Moats and drawbridges: An isolation primitive for reconfigurable hardware based systems
Nguyen, Thuy D.
Irvine, Cynthia E.
MetadataShow full item record
Blurring the line between software and hardware, reconfigurable devices strike a balance between the raw high speed of custom silicon and the post-fabrication flexibility of general-purpose processors. While this flexibility is a boon for embedded system developers, who can now rapidly prototype and deploy solutions with performance approaching custom designs, this results in a system development methodology where functionality is stitched together from a variety of soft IP cores, often provided by multiple vendors with different levels of trust. Unlike traditional software where resources are managed by an operating system, soft IP cores necessarily have very fine grain control over the underlying hardware. To address this problem, the embedded systems community requires novel security primitives which address the realities of modern reconfigurable hardware. We propose an isolation primitive, moats and drawbridges, that are built around four design properties: logical isolation, interconnect traceability, secure reconfigurable broadcast, and configuration scrubbing. Each of these is a fundamental operation with easily understood formal properties, yet maps cleanly and efficiently to a wide variety of reconfigurable devices. We carefully quantify the required overheads on real FPGAs and demonstrate the utility of our methods by applying them to the practical problem of memory protection.
RightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Showing items related by title, author, creator and subject.
Huffmire,Ted; Levin, Timothy; Nguyen, Thuy; Irvine, Cynthia; Botherton, Brett; Wang, Gang; Sherwood, Timothy; Kastner, Ryan (Association for Computing Machinery (ACM), 2010-05-10);Computing systems designed using reconfigurable hardware are increasingly composed using a number of different Intellectual Property (IP) cores, which are often provided by third-party vendors that may have different levels ...
ELINT signal processing using Choi-Williams distribution on reconfigurable computers for detection and classification of LPI emitters Upperman, Teresa Lynn Odom (Monterey California. Naval Postgraduate School, 2008-03);This thesis documents the use of the SRC-6 Reconfigurable Computer for use in analyzing low probability of intercept (LPI) signals using the Choi-Williams distribution. The SRC-6 is a reconfigurable computer manufactured ...
Huffmire, Ted; Brotherton, Brett; Callegari, Nick; Valamehr, Jonathan; White, Jeff; Kastner, Ryan; Sherwood, Ted (Naval Postgraduate School (U.S)., 2008);The extremely high cost of custom ASIC fabrication makes FPGAs an attractive alternative for deployment of custom hardware. Embedded systems based on reconfigurable hardware integrate many functions onto a single device. ...