A SoC Design of TrustZone based Key Provisioning for FPGA IP Protection

Gregory Williams, Jerry Aizprua, Mohammad J Alhaddad, Doua Yang, Nabila BouSaba, F. Saqib
{"title":"A SoC Design of TrustZone based Key Provisioning for FPGA IP Protection","authors":"Gregory Williams, Jerry Aizprua, Mohammad J Alhaddad, Doua Yang, Nabila BouSaba, F. Saqib","doi":"10.1109/MWSCAS47672.2021.9531874","DOIUrl":null,"url":null,"abstract":"With the rise of globalization, third party intellectual property 3PIP use in the system on chip SoC and the horizontal business model of outsourcing the manufacturing and packaging processes has improved the design time, cost and adoption of newer sub-micron technologies. This however results in sharing the intellectual property with system integrators and the offshore foundries which has resulted in the new security vulnerabilities of the semiconductor supply chain. IP protection laws aren’t consistent across all countries, so companies need to protect their IP from untrustworthy foundries attempting to pirate their design.In this work we propose \"AAFLE\" (Automated Application for FPGA Logic Encryption), an automated application for IP developers to protect their design with an automated flow to lock the design using state of the art logic locking schemes. We will propose a secure hardware isolation mechanism that leverages ARM TrustZone to enable a secure key provisioning system. The system uses TOPPERS/SafeG, a dual-OS monitor, which allows a execution of two operating systems simultaneously, a non-trusted OS confined to the isolated hardware and a trusted OS with access to the entire SoC. The non-secure OS is a Linux kernel with an application that will ask users for the correct key in order to unlock the system. The secure OS is an RTOS application that is responsible for storing and checking for a correct key input, as well as giving this key to the encrypted hardware in the programmable logic.","PeriodicalId":6792,"journal":{"name":"2021 IEEE International Midwest Symposium on Circuits and Systems (MWSCAS)","volume":"59 1","pages":"874-877"},"PeriodicalIF":0.0000,"publicationDate":"2021-08-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE International Midwest Symposium on Circuits and Systems (MWSCAS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MWSCAS47672.2021.9531874","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1

Abstract

With the rise of globalization, third party intellectual property 3PIP use in the system on chip SoC and the horizontal business model of outsourcing the manufacturing and packaging processes has improved the design time, cost and adoption of newer sub-micron technologies. This however results in sharing the intellectual property with system integrators and the offshore foundries which has resulted in the new security vulnerabilities of the semiconductor supply chain. IP protection laws aren’t consistent across all countries, so companies need to protect their IP from untrustworthy foundries attempting to pirate their design.In this work we propose "AAFLE" (Automated Application for FPGA Logic Encryption), an automated application for IP developers to protect their design with an automated flow to lock the design using state of the art logic locking schemes. We will propose a secure hardware isolation mechanism that leverages ARM TrustZone to enable a secure key provisioning system. The system uses TOPPERS/SafeG, a dual-OS monitor, which allows a execution of two operating systems simultaneously, a non-trusted OS confined to the isolated hardware and a trusted OS with access to the entire SoC. The non-secure OS is a Linux kernel with an application that will ask users for the correct key in order to unlock the system. The secure OS is an RTOS application that is responsible for storing and checking for a correct key input, as well as giving this key to the encrypted hardware in the programmable logic.
基于TrustZone的FPGA IP保护密钥发放SoC设计
随着全球化的兴起,第三方知识产权3PIP在片上系统SoC中的应用以及外包制造和封装过程的横向商业模式改善了设计时间,成本和更新的亚微米技术的采用。然而,这导致与系统集成商和离岸代工厂共享知识产权,从而导致半导体供应链出现新的安全漏洞。知识产权保护法并非在所有国家都是一致的,所以公司需要保护自己的知识产权,防止不值得信赖的代工厂试图盗版他们的设计。在这项工作中,我们提出了“AAFLE”(FPGA逻辑加密的自动化应用程序),这是IP开发人员使用最先进的逻辑锁定方案通过自动流程锁定设计来保护其设计的自动化应用程序。我们将提出一种安全的硬件隔离机制,该机制利用ARM TrustZone来实现安全的密钥供应系统。该系统使用双操作系统监视器TOPPERS/SafeG,允许同时执行两个操作系统,一个非受信任的操作系统被限制在隔离的硬件上,一个受信任的操作系统可以访问整个SoC。非安全操作系统是一个带有应用程序的Linux内核,该应用程序将要求用户输入正确的密钥以解锁系统。安全操作系统是一个RTOS应用程序,它负责存储和检查正确的密钥输入,并将此密钥提供给可编程逻辑中的加密硬件。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信