Implementing Memory Protection Primitives on Reconfigurable Hardware Brett Brotherton Nick Callegari Ted Huffmire.

Slides:



Advertisements
Similar presentations
Nios Multi Processor Ethernet Embedded Platform Final Presentation
Advertisements

© 2003, Cisco Systems, Inc. All rights reserved..
Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.
Yaron Doweck Yael Einziger Supervisor: Mike Sumszyk Spring 2011 Semester Project.
 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.
Shift Register Application Chapter 22 Subject: Digital System Year: 2009.
Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.
Department of Electrical & Computer Engineering Advisor: Professor Michael Zink Team: Brigit Lyons Fadi Maalouli Tony Panetta Renzo Silva Final Project.
Department of Electrical & Computer Engineering Advisor: Professor Michael Zink Team: Brigit Lyons Fadi Maalouli Tony Panetta Renzo Silva Midway Design.
Zheming CSCE715.  A wireless sensor network (WSN) ◦ Spatially distributed sensors to monitor physical or environmental conditions, and to cooperatively.
Data Protection Card Submit: Assaf Matia Technion Guide: Eran Segev Rafael Guide: Henri Delmar Winter & Spring 2004.
Reliable Data Storage using Reed Solomon Code Supervised by: Isaschar (Zigi) Walter Performed by: Ilan Rosenfeld, Moshe Karl Spring 2004 Part A Final Presentation.
1 Soft Timers: Efficient Microsecond Software Timer Support For Network Processing Mohit Aron and Peter Druschel Rice University Presented By Jonathan.
IO Controller Module Arbitrates IO from the CCP Physically separable from CCP –Can be used as independent data logger or used in future projects. Implemented.
Company LOGO Midterm Presentation Hash Function using MD5 algorithm Students: Eyal Mendel & Aleks Dyskin Instructor: Evgeny Fiksman High Speed Digital.
1 Multi-Core Architecture on FPGA for Large Dictionary String Matching Department of Computer Science and Information Engineering National Cheng Kung University,
Security Considerations in Adaptive Middleware Security and Mobile Agents Ajanta – Mobile Agent’s research project papers (
Design and Implementation of a Virtual Reality Glove Device Final presentation – winter 2001/2 By:Amos Mosseri, Shy Shalom, Instructors:Michael.
The Xilinx EDK Toolset: Xilinx Platform Studio (XPS) Building a base system platform.
1 PLuSH – Mesh Tree Fast and Robust Wide-Area Remote Execution Mikhail Afanasyev ‧ Jose Garcia ‧ Brian Lum.
1 Electrical and Computer Engineering Guitar Virtuos Justin D’Alessandro (EE) Jacob Dionne (CSE) Adam Montalbano (CSE) Jeffrey Newton (EE) Team Kelly Final.
Chapter 1 and 2 Computer System and Operating System Overview
Reliable Data Storage using Reed Solomon Code Supervised by: Isaschar (Zigi) Walter Performed by: Ilan Rosenfeld, Moshe Karl Spring 2004 Midterm Presentation.
Chapter 1 and 2 Computer System and Operating System Overview
Configuration. Mirjana Stojanovic Process of loading bitstream of a design into the configuration memory. Bitstream is the transmission.
Embedded DRAM for a Reconfigurable Array S.Perissakis, Y.Joo 1, J.Ahn 1, A.DeHon, J.Wawrzynek University of California, Berkeley 1 LG Semicon Co., Ltd.
WIRELESS MODEM for 950 MHz DIGITAL COMMUNICATION Nerdev Sharma
Using FPGAs with Embedded Processors for Complete Hardware and Software Systems Jonah Weber May 2, 2006.
Word Processing, Web Browsing, File Access, etc. Windows Operating System (Kernel) Window (GUI) Platform Dependent Code Virtual Memory “Swap” Block Data.
Capstone PDR Fall 2005 Paintball Gun IR Sensing and Tracking Team Doki Doki: Matt Freeman (EE) James Kirby (ECE) Juan Rivera (EE)
