Protection of heterogeneous architectures on FPGAs: An approach based on hardware firewalls |
| |
| Affiliation: | 1. IETR/SCEE, CentraleSupélec, Avenue de la Boulaie, CS 47601, F-35576 Cesson-Sévigné cedex, France;2. Lab-STICC Laboratory, University of South Brittany, Lorient, France;3. Institute for Security in Information Technology, Technical University of Munich, Germany;1. Software Technology for Embedded Systems, Department of Computer Science, TU Chemnitz, Strasse der Nationen 62, 09111 Chemnitz, Germany;2. Department of Distributed and Dependable Systems, Faculty of Mathematics and Physics, Charles University in Prague, Malostranske namesti 25 Praha 1, Czech Republic;3. Computer Engineering, Department of Computer Science, TU Chemnitz, Strasse der Nationen 62, 09111 Chemnitz, Germany;1. Centre for Research on Embedded Systems, Halmstad University, Halmstad, Sweden;2. Electrical and Information Technology Department, Lund University, Lund, Sweden;1. Department of Computer Science, Korea University, Seoul 136-713, Korea;2. Samsung Electronics DS, San#24 Nongseo-Dong, Giheung, Gyeonggi-do 446-711, Korea;3. School of Electrical and Computer Engineering, Georgia Institute of Technology, Atlanta, GA 30332-0250, USA |
| |
| Abstract: | Embedded systems are parts of our daily life and used in many fields. They can be found in smartphones or in modern cars including GPS, light/rain sensors and other electronic assistance mechanisms. These systems may handle sensitive data (such as credit card numbers, critical information about the host system and so on) which must be protected against external attacks as these data may be transmitted through a communication link where attackers can connect to extract sensitive information or inject malicious code within the system. This work presents an approach to protect communications in multiprocessor architectures. This approach is based on hardware security enhancements acting as firewalls. These firewalls filter all data going through the system communication bus and an additional flexible cryptographic block aims to protect external memory from attacks. Benefits of our approach are demonstrated using a case study and some custom software applications implemented in a Field-Programmable Gate Array (FPGA). Firewalls implemented in the target architecture allow getting a low-latency security layer with flexible cryptographic features. To illustrate the benefit of such a solution, implementations are discussed for different MPSoCs implemented on Xilinx Virtex-6 FPGAs. Results demonstrate a reduction up to 33% in terms of latency overhead compared to existing efforts. |
| |
| Keywords: | |
| 本文献已被 ScienceDirect 等数据库收录! |
|
