Proof-Carrying Hardware: Concept and Prototype Tool Flow for Online Verification

Dynamically reconfigurable hardware combines hardware performance with software-like flexibility and finds increasing use in networked systems. The capability to load hardware modules at runtime provides these systems with an unparalleled degree of adaptivity but at the same time poses new challenges for security and safety. In this paper, we elaborate on the presentation of proof carrying hardware (PCH) as a novel approach to reconfigurable system security. PCH takes a key concept from software security, known as proof-carrying code, into the reconfigurable hardware domain. We outline the PCH concept and discuss runtime combinational equivalence checking as a first online verification problem applying the concept. We present a prototype tool flow and experimental results demonstrating the feasibility and potential of the PCH approach.

[1]  Jim Tørresen,et al.  Short-Circuits on FPGAs Caused by Partial Runtime Reconfiguration , 2010, 2010 International Conference on Field Programmable Logic and Applications.

[2]  Robert K. Brayton,et al.  On Resolution Proofs for Combinational Equivalence , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[3]  Vaughn Betz,et al.  VPR and T-VPack User''s Manual , 2000 .

[4]  Ryan Kastner,et al.  Designing secure systems on reconfigurable hardware , 2008, TODE.

[5]  Armin Biere,et al.  PicoSAT Essentials , 2008, J. Satisf. Boolean Model. Comput..

[6]  Tiziano Villa,et al.  VIS: A System for Verification and Synthesis , 1996, CAV.

[7]  Saar Drimer,et al.  Volatile FPGA design security { a survey , 2008 .

[8]  Armin Biere,et al.  Extended Resolution Proofs for Conjoining BDDs , 2006, CSR.

[9]  Saar Drimer Authentication of FPGA Bitstreams: Why and How , 2007, ARC.

[10]  Ryan Kastner,et al.  Threats and Challenges in Reconfigurable Hardware Security , 2008, ERSA.

[11]  Gang Wang,et al.  Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[12]  Vaughn Betz,et al.  VPR: A new packing, placement and routing tool for FPGA research , 1997, FPL.

[13]  Alan Mishchenko,et al.  Scalably-Verifiable Sequential Synthesis , 2007 .

[14]  Ryan Kastner,et al.  Enforcing memory policy specifications in reconfigurable hardware , 2008, Comput. Secur..

[15]  Marco Platzner,et al.  Proof-Carrying Hardware: Towards Runtime Verification of Reconfigurable Modules , 2009, 2009 International Conference on Reconfigurable Computing and FPGAs.

[16]  Ricardo Chaves,et al.  On-the-fly attestation of reconfigurable hardware , 2008, 2008 International Conference on Field Programmable Logic and Applications.

[17]  Lionel Torres,et al.  Secure FPGA configuration architecture preventing system downgrade , 2008, 2008 International Conference on Field Programmable Logic and Applications.

[18]  Jonathan Rose,et al.  A Verilog RTL synthesis tool for heterogeneous FPGAs , 2005, International Conference on Field Programmable Logic and Applications, 2005..

[19]  Ryan Kastner,et al.  Managing Security in FPGA-Based Embedded Systems , 2008, IEEE Design & Test of Computers.

[20]  Ryan Kastner,et al.  Policy-Driven Memory Protection for Reconfigurable Hardware , 2006, ESORICS.

[21]  Daniel Kroening,et al.  A Survey of Automated Techniques for Formal Software Verification , 2008, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[22]  Satnam Singh,et al.  Formal verification of reconfigurable cores , 1999, Seventh Annual IEEE Symposium on Field-Programmable Custom Computing Machines (Cat. No.PR00375).

[23]  Ryan Kastner,et al.  Handbook of FPGA Design Security , 2010 .

[24]  Uwe Kastens,et al.  Memory Requirements of Java Bytecode Verification on Limited Devices , 2005, COCV@ETAPS.

[25]  R. Brayton,et al.  Improvements to Combinational Equivalence Checking , 2006, 2006 IEEE/ACM International Conference on Computer Aided Design.

[26]  William Yurcik,et al.  Threat Modeling as a Basis for Security Requirements , 2005 .

[27]  Robert K. Brayton,et al.  DAG-aware AIG rewriting: a fresh look at combinational logic synthesis , 2006, 2006 43rd ACM/IEEE Design Automation Conference.

[28]  George C. Necula,et al.  Safe, Untrusted Agents Using Proof-Carrying Code , 1998, Mobile Agents and Security.

[29]  Markus G. Kuhn,et al.  A Protocol for Secure Remote Updates of FPGA Configurations , 2009, ARC.