On-chip Data Security Against Untrustworthy Software and Hardware IPs in Embedded Systems

2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI) Pub Date : 2018-07-01 DOI:10.1109/ISVLSI.2018.00122

S. Gundabolu, Xiaofang Wang

{"title":"On-chip Data Security Against Untrustworthy Software and Hardware IPs in Embedded Systems","authors":"S. Gundabolu, Xiaofang Wang","doi":"10.1109/ISVLSI.2018.00122","DOIUrl":null,"url":null,"abstract":"State-of-the-art system-on-chip (SoC) field programmable gate arrays (FPGAs) integrate hard powerful ARM processor cores and the reconfigurable logic fabric on a single chip in addition to many commonly needed high performance and high-bandwidth peripherals. The increasing reliance on untrustworthy third-party IP (3PIP) cores, including both hardware and software in FPGA-based embedded systems has made the latter increasingly vulnerable to security attacks. Detection of trojans in 3PIPs is extremely difficult to current static detection methods since there is no golden reference model for 3PIPs. Moreover, many FPGA-based embedded systems do not have the support of security services typically found in operating systems. In this paper, we present our run-time, low-cost, and low-latency hardware and software based solution for protecting data stored in on-chip memory blocks, which has attracted little research attention. The implemented memory protection design consists of a hierarchical top-down structure and controls memory access from software IPs running on the processor and hardware IPs running in the FPGA, based on a set of rules or access rights configurable at run time. Additionally, virtual addressing and encryption of data for each memory help protect confidentiality of data in case of a failure of the memory protection unit, making it hard for the attacker to gain access to the data stored in the memory. The design is implemented and tested on the Intel (Altera) DE1-SoC board featuring a SoC FPGA that integrates a dual-core ARM processor with reconfigurable logic and hundreds of memory blocks. The experimental results and case studies show that the protection model is successful in eliminating malicious IPs from the system without need for reconfiguration of the FPGA. It prevents unauthorized accesses from untrusted IPs, while arbitrating access from trusted IPs generating legal memory requests, without incurring a serious area or latency penalty.","PeriodicalId":114330,"journal":{"name":"2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI)","volume":"96 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISVLSI.2018.00122","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

State-of-the-art system-on-chip (SoC) field programmable gate arrays (FPGAs) integrate hard powerful ARM processor cores and the reconfigurable logic fabric on a single chip in addition to many commonly needed high performance and high-bandwidth peripherals. The increasing reliance on untrustworthy third-party IP (3PIP) cores, including both hardware and software in FPGA-based embedded systems has made the latter increasingly vulnerable to security attacks. Detection of trojans in 3PIPs is extremely difficult to current static detection methods since there is no golden reference model for 3PIPs. Moreover, many FPGA-based embedded systems do not have the support of security services typically found in operating systems. In this paper, we present our run-time, low-cost, and low-latency hardware and software based solution for protecting data stored in on-chip memory blocks, which has attracted little research attention. The implemented memory protection design consists of a hierarchical top-down structure and controls memory access from software IPs running on the processor and hardware IPs running in the FPGA, based on a set of rules or access rights configurable at run time. Additionally, virtual addressing and encryption of data for each memory help protect confidentiality of data in case of a failure of the memory protection unit, making it hard for the attacker to gain access to the data stored in the memory. The design is implemented and tested on the Intel (Altera) DE1-SoC board featuring a SoC FPGA that integrates a dual-core ARM processor with reconfigurable logic and hundreds of memory blocks. The experimental results and case studies show that the protection model is successful in eliminating malicious IPs from the system without need for reconfiguration of the FPGA. It prevents unauthorized accesses from untrusted IPs, while arbitrating access from trusted IPs generating legal memory requests, without incurring a serious area or latency penalty.

查看原文本刊更多论文

嵌入式系统中针对不可信软硬件ip的片上数据安全

最先进的片上系统(SoC)现场可编程门阵列(fpga)除了许多常用的高性能和高带宽外设外，还在单个芯片上集成了强大的硬ARM处理器内核和可重构逻辑结构。越来越多地依赖于不可信的第三方IP (3PIP)内核，包括基于fpga的嵌入式系统中的硬件和软件，使得后者越来越容易受到安全攻击。由于没有3pip的黄金参考模型，目前的静态检测方法很难检测3pip中的木马。此外，许多基于fpga的嵌入式系统没有操作系统中常见的安全服务支持。在本文中，我们提出了一种基于运行时，低成本，低延迟的硬件和软件的解决方案，用于保护存储在片上存储块中的数据，这一解决方案很少引起研究关注。实现的内存保护设计由自上而下的分层结构组成，并根据运行时可配置的一组规则或访问权限，控制运行在处理器上的软件ip和运行在FPGA中的硬件ip对内存的访问。此外，每个内存的虚拟寻址和数据加密有助于在内存保护单元发生故障时保护数据的机密性，使攻击者难以访问存储在内存中的数据。该设计在Intel (Altera) DE1-SoC板上实现和测试，该板具有SoC FPGA，该FPGA集成了具有可重构逻辑和数百个内存块的双核ARM处理器。实验结果和案例研究表明，该保护模型在不需要重新配置FPGA的情况下，成功地消除了系统中的恶意ip。它可以防止来自不可信ip的未经授权访问，同时仲裁来自可信ip的访问，生成合法的内存请求，而不会导致严重的面积或延迟损失。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI)

自引率

0.00%

发文量