Abstract
This chapter describes moats and drawbridges (Huffmire et al., Proceedings of the 2007 IEEE Symposium on Security and Privacy, Oakland, CA, USA, May 2007), a method for separating multiple cores on a single reconfigurable chip. Moats provide logical isolation by placing cores into distinct areas of the chip in a verifiable manner. Drawbridges use interconnect tracing to statically verify that only legal connections between system elements are allowed and that interfaces carrying sensitive data have not been tapped or routed to other cores or I/O pads. To facilitate legal communication between cores, two alternative communication architectures are compared.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
A. Bavier, L. Peterson, D. Mosberger, BERT: a scheduler for best effort and realtime tasks. Princeton University Technical Report TR-602-99, Princeton, NJ, March 1999
S. Bourduas, Modeling, evaluation, and implementation of ring-based interconnects for network-on-chip. Ph.D. Dissertation, McGill University, Dept. of Electrical and Computer Engineering, Montreal, Canada, May 2008
S. Guccione, D. Levi, P. Sundararajan, JBits: Java-based interface for reconfigurable computing, in Proceedings of the Second Annual Conference on Military and Aerospace Applications of Programmable Logic Devices and Technologies (MAPLD), Laurel, MD, USA
W.M. Hu, Lattice scheduling and covert channels, in Proceedings of the 1992 IEEE Symposium on Security and Privacy, Oakland, CA, May 1992
T. Huffmire, B. Brotherton, G. Wang, T. Sherwood, R. Kastner, Moats and drawbridges: an isolation primitive for reconfigurable hardware based systems, in Proceedings of the 2007 IEEE Symposium on Security and Privacy, Oakland, CA, USA, May 2007
T. Huffmire, B. Brotherton, N. Callegari, J. Valamehr, J. White, R. Kastner, T. Sherwood, Designing secure systems on reconfigurable hardware. ACM Trans. Des. Automat. Electron. Syst. (TODAES) 13(3), 44 (2008)
J. Saltzer, M. Schroeder, The protection of information in computer systems. Proc. IEEE 63(9), 1278–1308 (1975)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2010 Springer Science+Business Media B.V.
About this chapter
Cite this chapter
Huffmire, T., Irvine, C., Nguyen, T.D., Levin, T., Kastner, R., Sherwood, T. (2010). Spatial Separation with Moats. In: Handbook of FPGA Design Security. Springer, Dordrecht. https://doi.org/10.1007/978-90-481-9157-4_6
Download citation
DOI: https://doi.org/10.1007/978-90-481-9157-4_6
Publisher Name: Springer, Dordrecht
Print ISBN: 978-90-481-9156-7
Online ISBN: 978-90-481-9157-4
eBook Packages: EngineeringEngineering (R0)