Presentation is loading. Please wait.

Presentation is loading. Please wait.

Implementing Memory Protection Primitives on Reconfigurable Hardware Brett Brotherton Nick Callegari Ted Huffmire.

Published byLora Howard Modified over 9 years ago

Similar presentations

Presentation on theme: "Implementing Memory Protection Primitives on Reconfigurable Hardware Brett Brotherton Nick Callegari Ted Huffmire."— Presentation transcript:

1 Implementing Memory Protection Primitives on Reconfigurable Hardware Brett Brotherton Nick Callegari Ted Huffmire

2 Project Goals Evaluate security primitives for reconfigurable hardware Build a real system with multiple cores Design a security policy for the system Efficient memory system performance Programmatic interface to system

3 System Overview OPB ublaze 1 Ref Monitor/Arbiter Shared External Memory AES Core RS232 Ethernet

4 Security Policy Range 0  [0x41400000,0x4140ffff]; (Debug) Range 1  [0x28000000,0x28000777]; (AES1) Range 2  [0x28000800,0x28000fff]; (AES2) Range 3  [0x24000000,0x24777777]; (DRAM1) Range 4  [0x24800000,0x24ffffff]; (DRAM2) Range 5  [0x40600000,0x4060ffff]; (RS-232) Range 6  [0x40c00000,0x40c0ffff]; (Ethernet) Range 7  [0x28000004,0x28000007]; (Ctrl_Word 1 ) Range 8  [0x28000008,0x2800000f]; (Ctrl_Word 2 ) Range 9  [0x28000000,0x28000003]; (Ctrl_Word AES )

5 Security Policy Access 0  {M 1,rw,R 5 }|{M 2,rw,R 6 }|{M 1,rw,R 3 } |{M 2,rw,R 4 }|{M 1,rw,R 0 }|{M 2,rw,R 0 }; Access 1  Access 0 |{M 1,rw,R 1 }|{M 1,rw,R 9 }; Access 2  Access 0 |{M 2,rw,R 1 }|{M 2,rw,R 9 }; Trigger 0  {M 1,w,R 7 }; Trigger 1  {M 1,w,R 8 }; Trigger 2  {M 2,w,R 7 }; Trigger 3  {M 2,w,R 8 }; Expr 1  Access 0 |Trigger 3 Access 2 *Trigger 4 ; Expr 2  Access 1 |Trigger 2 Expr 1 *Trigger 1 ; Expr 3  Expr 1 *Trigger 1 Expr 2 *; Policy  Expr 1 *|Expr 1 *Trigger 3 Access 2 * |Expr 3 Trigger 2 Expr 1 *Trigger 3 Access 2 * |Expr 3 Trigger 2 Expr 1 *|Expr 3 |  ;

6 Security Policy DFA

7 System Overview OPB ublaze 1 Ref Monitor/Arbiter Shared External Memory AES Core RS232 Ethernet

8 Performance Results One cycle latency increase for reference monitor  25.75 vs 26.75 cycles Area overhead very small  116 LUTs (1% increase) Clock speed increase  65 to 73 MHz

9 Impact of Moats Moats tested for size 0, 1, 2, 6 Best case: 0 and 6  only a 4% decrease in clock frequency Area overhead minimal

10 User Interface Currently using Hyperterminal to connect to AES core via serial connection  Tested using 128 bit key & data manually parsed into 32 bit lines and sent via hyperterminal. GOAL  Incorporate a User Interface to allow the user to select a data file and key file and receive the corresponding result over multiple communication platforms to test multi-core design and Reference Monitor. s 5 8 16 0 ce537f5e 5a567cc9 966d9259 0336763e 6a118a87 4519e64e 9963798a 503f1d35

11 User Interface Progress  Implemented User Interface in C++ to allow more functionality and user friendliness.  SERIAL OR ETHERNET? [1-SERIAL][2-ETHERNET]  ENCRYPT OR DECRYPT? [1-ENCRYPT][2-DECRYPT]  INPUT FILENAME:  KEY FILENAME:  OUTPUT SENT TO OUTPUT.TXT

12 Demo

Download ppt "Implementing Memory Protection Primitives on Reconfigurable Hardware Brett Brotherton Nick Callegari Ted Huffmire."

Similar presentations

Nios Multi Processor Ethernet Embedded Platform Final Presentation

Nios Multi Processor Ethernet Embedded Platform Final Presentation
© 2003, Cisco Systems, Inc. All rights reserved..

© 2003, Cisco Systems, Inc. All rights reserved..
Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.

Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.
Yaron Doweck Yael Einziger Supervisor: Mike Sumszyk Spring 2011 Semester Project.

Yaron Doweck Yael Einziger Supervisor: Mike Sumszyk Spring 2011 Semester Project.
 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.

 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.
Shift Register Application Chapter 22 Subject: Digital System Year: 2009.

Shift Register Application Chapter 22 Subject: Digital System Year: 2009.
Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.

Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.
Department of Electrical & Computer Engineering Advisor: Professor Michael Zink Team: Brigit Lyons Fadi Maalouli Tony Panetta Renzo Silva Final Project.

Department of Electrical & Computer Engineering Advisor: Professor Michael Zink Team: Brigit Lyons Fadi Maalouli Tony Panetta Renzo Silva Final Project.
Department of Electrical & Computer Engineering Advisor: Professor Michael Zink Team: Brigit Lyons Fadi Maalouli Tony Panetta Renzo Silva Midway Design.

Department of Electrical & Computer Engineering Advisor: Professor Michael Zink Team: Brigit Lyons Fadi Maalouli Tony Panetta Renzo Silva Midway Design.
Zheming CSCE715.  A wireless sensor network (WSN) ◦ Spatially distributed sensors to monitor physical or environmental conditions, and to cooperatively.

Zheming CSCE715.  A wireless sensor network (WSN) ◦ Spatially distributed sensors to monitor physical or environmental conditions, and to cooperatively.
Data Protection Card Submit: Assaf Matia Technion Guide: Eran Segev Rafael Guide: Henri Delmar Winter & Spring 2004.

Data Protection Card Submit: Assaf Matia Technion Guide: Eran Segev Rafael Guide: Henri Delmar Winter & Spring 2004.
Reliable Data Storage using Reed Solomon Code Supervised by: Isaschar (Zigi) Walter Performed by: Ilan Rosenfeld, Moshe Karl Spring 2004 Part A Final Presentation.

Reliable Data Storage using Reed Solomon Code Supervised by: Isaschar (Zigi) Walter Performed by: Ilan Rosenfeld, Moshe Karl Spring 2004 Part A Final Presentation.
1 Soft Timers: Efficient Microsecond Software Timer Support For Network Processing Mohit Aron and Peter Druschel Rice University Presented By Jonathan.

1 Soft Timers: Efficient Microsecond Software Timer Support For Network Processing Mohit Aron and Peter Druschel Rice University Presented By Jonathan.
IO Controller Module Arbitrates IO from the CCP Physically separable from CCP –Can be used as independent data logger or used in future projects. Implemented.

IO Controller Module Arbitrates IO from the CCP Physically separable from CCP –Can be used as independent data logger or used in future projects. Implemented.
Company LOGO Midterm Presentation Hash Function using MD5 algorithm Students: Eyal Mendel & Aleks Dyskin Instructor: Evgeny Fiksman High Speed Digital.

Company LOGO Midterm Presentation Hash Function using MD5 algorithm Students: Eyal Mendel & Aleks Dyskin Instructor: Evgeny Fiksman High Speed Digital.
1 Multi-Core Architecture on FPGA for Large Dictionary String Matching Department of Computer Science and Information Engineering National Cheng Kung University,

1 Multi-Core Architecture on FPGA for Large Dictionary String Matching Department of Computer Science and Information Engineering National Cheng Kung University,
Security Considerations in Adaptive Middleware Security and Mobile Agents Ajanta – Mobile Agent’s research project papers (http://www.cs.umn.edu/Ajanta/publications.html)http://www.cs.umn.edu/Ajanta/publications.html.

Security Considerations in Adaptive Middleware Security and Mobile Agents Ajanta – Mobile Agent’s research project papers (
Design and Implementation of a Virtual Reality Glove Device Final presentation – winter 2001/2 By:Amos Mosseri, 040806556. Shy Shalom, 043017805. Instructors:Michael.

Design and Implementation of a Virtual Reality Glove Device Final presentation – winter 2001/2 By:Amos Mosseri, Shy Shalom, Instructors:Michael.
The Xilinx EDK Toolset: Xilinx Platform Studio (XPS) Building a base system platform.

The Xilinx EDK Toolset: Xilinx Platform Studio (XPS) Building a base system platform.
1 PLuSH – Mesh Tree Fast and Robust Wide-Area Remote Execution Mikhail Afanasyev ‧ Jose Garcia ‧ Brian Lum.

1 PLuSH – Mesh Tree Fast and Robust Wide-Area Remote Execution Mikhail Afanasyev ‧ Jose Garcia ‧ Brian Lum.

Similar presentations

Ads by Google