Abstract
From Bluetooth transceivers to the NASA Mars Rover, FPGAs have become one of the mainstays of embedded system design. By merging properties of hardware and software, reconfigurable devices provide an attractive tradeoff between the performance of application-specific hardware and the programmability of CPUs. Although this flexibility allows developers to quickly prototype and deploy embedded systems with performance close to ASICs, this programmability can also be exploited to disrupt critical functionality, eavesdrop on encrypted communication, or even destroy a chip. Creating systems which are both efficient and flexible, yet fundamentally sound from a security point of view, is an exceedingly challenging endeavor for both researchers and practitioners. All too often the security aspects of a reconfigurable design are not addressed until far too late in the design process, resulting in systems that are protected only by their obscurity. This chapter presents an overview of Field Programmable Gate Array (FPGA) technologies from the viewpoint of security, specifically how and why these devices have grown in importance over the last decade to become one of the most trusted and critical elements of modern computer systems. This chapter also discusses their changing role from a platform for prototyping to a deployable solution, the architecture of a modern FPGA, the security ramifications of their increased use, and some of the lessons from the security community that may be applicable in this domain.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
A transistor in which an input is not only applied to the gate but also to the drain. This technology reduces the number of transistors required to implement certain kinds of logic.
- 2.
Companies protect their intellectual property fiercely due to the high cost of designing hardware modules. Later chapters discuss several schemes to prevent the theft of IP cores from FPGAs.
- 3.
A list of logical gates and their interconnections.
References
A. Abraham, It is I: an authentication system for a reconfigurable radio. M.S. thesis, Virginia Tech, August 2002
Actel Corporation, FPGAs for military, avionics, and high-reliability applications. White Paper, Actel Corporation, 2008
R. Anderson, Why cryptosystems fail, in Proceedings of the 1st ACM Conference on Computer and Communications Security, Fairfax, VA, November 1993, pp. 215–227
M. Attig, S. Dharmapurikar, J. Lockwood, Implementation results of bloom filters for string matching, in Proceedings of the Field-Programmable Custom Computing Machines, 12th Annual IEEE Symposium on (FCCM’04) (IEEE Comput. Soc., Los Alamitos, 2004), pp. 322–323
Z.K. Baker, V.K. Prasanna, A methodology for synthesis of efficient intrusion detection systems on FPGAs, in Proceedings of the Field-Programmable Custom Computing Machines, 12th Annual IEEE Symposium on (FCCM’04) (IEEE Comput. Soc., Los Alamitos, 2004), pp. 135–144
Z.K. Baker, V.K. Prasanna, Time and area efficient pattern matching on FPGAs, in Proceeding of the 2004 ACM/SIGDA 12th International Symposium on Field Programmable Gate Arrays (ACM, New York, 2004), pp. 223–232
V. Betz, J.S. Rose, A. Marquardt, Architecture and CAD for Deep-Submicron FPGAs (Kluwer Academic, Dordrecht, 1999)
A. Biryukov, O. Dunkelman, N. Keller, D. Khovratovich, A. Shamir, Key recovery attacks of practical complexity on AES variants with up to 10 rounds. IARC ePrint Report 2009/374, August 2009
K. Bondalapati, V.K. Prasanna, Reconfigurable computing systems. Proc. IEEE 90(7), 1201–1217 (2002)
U. Bondhugula, A. Devulapalli, J. Fernando, P. Wyckoff, P. Sadayappan, Parallel FPGA-based all-pairs shortest-paths in a directed graph, in Proceedings of the 20th IEEE International Parallel and Distributed Processing Symposium (IPDPS’06), April 2006
L. Bossuet, G. Gogniat, W. Burleson, Dynamically configurable security for SRAM FPGA bitstreams, in Proceedings of the 18th International Parallel and Distributed Processing Symposium (IPDPS’04), Santa Fe, NM, April 2004
