SecBoot -轻量级安全引导机制，用于基于linux的嵌入式系统在fpga上

2017 12th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC) Pub Date : 2017-07-12 DOI:10.1109/ReCoSoC.2017.8016144

Peter Rouget, Benoît Badrignans, P. Benoit, L. Torres

{"title":"SecBoot -轻量级安全引导机制，用于基于linux的嵌入式系统在fpga上","authors":"Peter Rouget, Benoît Badrignans, P. Benoit, L. Torres","doi":"10.1109/ReCoSoC.2017.8016144","DOIUrl":null,"url":null,"abstract":"In recent years, the need in security for embedded devices and data centers has increased sharply. The possible consequences of attacks on these equipments make them privileged targets. In these fields, FPGA are increasingly used because of their flexibility and constantly decreasing power consumption and cost: they can embed several hard/soft processors running Linux enhancing system integration. This paper discusses the security issues related to operating system boot security on FPGAs. We show how the software early boot stages can be protected using FPGA built-in security mechanisms and user logic. We consider that external memories can be tampered by software attacks or board level attacks. By using open source elements and standard tools, we present and implement a lightweight solution. We show that the dynamic reconfiguration has nearly no impact on usable resources of the FPGA matrix at the end of the boot process.","PeriodicalId":393701,"journal":{"name":"2017 12th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2017-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"SecBoot — lightweight secure boot mechanism for Linux-based embedded systems on FPGAs\",\"authors\":\"Peter Rouget, Benoît Badrignans, P. Benoit, L. Torres\",\"doi\":\"10.1109/ReCoSoC.2017.8016144\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In recent years, the need in security for embedded devices and data centers has increased sharply. The possible consequences of attacks on these equipments make them privileged targets. In these fields, FPGA are increasingly used because of their flexibility and constantly decreasing power consumption and cost: they can embed several hard/soft processors running Linux enhancing system integration. This paper discusses the security issues related to operating system boot security on FPGAs. We show how the software early boot stages can be protected using FPGA built-in security mechanisms and user logic. We consider that external memories can be tampered by software attacks or board level attacks. By using open source elements and standard tools, we present and implement a lightweight solution. We show that the dynamic reconfiguration has nearly no impact on usable resources of the FPGA matrix at the end of the boot process.\",\"PeriodicalId\":393701,\"journal\":{\"name\":\"2017 12th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-07-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 12th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ReCoSoC.2017.8016144\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 12th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ReCoSoC.2017.8016144","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

摘要

近年来，嵌入式设备和数据中心的安全需求急剧增加。攻击这些设备的可能后果使它们成为特权目标。在这些领域中，FPGA由于其灵活性和不断降低的功耗和成本而越来越多地使用:它们可以嵌入几个运行Linux的硬/软处理器，增强系统集成度。本文讨论了fpga上与操作系统启动安全相关的安全问题。我们展示了如何使用FPGA内置的安全机制和用户逻辑来保护软件的早期启动阶段。我们认为外部存储器可以被软件攻击或板级攻击篡改。通过使用开源元素和标准工具，我们呈现并实现了一个轻量级解决方案。我们表明，在启动过程结束时，动态重新配置对FPGA矩阵的可用资源几乎没有影响。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

SecBoot — lightweight secure boot mechanism for Linux-based embedded systems on FPGAs

In recent years, the need in security for embedded devices and data centers has increased sharply. The possible consequences of attacks on these equipments make them privileged targets. In these fields, FPGA are increasingly used because of their flexibility and constantly decreasing power consumption and cost: they can embed several hard/soft processors running Linux enhancing system integration. This paper discusses the security issues related to operating system boot security on FPGAs. We show how the software early boot stages can be protected using FPGA built-in security mechanisms and user logic. We consider that external memories can be tampered by software attacks or board level attacks. By using open source elements and standard tools, we present and implement a lightweight solution. We show that the dynamic reconfiguration has nearly no impact on usable resources of the FPGA matrix at the end of the boot process.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2017 12th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC)

自引率

0.00%

发文量