Secure remote reconfiguration of an FPGA-based embedded system

Braeken, An; Genoe, Jan; Kubera, Serge; Mentens, Nele; Touhafi, Abdellah; Verbauwhede, Ingrid; Verbelen, Yannick; Vliegen, Jo; Wouters, Karel

doi:10.1109/recosoc.2011.5981501

Cited by 16 publications

(17 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…With a relative usage of around 35%, Table I shows the cost of the static partition is high. The cryptocore is designed with a focus on area and is relatively small [8]. The additional resources used by the static partition are spent on the MicroBlaze with the accompanying bus and the remaining IP cores.…”

Section: Resultsmentioning

confidence: 99%

“…In [8], Braeken et al describe an on-line system handling incoming bitstreams, providing data confidentiality and authentication, and mutual explicit key authentication. Their work uses external flash memory to store the incoming bitstream, which means the FPGA goes off-line between configurations which could threaten the security.…”

Section: A Remote Reconfiguration Of An Fpgamentioning

confidence: 99%

See 1 more Smart Citation

A single-chip solution for the secure remote configuration of FPGAs using bitstream compression

Vliegen

Mentcns

Verbauwhede

2013

2013 International Conference on Reconfigurable Computing and FPGAs (ReConFig)

Self Cite

View full text Add to dashboard Cite

Abstract-This paper presents a system that allows the secure remote configuration of an FPGA, which is assumed to be the only device in the secure zone. This means that no security critical information passes over the borders of the FPGA chip, reducing the opportunities for an attacker to break the system. In particular, bitstream compression in combination with partial reconfiguration is used to avoid the use of an external memory for the storage of the bitstream. Additionally there is no need for an external processor for the transfer of the bitstream. Nevertheless, our solution contains a mechanism that verifies the integrity of the complete bitstream before starting the configuration. This prevents attempts to load unqualified bitstreams and reduces the downtime. The integrity check, the decryption, the authentication of the origin and the freshness check of the bitstream are performed inside the FPGA while its current configuration is still active. The contribution of this work is that it presents the first complete working system for the secure remote configuration of FPGAs, consisting of a single FPGA chip and an initiating server, given that the integrity of the complete bitstream is verified before configuration. This paper gives details on the overall system and the FPGA architecture, which have been implemented and tested.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: A Remote Reconfiguration Of An Fpgamentioning

confidence: 99%

A single-chip solution for the secure remote configuration of FPGAs using bitstream compression

Vliegen

Mentcns

Verbauwhede

2013

2013 International Conference on Reconfigurable Computing and FPGAs (ReConFig)

Self Cite

View full text Add to dashboard Cite

show abstract

“…However, the system proposed in [24] requires a complex control unit and configuring it also takes longer. Since this first work many propositions target static and partial secure reconfiguration [20][21][22][23]25,26]. Even recent FPGAs, such as Xilinx Virtex-6 and Virtex 7, propose security scheme for static and partial reconfiguration [27].…”

Section: State Of the Art Of Secure Fpga Configurationmentioning

confidence: 99%

“…This key exchange must be secured using a cryptographic algorithm. One such solution would be to use a public key encryption algorithm such as RSA or ECC [25,26]. In general, implementation of public key algorithms is more expensive (as they often require processors and crypto-processors) and they are slower than symmetric key algorithms [9,14].…”

Section: State Of the Art Of Secure Fpga Configurationmentioning

confidence: 99%

See 1 more Smart Citation

Disposable configuration of remotely reconfigurable systems

Bossuet

Fischer

Gaspar

et al. 2015

Microprocessors and Microsystems

View full text Add to dashboard Cite

Digital Right Management for IP Protection

Torres¹,

Benoit²,

Rampon³

et al. 2017

Foundations of Hardware IP Protection

View full text Add to dashboard Cite

International audienceThe digital rights management (DRM) principle is generally well known for the exchange of files (music, video), or software management. Specialized solutions concerning professional software are behind a business called “Software License Management”. The concept of DRM can be transposed to other areas, in particular to the design of hardware devices. Although the concept of DRM is allowed and widely used in the field of software, this is not the case for Integrated Circuit design (no industrial solutions to date are actually proposed)

show abstract

Secure remote reconfiguration of an FPGA-based embedded system

Cited by 16 publications

References 11 publications

A single-chip solution for the secure remote configuration of FPGAs using bitstream compression

A single-chip solution for the secure remote configuration of FPGAs using bitstream compression

Disposable configuration of remotely reconfigurable systems

Digital Right Management for IP Protection

Contact Info

Product

Resources

About