Wireless User Interface for Variable Frequency Drives Team 168 Alex Shuster (EE) Michael Kloter (EE) Christopher Perugini (EE) Kevin Wei (EngPhys - EE)
A Flexible Architecture for Simulation and Testing (FAST) Multiprocessor Systems John D. Davis, Lance Hammond, Kunle Olukotun Computer Systems Lab Stanford.
Final presentation Encryption/Decryption on embedded system Supervisor: Ina Rivkin students: Chen Ponchek Liel Shoshan Winter 2013 Part A.
RUN-TIME RECONFIGURATION FOR AUTOMATIC HARDWARE/SOFTWARE PARTITIONING Tom Davidson, Karel Bruneel, Dirk Stroobandt Ghent University, Belgium Presenting:
Parts of a Computer Vocabulary
Hardware Overview Net+ARM – Well Suited for Embedded Ethernet
Ross Brennan On the Introduction of Reconfigurable Hardware into Computer Architecture Education Ross Brennan
 What is an operating system? What is an operating system?  Where does the OS fit in? Where does the OS fit in?  Services provided by an OS Services.
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
Altera Technical Solutions Seminar Schedule OpeningIntroduction FLEX ® 10KE Devices APEX ™ 20K & Quartus ™ Overview Design Integration EDA Integration.
Threats and Challenges in FPGA Security Ted Huffmire Naval Postgraduate School December 10, 2008.
SHA-3 Candidate Evaluation 1. FPGA Benchmarking - Phase Round-2 SHA-3 Candidates implemented by 33 graduate students following the same design.
Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.
1 Towards Optimal Custom Instruction Processors Wayne Luk Kubilay Atasu, Rob Dimond and Oskar Mencer Department of Computing Imperial College London HOT.
By V. Koutsoumpos, C. Kachris, K. Manolopoulos, A. Belias NESTOR Institute – ICS FORTH Presented by: Kostas Manolopoulos.
ECE 448: Lab 6 DSP and FPGA Embedded Resources (Digital Downconverter)
DN3000K10 ASIC Emulation System. Board Overview Up to five Xilinx VirtexII™ FPGAs Numerous connections available for application specific circuitry and.
Implementing Memory Protection Primitives on Reconfigurable Hardware Brett Brotherton Nick Callegari Ted Huffmire.
4/19/20021 TCPSplitter: A Reconfigurable Hardware Based TCP Flow Monitor David V. Schuehler.
Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems Ted Huffmire, Brett Brotherton, Gang Wang, Timothy Sherwood, Ryan.
L/O/G/O Input Output Chapter 4 CS.216 Computer Architecture and Organization.
R ECONFIGURABLE SECURITY SUPPORT FOR EMBEDDED SYSTEMS 1 AKSHATA VARDHARAJ.
RTL Design Methodology Transition from Pseudocode & Interface
DDRIII BASED GENERAL PURPOSE FIFO ON VIRTEX-6 FPGA ML605 BOARD PART B PRESENTATION STUDENTS: OLEG KORENEV EUGENE REZNIK SUPERVISOR: ROLF HILGENDORF 1 Semester:
© 2002, Cisco Systems, Inc. All rights reserved..
17/02/06H-RORCKIP HeidelbergTorsten Alt The new H-RORC H-RORC.
MICROPROCESSOR AMARTYA ROY-72 ANGSHUMAN CHATTERJEE-80 ASHISH LOHIA-70 MOLOY CHAKRABORTY-60.
PC-based L0TP Status Report “on behalf of the Ferrara L0TP Group” Ilaria Neri University of Ferrara and INFN - Italy Ferrara, September 02, 2014.
Hardware Architecture
Design of OCDMA Demonstrator Yun Ping Yang, Alireza Hodjat, Herwin Chan, Eric Chen, Josh Conway.
Computer Architecture Organization and Architecture
SESM Demonstrator FPGA Power Node Prototype Emilio Bisbiglio, SESM, Przemyslaw Osocha, SESM,
FlashBack-4 Development
Hardware Support for Trustworthy Systems
FPGA Implementation of Multicore AES 128/192/256
Implementation of IDEA on a Reconfigurable Computer
File Transfer Issues with TCP Acceleration with FileCatalyst
Technical Communication Skills Practicum
Overview of Computer system
Presentation transcript:

