Unraveling the Security Puzzle: A Distributed Framework to Build Trust in FPGAs

Extensive use of third party IP cores (e.g., HDL, netlist) and open source tools in the FPGA application design and development process in conjunction with the inadequate bitstream protection measures have raised crucial security concerns in the past for reconfigurable hardware systems. Designing high fidelity and secure methodologies for FPGAs are still infancy and in particular, there are almost no concrete methods/techniques that can ensure trust in FPGA applications not entirely designed and/or developed in a trusted environment. This work strongly suggests the need for an anomaly detection capability within the FPGAs that can continuously monitor the behavior of the underlying FPGA IP cores and the communication activities of IP cores with other IP cores or peripherals for any abnormalities. To capture this need, we propose a technique called FIDelity Enhancing Security (FIDES) methodology for FPGAs that uses a combination of access control policies and behavior learning techniques for anomaly detection.

[1]  Sally Adee,et al.  The Hunt For The Kill Switch , 2008, IEEE Spectrum.

[2]  Catherine H. Gebotys Security in Embedded Devices , 2009 .

[3]  Farinaz Koushanfar,et al.  A Survey of Hardware Trojan Taxonomy and Detection , 2010, IEEE Design & Test of Computers.

[4]  Mohammed M. Farag,et al.  Interacting with Hardware Trojans over a network , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[5]  Yiorgos Makris,et al.  Hardware Trojans in Wireless Cryptographic ICs , 2010, IEEE Design & Test of Computers.

[6]  Devu Manikantan Shila,et al.  Design, implementation and security analysis of Hardware Trojan Threats in FPGA , 2014, 2014 IEEE International Conference on Communications (ICC).

[7]  Miron Abramovici,et al.  Integrated circuit security: new threats and solutions , 2009, CSIIRW '09.

[8]  Andrew C. Myers,et al.  A decentralized model for information flow control , 1997, SOSP.

[9]  Marten van Dijk,et al.  HaTCh: Hardware Trojan Catcher , 2014, IACR Cryptol. ePrint Arch..

[10]  Jie Zhang,et al.  VeriTrust: Verification for hardware trust , 2013, 2013 50th ACM/EDAC/IEEE Design Automation Conference (DAC).

[11]  Ryan Kastner,et al.  Policy-Driven Memory Protection for Reconfigurable Hardware , 2006, ESORICS.

[12]  Ryan Kastner,et al.  Enforcing memory policy specifications in reconfigurable hardware , 2008, Comput. Secur..

[13]  Rajat Subhra Chakraborty,et al.  Hardware Trojan Insertion by Direct Modification of FPGA Configuration Bitstream , 2013, IEEE Design & Test.

[14]  Devu Manikantan Shila,et al.  xDEFENSE: an extended DEFENSE for mitigating next generation intrusions (abstract only) , 2014, FPGA.

[15]  Gang Wang,et al.  Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[16]  Cynthia E. Irvine,et al.  Security Checkers: Detecting processor malicious inclusions at runtime , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[17]  Gang Wang,et al.  Security Primitives for Reconfigurable Hardware-Based Systems , 2010, TRETS.

[18]  Swarup Bhunia,et al.  Security against hardware Trojan through a novel application of design obfuscation , 2009, 2009 IEEE/ACM International Conference on Computer-Aided Design - Digest of Technical Papers.

[19]  Milo M. K. Martin,et al.  Overcoming an Untrusted Computing Base: Detecting and Removing Malicious Hardware Automatically , 2010, 2010 IEEE Symposium on Security and Privacy.

[20]  Simha Sethumadhavan,et al.  FANCI: identification of stealthy malicious logic using boolean functional analysis , 2013, CCS.

[21]  Yuanyuan Zhou,et al.  Designing and Implementing Malicious Hardware , 2008, LEET.

[22]  Sergei Skorobogatov,et al.  Breakthrough Silicon Scanning Discovers Backdoor in Military Chip , 2012, CHES.