ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Designing secure systems on reconfigurable hardware
Full text PdfPdf (1.47 MB)
Source
ACM Transactions on Design Automation of Electronic Systems (TODAES) archive
Volume 13 ,  Issue 3  (July 2008) table of contents
Article No. 44  
Year of Publication: 2008
ISSN:1084-4309
Authors
Ted Huffmire  Naval Postgraduate School, Monterey, CA
Brett Brotherton  Special Technologies Laboratory, Santa Barbara, CA
Nick Callegari  University of California, Santa Barbara, CA
Jonathan Valamehr  University of California, Santa Barbara, CA
Jeff White  University of California, Santa Barbara, CA
Ryan Kastner  University of California, San Diego, La Jolla, CA
Tim Sherwood  University of California, Santa Barbara, CA
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 18,   Downloads (12 Months): 225,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1367045.1367053
What is a DOI?

ABSTRACT

The extremely high cost of custom ASIC fabrication makes FPGAs an attractive alternative for deployment of custom hardware. Embedded systems based on reconfigurable hardware integrate many functions onto a single device. Since embedded designers often have no choice but to use soft IP cores obtained from third parties, the cores operate at different trust levels, resulting in mixed-trust designs. The goal of this project is to evaluate recently proposed security primitives for reconfigurable hardware by building a real embedded system with several cores on a single FPGA and implementing these primitives on the system. Overcoming the practical problems of integrating multiple cores together with security mechanisms will help us to develop realistic security-policy specifications that drive enforcement mechanisms on embedded systems.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Bondhugula, U., Devulapalli, A., Fernando, J., Wyckoff, P., and Sadayappan, P. 2006. Parallel FPGA-based all-pairs shortest-paths in a directed graph. In Proceedings of the 20th IEEE International Parallel and Distributed Processing Symposium (IPDPS).
 
2
Bossuet, L., Gogniat, G., and Burleson, W. 2004. Dynamically configurable security for SRAM FPGA bitstreams. In Proceedings of the 18th International Parallel and Distributed Processing Symposium (IPDPS), Santa Fe, NM.
 
3
Andrew A. Chien , Jay H. Byun, Safe and Protected Execution for the Morph/AMRM Reconfigurable Processor, Proceedings of the Seventh Annual IEEE Symposium on Field-Programmable Custom Computing Machines, p.209, April 21-23, 1999
 
4
Guy Gogniat , Tilman Wolf , Wayne Burleson, Reconfigurable Security Support for Embedded Systems, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06), p.250.1, January 04-07, 2006  [doi>10.1109/HICSS.2006.409]
 
5
Ilija Hadzic , Sanjay Udani , Jonathan M. Smith, FPGA Viruses, Proceedings of the 9th International Workshop on Field-Programmable Logic and Applications, p.291-300, August 30-September 01, 1999
 
6
Scott Harper , Peter Athanas, A Security Policy Based upon Hardware Encryption, Proceedings of the Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS'04) - Track 7, p.70190.1, January 05-08, 2004
 
7
Ryan J. Fong , Scott J. Harper , Peter M. Athanas, A Versatile Framework for FPGA Field Updates: An Application of Partial Self-Reconfiguation, Proceedings of the 14th IEEE International Workshop on Rapid System Prototyping (RSP'03), p.117, June 09-11, 2003
 
8
Ted Huffmire , Brett Brotherton , Gang Wang , Timothy Sherwood , Ryan Kastner , Timothy Levin , Thuy Nguyen , Cynthia Irvine, Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems, Proceedings of the 2007 IEEE Symposium on Security and Privacy, p.281-295, May 20-23, 2007  [doi>10.1109/SP.2007.28]
 
9
Huffmire, T., Prasad, S., Sherwood, T., and Kastner, R. 2006. Policy-Driven memory protection for reconfigurable systems. In Proceedings of the European Symposium on Research in Computer Security (ESORICS), Hamburg, Germany.
 