Implementing Memory Protection Primitives on Reconfigurable Hardware Brett Brotherton Nick Callegari Ted Huffmire

Project Goals Evaluate security primitives for reconfigurable hardware Build a real system with multiple cores Design a security policy for the system Efficient memory system performance Programmatic interface to system

System Overview OPB ublaze 1 Ref Monitor/Arbiter Shared External Memory AES Core RS232 Ethernet

Security Policy Range 0  [0x ,0x4140ffff]; (Debug) Range 1  [0x ,0x ]; (AES1) Range 2  [0x ,0x28000fff]; (AES2) Range 3  [0x ,0x ]; (DRAM1) Range 4  [0x ,0x24ffffff]; (DRAM2) Range 5  [0x ,0x4060ffff]; (RS-232) Range 6  [0x40c00000,0x40c0ffff]; (Ethernet) Range 7  [0x ,0x ]; (Ctrl_Word 1 ) Range 8  [0x ,0x f]; (Ctrl_Word 2 ) Range 9  [0x ,0x ]; (Ctrl_Word AES )

Security Policy Access 0  {M 1,rw,R 5 }|{M 2,rw,R 6 }|{M 1,rw,R 3 } |{M 2,rw,R 4 }|{M 1,rw,R 0 }|{M 2,rw,R 0 }; Access 1  Access 0 |{M 1,rw,R 1 }|{M 1,rw,R 9 }; Access 2  Access 0 |{M 2,rw,R 1 }|{M 2,rw,R 9 }; Trigger 0  {M 1,w,R 7 }; Trigger 1  {M 1,w,R 8 }; Trigger 2  {M 2,w,R 7 }; Trigger 3  {M 2,w,R 8 }; Expr 1  Access 0 |Trigger 3 Access 2 *Trigger 4 ; Expr 2  Access 1 |Trigger 2 Expr 1 *Trigger 1 ; Expr 3  Expr 1 *Trigger 1 Expr 2 *; Policy  Expr 1 *|Expr 1 *Trigger 3 Access 2 * |Expr 3 Trigger 2 Expr 1 *Trigger 3 Access 2 * |Expr 3 Trigger 2 Expr 1 *|Expr 3 |  ;

Security Policy DFA

System Overview OPB ublaze 1 Ref Monitor/Arbiter Shared External Memory AES Core RS232 Ethernet

Performance Results One cycle latency increase for reference monitor  vs cycles Area overhead very small  116 LUTs (1% increase) Clock speed increase  65 to 73 MHz

Impact of Moats Moats tested for size 0, 1, 2, 6 Best case: 0 and 6  only a 4% decrease in clock frequency Area overhead minimal

User Interface Currently using Hyperterminal to connect to AES core via serial connection  Tested using 128 bit key & data manually parsed into 32 bit lines and sent via hyperterminal. GOAL  Incorporate a User Interface to allow the user to select a data file and key file and receive the corresponding result over multiple communication platforms to test multi-core design and Reference Monitor. s ce537f5e 5a567cc9 966d e 6a118a e64e a 503f1d35

User Interface Progress  Implemented User Interface in C++ to allow more functionality and user friendliness.  SERIAL OR ETHERNET? [1-SERIAL][2-ETHERNET]  ENCRYPT OR DECRYPT? [1-ENCRYPT][2-DECRYPT]  INPUT FILENAME:  KEY FILENAME:  OUTPUT SENT TO OUTPUT.TXT

Demo

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.