D.A. Buell, K.L. Pocek, Custom computing machines: an introduction. J. Supercomput. 9(3), 219–29 (1995)
Y.H. Cho, S. Navab, W.H. Mangione-Smith, Specialized hardware for deep network packet filtering, in 12th International Conference on Field-Programmable Logic and Applications, 2002
C.R. Clark, D.E. Schimmel, Efficient reconfigurable logic circuits for matching complex network intrusion detection patterns, in Proceedings of FPL, Lisbon, Portugal, 2003
K. Compton, S. Hauck, Reconfigurable computing: a survey of systems and software. ACM Comput. Surv. (CSUR) 34(2), 171–210 (2002)
S. Craven, P. Athanas, Examining the viability of FPGA supercomputing. EURASIP J. Embed. Syst. 2007(1) (2007)
J. Deepakumara, H.M. Heys, R. Venkatesan, FPGA implementation of MD5 hash algorithm, in Canadian Conference on Electrical and Computer Engineering, 2001
A. DeHon, Comparing computing machines, in SPIE-Int. Soc. Opt. Eng. Proceedings of SPIE—the International Society for Optical Engineering, vol. 3526, pp. 124–33, 1998
A. DeHon, J. Wawrzynek, Reconfigurable computing: what, why, and implications for design automation, in Proceedings of the 36th ACM/IEEE Conference on Design Automation, New Orleans, LA, June 1999
Design and Reuse Magazine, TTP controller IP in Altera’s low-cost cyclone FPGA Families for Aerospace Applications, in Design and Reuse Magazine, 23 October 2007
S. Dharmapurikar, M. Attig, J. Lockwood, Deep packet inspection using parallel bloom filters. IEEE Micro 24(1), 52–61 (2004)
S. Drimer, Volatile FPGA design security: a survey. Unpublished, Cambridge University, April 2008
Electronic Design Magazine, Actel FPGAs in Mars Rover, in Electronic Design Magazine, 6 August 2007
G. Estrin, Reconfigurable computer origins: the UCLA fixed-plus-variable (F+V) structure computer. IEEE Ann. Hist. Comput. 24(4), 3–9 (2002)
O.D. Fidanci, D. Poznanovic, K. Gaj, T. El-Ghazawi, N. Alxeandridis, Performance and overhead in a hybrid reconfigurable computer, in Proceedings of the 2003 International Parallel and Distributed Processing Symposium (IPDPS), Nice, France, April 2003
M. Gokhale, D. Dubois, A. Dubois, M. Boorman, S. Poole, V. Hogsett, Granidt: towards gigabit rate network intrusion detection technology, in Proceedings of the Reconfigurable Computing Is Going Mainstream, 12th International Conference on Field-Programmable Logic and Applications (Springer, Berlin, 2002), pp. 404–413
J. Goodman, A.P. Chandrakasan, An energy-efficient reconfigurable public-key cryptography processor. IEEE J. Solid-State Circuits 36(11), 1808–1820 (2001)
S. Govindavajhala, A. Appel, Using memory errors to attack a virtual machine, in Proceedings of the 2003 IEEE Symposium on Security and Privacy, Oakland, CA, May 2003
C. Grabbe, M. Bednara, J. von zur Gathen, J. Shokrollahi, J. Teich, A high performance VLIW processor for finite field arithmetic, in Proceedings of the International Parallel and Distributed Processing Symposium, 2003
I. Hadzic, S. Udani, J. Smith, FPGA viruses, in Proceedings of the Ninth International Workshop on Field-Programmable Logic and Applications (FPL’99), Glasgow, UK, August 1999
S. Harper, P. Athanas, A security policy based upon hardware encryption, in Proceedings of the 37th Hawaii International Conference on System Sciences, 2004
S. Harper, R. Fong, P. Athanas, A versatile framework for FPGA field updates: an application of partial self-reconfiguration, in Proceedings of the 14th IEEE International Workshop on Rapid System Prototyping, June 2003
S. Hauck, L. Zhiyuan, E. Schwabe, Configuration compression for the Xilinx XC6200 FPGA, in Proceedings of Symposium on FPGAs for Custom Computing Machines, 1998, pp. 138–46
T. Hill, AccelDSP synthesis tool floating-point to fixed-point conversion of MATLAB algorithms targeting FPGAs. White Paper, Xilinx Inc., San Jose, CA, April 2006
T. Huffmire, B. Brotherton, T. Sherwood, R. Kastner, T. Levin, T. Nguyen, C. Irvine, Managing security in FPGA-based embedded systems. IEEE Des. Test Comput. 25(6), 590–598 (2008)