10
B. L. Hutchings , R. Franklin , D. Carver, Assisting Network Intrusion Detection with Reconfigurable Hardware, Proceedings of the 10th Annual IEEE Symposium on Field-Programmable Custom Computing Machines, p.111, September 22-24, 2002
 
11
Irvine, C., Levin, T., Nguyen, T., and Dinolt, G. 2004. The trusted computing exemplar project. In Proceedings of the 5th IEEE Systems, Man and Cybernetics Information Assurance Workshop, West Point, NY. 109--115.
 
12
Tom Kean, Secure Configuration of Field Programmable Gate Arrays, Proceedings of the 11th International Conference on Field-Programmable Logic and Applications, p.142-151, August 27-29, 2001
13
Tom Kean, Cryptographic rights management of FPGA intellectual property cores, Proceedings of the 2002 ACM/SIGDA tenth international symposium on Field-programmable gate arrays, February 24-26, 2002, Monterey, California, USA  [doi>10.1145/503048.503065]
14
Richard A. Kemmerer, Shared resource matrix methodology: an approach to identifying storage and timing channels, ACM Transactions on Computer Systems (TOCS), v.1 n.3, p.256-277, August 1983  [doi>10.1145/357369.357374]
 
15
Paul C. Kocher , Joshua Jaffe , Benjamin Jun, Differential Power Analysis, Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, p.388-397, August 15-19, 1999
 
16
Lach, J., Mangione-Smith, W., and Potkonjak, M. 1999a. FPGA fingerprinting techniques for protecting intellectual property. In Proceedings of the IEEE Custom Integrated Circuits Conference, San Diego, CA.
17
John Lach , William H. Mangione-Smith , Miodrag Potkonjak, Robust FPGA intellectual property protection through multiple small watermarks, Proceedings of the 36th ACM/IEEE conference on Design automation, p.831-836, June 21-25, 1999, New Orleans, Louisiana, United States  [doi>10.1145/309847.310080]
18
Ruby B. Lee , Peter C. S. Kwan , John P. McGregor , Jeffrey Dwoskin , Zhenghong Wang, Architecture for Protecting Critical Secrets in Microprocessors, Proceedings of the 32nd annual international symposium on Computer Architecture, p.2-13, June 04-08, 2005
 
19
Levin, T. E., Irvine, C. E., and Nguyen, T. D. 2004. A least privilege model for static separation kernels. Tech. Rep. NPS-CS-05-003, Naval Postgraduate School.
20
David Lie Chandramohan Thekkath , Mark Mitchell , Patrick Lincoln , Dan Boneh , John Mitchell , Mark Horowitz, Architectural support for copy and tamper resistant software, Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, p.168-177, November 2000, Cambridge, Massachusetts, United States
 
21
McGrath, D. 2005. Gartner dataquest analyst gives ASIC, FPGA markets clean bill of health. EE Times.
 
22
McLean, M. and Moore, J. 2007. Securing FPGAS for red/black systems, FPGA-based single chip cryptographic solution. In Military Embedded Systems.
 
23
Milanowski, R. and Maurer, M. 2006. Outsourcing poses unique challenges for the U.S. military-electronics community. Chip Des. Mag.
 
24
Millen, J. 1987. Covert channel capacity. In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA.
 
25
National Security Telecommunications and Information Systems Security Committee. 1995. NSTISSAM Tempest/2-95 red/black installation guidance.
26
Juan Navarro , Sitaram Iyer , Peter Druschel , Alan Cox, Practical, transparent operating system support for superpages, Proceedings of the 5th symposium on Operating systems design and implementation

Due to copyright restrictions we are not able to make the PDFs for this conference available for downloading

, December 09-11, 2002, Boston, Massachusetts  [doi>10.1145/1060289.1060299]
 
27
Hau T. Ngo , Rajkiran Gottumukkal , Vijayan K. Asari, A Flexible and Efficient Hardware Architecture for Real-Time Face Recognition Based on Eigenface, Proceedings of the IEEE Computer Society Annual Symposium on VLSI: New Frontiers in VLSI Design, p.280-281, May 11-12, 2005  [doi>10.1109/ISVLSI.2005.5]
 
28
Percival, C. 2005. Cache missing for fun and profit. In BSDCan, Ottowa, Ontario, Canada.
 
29
Rushby, J. 1984. A trusted computing base for embedded systems. In Proceedings of the 7th DoD/NBS Computer Security Conference, 294--311.
 
