Threats and Challenges in FPGA Security Ted Huffmire Naval Postgraduate School December 10, 2008.

Slides:

Advertisements

Similar presentations

Nios Multi Processor Ethernet Embedded Platform Final Presentation

Advertisements

Using Instruction Block Signatures to Counter Code Injection Attacks Milena Milenković, Aleksandar Milenković, Emil Jovanov The University of Alabama in.

Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.

1 Hardware Support for Isolation Krste Asanovic U.C. Berkeley MURI “DHOSA” Site Visit April 28, 2011.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.

G53SEC 1 Hardware Security The (slightly) more tactile side of security.

Trusted Design In FPGAs Steve Trimberger Xilinx Research Labs.

1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)

 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.

Ravi Vasdev SEMINAR ON. WHAT ARE EMBEDDED SYSTEMS  THESE ARE SINGLE BOARD COMPUTERS  THESE ARE ELECTRONIC DEVICES THAT INCORPORATE MICROPROCESSORS.

Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.

Addressing Supply Chain Security with Split Manufacturing Ted Huffmire Summer UCI CECS Seminar July 27, 2012.

3Dsec: Trustworthy System Security through 3-D Integrated Hardware Ted Huffmire 14 January 2009.

IS Network and Telecommunications Risks

Preventing Piracy and Reverse Engineering of SRAM FPGAs Bitstream Lilian Bossuet 1,

ENGIN112 L38: Programmable Logic December 5, 2003 ENGIN 112 Intro to Electrical and Computer Engineering Lecture 38 Programmable Logic.

Iron Key and Portable Drive Security Zakary Littlefield.

Configurable System-on-Chip: Xilinx EDK

CAD and Design Tools for On- Chip Networks Luca Benini, Mark Hummel, Olav Lysne, Li-Shiuan Peh, Li Shang, Mithuna Thottethodi,

Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.

CS 151 Digital Systems Design Lecture 38 Programmable Logic.

CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.

RRB/STS ORNL Workshop Integrated Hardware/Software Security Support R. R. BrooksSam T. Sander Associate ProfessorAssistant Professor Holcombe Department.

Programmable Logic- How do they do that? 1/16/2015 Warren Miller Class 5: Software Tools and More 1.

Networking Virtualization Using FPGAs Russell Tessier, Deepak Unnikrishnan, Dong Yin, and Lixin Gao Reconfigurable Computing Group Department of Electrical.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

1 FIPS 140 Validation for a “System-on-a-Chip” September 27, 2005 NIST Physical Testing Workshop.

Lessons Learned in Smart Grid Cyber Security

A 3D Data Transformation Processor Dimitrios Megas, Kleber Pizolato, Timothy Levin, and Ted Huffmire WESS 2012 October 11, 2012.

Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.

1 3-General Purpose Processors: Altera Nios II 2 Altera Nios II processor A 32-bit soft core processor from Altera Comes in three cores: Fast, Standard,

Securing the core root of trust (research in secure hardware design and test) Ramesh Karri ECE Department.

Architecture for Protecting Critical Secrets in Microprocessors Ruby Lee Peter Kwan Patrick McGregor Jeffrey Dwoskin Zhenghong Wang Princeton Architecture.

Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.

Protecting Data on Smartphones and Tablets from Memory Attacks

Flow of presentation:  Kind of attacks on embedded systems.  Most relevant security threats faced by NOC.  Solutions/ways suggested so far to deal.

LOGO Hardware side of Cryptography Anestis Bechtsoudis Patra 2010.

Centro de Electrónica Industrial (CEI) | Universidad Politécnica de Madrid | | Side Channel Attack (SCA) is a special attak method.

 Chapter 13 – Dependability Engineering 1 Chapter 12 Dependability and Security Specification 1.

EPCglobal Network Security: Research Challenges and Solutions Yingjiu Li Assistant Professor School of Information Systems Singapore Management University.

Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.

IS Network and Telecommunications Risks Chapter Six.

Implementing Memory Protection Primitives on Reconfigurable Hardware Brett Brotherton Nick Callegari Ted Huffmire.

Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems Ted Huffmire, Brett Brotherton, Gang Wang, Timothy Sherwood, Ryan.

Attack and Malicious Code Andrew Anaruk. Security Threats Denial of Service (DoS) Attacks Spoofing Social Engineering Attacks on Encrypted Data Software.

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

Malicious Logic and Defenses. Malicious Logic Trojan Horse – A Trojan horse is a program with an overt (documented or known) effect and covert (undocumented.

R ECONFIGURABLE H ARDWARE FOR H IGH - SECURITY /H IGH -P ERFORMANCE E MBEDDED S YSTEMS : T HE SAFES P ERSPECTIVE Guy Gogniat, Tilman Wolf, Wayne Burleson,

Wireless and Mobile Security

Implementing Memory Protection Primitives on Reconfigurable Hardware Brett Brotherton Nick Callegari Ted Huffmire.

Creating Security using Software and Hardware Bradley Herrup CS297- Security and Programming Languages.

Performed by: Itamar Niddam and Lior Motorin Instructor: Inna Rivkin המעבדה למערכות ספרתיות מהירות High speed digital systems laboratory הטכניון - מכון.

Towards Secure and Dependable Software-Defined Networks Fernando M. V. Ramos LaSIGE/FCUL, University of Lisbon

DeepDroid Dynamically Enforcing Enterprise Policy Manwoong (Andy) Choi

SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.

A Framework For Trusted Instruction Execution Via Basic Block Signature Verification Milena Milenković, Aleksandar Milenković, and Emil Jovanov Electrical.

Security Architecture and Design Chapter 4 Part 4 Pages 377 to 416.

Hardware-rooted Trust for Secure Key Management & Transient Trust

Hardware Support for Trustworthy Systems

Overview on Hardware Security

Protect Your Hardware from Hacking and Theft

FIPS 140 Validation for a “System-on-a-Chip”

Hardware Support for Embedded Operating System Security

TRUST:Team for Research in Ubiquitous Secure Technologies

Secure Processing On-Chip

Dynamically Reconfigurable Architectures: An Overview

Protect Your Hardware from Hacking and Theft

User-mode Secret Protection (SP) architecture

CS-3013 Operating Systems Hugh C. Lauer

Presentation transcript:

Threats and Challenges in FPGA Security Ted Huffmire Naval Postgraduate School December 10, 2008

Overview Foundry Trust Physical Attacks Design Tools Design Theft Problem Areas Attacks Trojan horse Backdoor Kill switch Probing Sand and Scan Side Channels Data Remanence Covert channels Side channels Bypass Cloning Reverse engineer Readback attack Solutions Trusted foundries FPGAs X-Ray Inspection Sand and Scan Tamper sensing Adding noise Degaussing Logical isolation Tracing wires Sanitization Continuous power Encrypt bitstream Watermarking Authentication Future Research All of supply chain Lessons from S/W Red teams Side channels Trusted tools Verification Languages CM High-assurance Partial reconfig PUFs High-assurance CMPs Tagging Dynamic security Reference monitor Defense in depth User training Security usability DoS Authentication Complex designs System Assurance

Reconfigurable Hardware FPGA Chip SDRAM (off-chip) DRAM Reference Monitor Crypto Core CPU Core AES μPμP μPμP

Protection Alternatives Separation Kernels DRAM app1 app3 app2 kernel Reconfigurable Protection DRAM app1 app2 app3 Reference Monitor Physical Software SpatialTemporal

Design Flows

Intertwined Cores

Moats FPGA Chip SDRAM (off-chip) DRAM Reference Monitor Crypto Core CPU Core AES

Moats 1.0

Moats 2.0

Moats and Drawbridges

Interconnect Tracing FPGA Chip SDRAM (off-chip) DRAM Reference Monitor Crypto Core CPU Core AES μPμP μPμP X X

Communication Architecture FPGA Chip SDRAM (off-chip) DRAM Arbiter/Reference Monitor Crypto Core CPU Core AES μPμP μPμP

Memory Protection FPGA Chip SDRAM (off-chip) DRAM Crypto Core CPU Core AES Reference Monitor X X

Policy Compiler

SoC Application

Questions? 