Abstract
Field programmable gate arrays are used in nearly every industry, including consumer electronics, automotive, military and aerospace, and the critical infrastructure. The reprogrammability of field programmable gate arrays, their computational power and relatively low price make them a good fit for low-volume applications that cannot justify the non-recurring engineering costs of application-specific integrated circuits. However, field programmable gate arrays have security issues that stem from the fact that their configuration files are not protected in a satisfactory manner. Although major vendors offer some sort of encryption, researchers have demonstrated that the encryption can be overcome. The security problems are a concern because field programmable gate arrays are widely used in industrial control systems across the critical infrastructure. This chapter explores the reverse engineering process of a Lattice Semiconductor ECP3 field programmable gate array configuration file in order to assist infrastructure owners and operators in recognizing and mitigating potential threats.
Chapter PDF
Similar content being viewed by others
References
J. Brenner, Keeping America Safe: Toward More Secure Networks for Critical Sectors, MIT Center for International Studies, Massachusetts Institute of Technology, Cambridge, Massachusetts, 2017.
R. Chakraborty, I. Saha, A Palchaudhuri and G. Naik, Hardware Trojan insertion by direct modification of FPGA configuration bitstream, IEEE Design and Test, vol. 30(2), pp. 45–54, 2013.
Z. Ding, Q. Wu, Y. Zhang and L. Zhu, Deriving an NCD file from an FPGA bitstream: Methodology, architecture and evaluation, Microprocessors and Microsystems, vol. 37(3), pp. 299–312, 2013.
S. Drimer, Security for Volatile FPGAs, Technical Report UCAM-CL-TR-763, Computer Laboratory, University of Cambridge, Cambridge, United Kingdom, 2009.
U. Farooq, Z. Marrakchi and H. Mehrez, Chapter 2, FPGA architectures: An overview, in Tree-Based Heterogeneous FPGA Architectures: Application Specific Exploration and Optimization, Springer, New York, pp. 7–48, 2012.
I. Kuon and J. Rose, Measuring the gap between FPGAs and ASICs, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 26(2), pp. 203–215, 2007.
Lattice Semiconductor, Lattice Diamond 3.4 Help, Hillsboro, Oregon, 2014.
E. Lubbers, Configurable System-on-Chip: Xilinx EDK, University of Paderborn, Paderborn, Germany (slideplayer.com/slide/5083550), 2014.
S. Mal-Sarkar, A. Krishna, A. Ghosh and S. Bhunia, Hardware Trojan attacks in FPGA devices: Threat analysis and effective countermeasures, Proceedings of the Twenty-Fourth Edition of the Great Lakes Symposium on VLSI, pp. 287–292, 2014.
E. Monmasson, L. Idkhajine, M. Cirstea, I. Bahri, A. Tisan and M. Naouar, FPGAs in industrial control applications, IEEE Transactions on Industrial Informatics, vol. 7(2), pp. 224–243, 2011.
A. Moradi, A. Barenghi, T. Kasper and C. Paar, On the vulnerability of FPGA bitstream encryption against power analysis attacks: Extracting keys from Xilinx Virtex-II FPGAs, Proceedings of the Eighteenth ACM Conference on Computer and Communications Security, pp. 111–124, 2011.
National Instruments, Introduction to FPGA Hardware Concepts (FPGA Module), Austin, Texas, 2011.
J. Note and E. Rannaud, From the bitstream to the netlist, Proceedings of the Sixteenth International ACM/SIGDA Symposium on Field Programmable Gate Arrays, pp. 264–272, 2008.
J. Rodriguez-Andina, M. Moure and M. Valdes, Features, design tools and application domains of FPGAs, IEEE Transactions on Industrial Electronics, vol. 54(4), pp. 1810–1823, 2007.
J. Rodriguez-Andina, M. Valdes-Pena and M. Moure, Advanced features and industrial applications of FPGAs – A review, IEEE Transactions on Industrial Informatics, vol. 11(4), pp. 853–864, 2015.
P. Swierczynski, A. Moradi, D. Oswald and C. Paar, Physical security evaluation of the bitstream encryption mechanism of Altera Stratix II and Stratix III FPGAs, ACM Transactions on Reconfigurable Technology and Systems, vol. 7(4), article no. 34, 2015.
S. Trimberger, Three ages of FPGAs: A retrospective on the first thirty years of FPGA technology, Proceedings of the IEEE, vol. 103(3), pp. 318–331, 2015.
C. Wolf, Project IceStorm (www.clifford.at/icestorm), 2018.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 This is a U.S. government work and not under copyright protection in the United States; foreign copyright protection may apply
About this paper
Cite this paper
Celebucki, D., Graham, S., Gunawardena, S. (2018). Reversing a Lattice ECP3 FPGA for Bitstream Protection. In: Staggs, J., Shenoi, S. (eds) Critical Infrastructure Protection XII. ICCIP 2018. IFIP Advances in Information and Communication Technology, vol 542. Springer, Cham. https://doi.org/10.1007/978-3-030-04537-1_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-04537-1_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-04536-4
Online ISBN: 978-3-030-04537-1
eBook Packages: Computer ScienceComputer Science (R0)