30
Rushby, J. 2000. Partitioning in avionics architectures: Requirements, mechanisms, and assurance. In DOT/FAA/AR-99/58.
31
Bill Salefski , Levent Caglar, Re-configurable computing in wireless, Proceedings of the 38th conference on Design automation, p.178-183, June 2001, Las Vegas, Nevada, United States  [doi>10.1145/378239.378459]
32
Jerome H. Saltzer, Protection and the control of information sharing in multics, Communications of the ACM, v.17 n.7, p.388-402, July 1974  [doi>10.1145/361011.361067]
 
33
Saltzer, J. and Schroeder, M. 1974. The protection on information in computer systems. Commun. ACM 17, 7 (Jul.).
 
34
H. Saputra , N. Vijaykrishnan , M. Kandemir , M. J. Irwin , R. Brooks , S. Kim , W. Zhang, Masking the Energy Behavior of DES Encryption, Proceedings of the conference on Design, Automation and Test in Europe, p.10084, March 03-07, 2003
 
35
Standaert, F., Oldenzeel, L., Samyde, D., and Quisquater, J. 2003. Power analysis of FPGAs: How practical is the attack? Field-Program. Logic Appl. 2778, 2003 (Sept.), 701--711.
36
Ken Thompson, Reflections on trusting trust, Communications of the ACM, v.27 n.8, p.761-763, Aug 1984  [doi>10.1145/358198.358210]
 
37
Clark Weissman, MLS-PCA: A High Assurance Security Architecture for Future Avionics, Proceedings of the 19th Annual Computer Security Applications Conference, p.2, December 08-12, 2003
38
Emmett Witchel , Josh Cates , Krste Asanović, Mondrian memory protection, Proceedings of the 10th international conference on Architectural support for programming languages and operating systems, October 05-09, 2002, San Jose, California
 
39
Xilinx Inc. 2006. Planahead methodology guide. Xilinx, San Jose, CA.

INDEX TERMS

Primary Classification:
  B. Hardware
  B.3 MEMORY STRUCTURES
      B.3.2 Design Styles
          Subjects: Virtual memory

Additional Classification:
  B. Hardware
  B.7 INTEGRATED CIRCUITS
      B.7.1 Types and Design Styles
          Subjects: Gate arrays
      B.7.2 Design Aids
          Subjects: Placement and routing

  C. Computer Systems Organization
  C.1 PROCESSOR ARCHITECTURES
      C.1.3 Other Architecture Styles
          Subjects: Adaptable architectures

  D. Software
  D.4 OPERATING SYSTEMS
      D.4.7 Organization and Design
          Subjects: Real-time systems and embedded systems

  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.5 Security and Protection (D.4.6, K.4.2)
          Subjects: Authentication


General Terms:
Design, Security


Keywords:
Field programmable gate arrays (FPGAs), advanced encryption standard (AES), controlled sharing, enforcement mechanisms, execution monitors, hardware security, isolation, memory protection, reference monitors, security policies, security primitives, separation, static analysis, systems-on-a-chip (SoCs)

Collaborative Colleagues:
Ted Huffmire: colleagues
Brett Brotherton: colleagues
Nick Callegari: colleagues
Jonathan Valamehr: colleagues
Jeff White: colleagues
Ryan Kastner: colleagues
Tim Sherwood: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player