B.L. Hutchings, R. Franklin, D. Carver, Assisting network intrusion detection with reconfigurable hardware, in Proceedings of the 10th Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM’02) (IEEE Comput. Soc., Los Alamitos, 2002), p. 111
Y.K. Kang, D.W. Kim, T.W. Kwon, J.R. Choi, An efficient implementation of hash function processor for IPsec, in Proceedings of the Third IEEE Asia-Pacific Conference on ASICs, 2002
P.A. Karger, R.R. Schell, Multics security evaluation: vulnerability analysis. Tech. Rep. ESD-TR-74-193, vol. II, HQ Electronic Systems Division, Air Force Systems Command, Hanscom Field, Bedford, MA 01731, June 1974
R. Kastner, T. Huffmire, Threats and challenges in reconfigurable hardware security, in International Conference on Engineering of Reconfigurable Systems and Algorithms (ERSA), Las Vegas, NV, July 2008, pp. 334–345
R. Kastner, A. Kaplan, M. Sarrafzadeh, Synthesis Techniques and Optimizations for Reconfigurable Systems (Kluwer Academic, Dordrecht, 2004)
T. Kean, Secure configuration of field programmable gate arrays, in Proceedings of the 11th International Conference on Field Programmable Logic and Applications (FPL’01), Belfast, UK, August 2001
T. Kean, Cryptographic rights management of FPGA intellectual property cores, in Tenth ACM International Symposium on Field-Programmable Gate Arrays (FPGA’02), Monterey, CA, February 2002
P. Kitsos, O. Koufopavlou, Efficient architecture and hardware implementation of the Whirlpool hash function. IEEE Trans. Consum. Electron. 50(1), 208–313 (2004)
P. Kocher, R. Lee, G. McGraw, A. Raghunathan, S. Ravi, Security as a new dimension in embedded system design, in Proceedings of the 41st Design Automation Conference (DAC’04), San Diego, CA, June 2004
I. Kuon, J. Rose, Measuring the Gap between FPGAs and ASICs, in Proceedings of the International Symposium on FPGAs, Monterey, CA, February 2006
J. Lach, W. Mangione-Smith, M. Potkonjak, FPGA fingerprinting techniques for protecting intellectual property, in Proceedings of the 1999 IEEE Custom Integrated Circuits Conference, San Diego, CA, May 1999
J. Lach, W. Mangione-Smith, M. Potkonjak, Robust FPGA intellectual property protection through multiple small watermarks, in Proceedings of the 36th ACM/IEEE Conference on Design Automation (DAC’99), New Orleans, LA, June 1999
P.H.W. Leong, I.K.H. Leung, A microcoded elliptic curve processor using FPGA technology. IEEE Trans. VLSI Syst. 10(5), 550–559 (2002)
J.R. Lewis, B. Martin, Cryptol: High assurance, retargetable crypto development and validation, in IEEE Military Communications Conference (MILCOM), Boston, MA, October 2003
Z. Li, K. Compton, S. Hauck, Configuration caching management techniques for reconfigurable computing, in Proceedings of Symposium on Field-Programmable Custom Computing Machines, 2000, pp. 22–36
W.H. Mangione-Smith, B. Hutchings, D. Andrews, A. DeHon, C. Ebeling, R. Hartenstein, O. Mencer, J. Morris, K. Palem, V.K. Prasanna, H.A.E. Spaanenburg, Seeking solutions in configurable computing. Computer 30(12), 38–43 (1997)
The Math Works Inc. MATLAB user’s guide. White Paper, The Math Works Inc., Natick, MA, 2006
D. McGrath, Gartner Dataquest analyst gives ASIC, FPGA markets clean bill of health. EE Times, 13 June 2005
C. McIvor, M. McLoone, J.V. McCanny, Fast Montgomery modular multiplication and RSA cryptographic processor architectures, in 37th IEEE Asilomar Conference on Signals, Systems, and Computers, 2003
M. McLoone, J.V. McCanny, A single-chip IPsec cryptographic processor, in IEEE Workshop on Signal Processing Systems, 2002
Military and Aerospace Electronics, F-35 Joint Strike Fighter uses Actel FPGAs for engine electronics, in Military and Aerospace Electronics, 1 September 2004
Military and Aerospace Electronics, FPGA processors keep Mars Rovers moving, in Military and Aerospace Electronics, 11 January 2005
K. Morris, Cray goes FPGA, in FPGA and Structured ASIC Journal, 5 April 2005
H. Ngo, R. Gottumukkal, V. Asari, A flexible and efficient hardware architecture for real-time face recognition based on Eigenface, in Proceedings of the IEEE Computer Society Annual Symposium on VLSI, 2005
