of the ACW when integrated with a hardware root-of-trust (HRoT), and at the system level to evaluate security threats due to the interactions among shared resources. The performance, resource usage, and security of access control systems implemented through AKER is experimentally evaluated on a Xilinx UltraScale+ programmable SoC, it is integrated with the OpenTitan hardware root-of-trust, and it is used to design an access control system for the OpenPULP multicore architecture.

Cryptography and Security,Hardware Architecture

Ted Huffmire,Brett Brotherton,Nick Callegari,Jonathan Valamehr,Jeff White,Ryan Kastner,Tim Sherwood

DOI: https://doi.org/10.1145/1367045.1367053

IF: 1.447

2008-07-01

ACM Transactions on Design Automation of Electronic Systems

Abstract:The extremely high cost of custom ASIC fabrication makes FPGAs an attractive alternative for deployment of custom hardware. Embedded systems based on reconfigurable hardware integrate many functions onto a single device. Since embedded designers often have no choice but to use soft IP cores obtained from third parties, the cores operate at different trust levels, resulting in mixed-trust designs. The goal of this project is to evaluate recently proposed security primitives for reconfigurable hardware by building a real embedded system with several cores on a single FPGA and implementing these primitives on the system. Overcoming the practical problems of integrating multiple cores together with security mechanisms will help us to develop realistic security-policy specifications that drive enforcement mechanisms on embedded systems.

computer science, software engineering, hardware & architecture

Dan Cao,Jun Han,Xiao-Yang Zeng,Shi-ting Lu

DOI: https://doi.org/10.1109/aspdac.2009.4796468

2009-01-01

Abstract:A multi-task-oriented security processing architecture is presented in this paper. This architecture contains a host microprocessor and multiple security processors (SP). The SP could integrate dedicated Crypto-Engines, which provides functional extensibility. And the performance scalability and multi-task parallelism could be enhanced by increasing the number of SPs on system bus. It's demonstrated that this architecture greatly improves the system efficiency. A test chip is implemented based on SMIC 0.18 um standard CMOS technology, and its functionality is well verified.