C. Paar, B. Chetwynd, T. Connor, S.Y. Deng, S. Marchang, An algorithm-agile cryptographic co-processor based on FPGAs, in SPIE’s Symposium on Voice, Video, and Data Communications, 1999
J. Saltzer, M. Schroeder, The protection of information in computer systems. Commun. ACM 17(7), 388–402 (1974)
P. Schaumont, I. Verbauwhede, K. Keutzer, M. Sarrafzadeh, A quick safari through the reconfiguration jungle, in Proceedings of the Design Automation Conference, 2001, pp. 172–177
R. Schell, Computer security: the Achilles heel of the electronic Air Force? Air Univ. Rev. 30(2), 16–33 (1979)
G. Selimis, N. Sklavos, O. Koufopavlou, VLSI implementation of the keyed-hash message authentication code for the wireless application protocol, in IEEE International Conference on Electronics, Circuits, and Systems, 2003
A. Senior, S. Pankanti, A. Hampapur, L. Brown, Y.-L. Tian, A. Ekin, Blinkering surveillance: enabling video privacy through computer vision. Technical Report RC22886, IBM, 2003
Z. Shi, R.B. Lee, Bit permutation instructions for accelerating software cryptography, in Proc. of the IEEE International Conference on Application-specific Systems, Architectures and Processors, 2000
Silicon Graphics, Inc., Extraordinary acceleration of workflows with reconfigurable application-specific computing from SGI. White Paper, Silicon Graphics, Inc., 2004
Silicon Graphics Inc., SGI builds world’s largest FPGA supercomputer, boosts nucleotide query performance by more than 900 times over 68-node cluster. White Paper, Silicon Graphics, Inc., 8 November 2007
S. Sivaswamy, G. Wang, C. Ababei, K. Bazargan, R. Kaster, E. Bozorgzadeh, HARP: Hardwired routing pattern FPGAs, in Proceedings of the International Symposium on FPGAs, Monterey, CA, February 2005
N. Sklavos, O. Koufopavlou, On the hardware implementations of the SHA-2 (256, 384, 512) hash functions, in Proceedings of IEEE International Symposium on Circuits and Systems, 2003
M.C. Smith, J.S. Vetter, X. Liang, Accelerating scientific applications with the SRC-6 reconfigurable computer: methodologies and analysis, in Proceedings of the 19th IEEE Parallel and Distributed Processing Symposium (IPDPS), Denver, CO, April 2005
I. Sourdis, D. Pnevmatikatos, Pre-decoded CAMs for efficient and high-speed NIDS pattern matching, in Proceedings of the Field-Programmable Custom Computing Machines, 12th Annual IEEE Symposium on (FCCM’04) (IEEE Comput. Soc., Los Alamitos, 2004), pp. 258–267
F. Standaert, L. Oldenzeel, D. Samyde, J. Quisquater, Power analysis of FPGAs: how practical is the attack? Field-Program. Logic Appl. 2778(2003), 701–711 (2003)
K. Underwood, FPGAs vs. CPUs: trends in peak floating-point performance, in Proceedings of the 2004 ACM/SIGDA 12th International Symposium on Field Programmable Gate Arrays, Monterey, CA, February 2004
J.E. Vuillemin, P. Bertin, D. Roncin, M. Shand, H.H. Touati, P. Boucard, Programmable active memories: reconfigurable systems come of age. IEEE Trans. Very Large Scale Integr. (VLSI) Syst. 4(1), 56–69 (1996)
T. Wollinger, J. Guajardo, C. Paar, Security on FPGAs: State-of-the-art implementations and attacks. ACM Trans. Embed. Comput. Syst. 3(3), 534–574 (2004)
L. Wu, C. Weaver, T. Austin, Cryptomaniac: a fast flexible architecture for secure communication, in International Symposium on Computer Architecture, 2001
Xilinx Inc., Getting started with the Embedded Development Kit (EDK). White Paper, Xilinx Inc., San Jose, CA, 2006
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2010 Springer Science+Business Media B.V.
About this chapter
Cite this chapter
Huffmire, T., Irvine, C., Nguyen, T.D., Levin, T., Kastner, R., Sherwood, T. (2010). Introduction and Motivation. In: Handbook of FPGA Design Security. Springer, Dordrecht. https://doi.org/10.1007/978-90-481-9157-4_1
Download citation
DOI: https://doi.org/10.1007/978-90-481-9157-4_1
Publisher Name: Springer, Dordrecht
Print ISBN: 978-90-481-9156-7
Online ISBN: 978-90-481-9157-4
eBook Packages: EngineeringEngineering (R0)