1 / 25

Configurable computing for high-security/high-performance ambient systems 1

Configurable computing for high-security/high-performance ambient systems 1. Guy Gogniat, Lilian Bossuet, LESTER Laboratory, University of South Britanny (UBS), Lorient, France guy.gogniat@univ-ubs.fr; lilian.bossuet@univ-ubs.fr. Wayne Burleson,

ferris
Download Presentation

Configurable computing for high-security/high-performance ambient systems 1

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Configurable computing for high-security/high-performance ambient systems 1 Guy Gogniat, Lilian Bossuet, LESTER Laboratory, University of South Britanny (UBS), Lorient, France guy.gogniat@univ-ubs.fr; lilian.bossuet@univ-ubs.fr Wayne Burleson, • Department of Electrical and Computer Engineering, • University of Massachusetts, Amherst, MA 01003-9284 USA • burleson@ecs.umass.edu 1This research This work is supported by the French DGA DSP/SREA under contract no. ERE 0460 00 010

  2. Outline • Attacks and countermeasures on embedded systems • Reconfigurable architectures • Security and reconfigurable architectures • AES case study • Conclusions

  3. Outline • Attacks and countermeasures on embedded systems • Reconfigurable architectures • Security and reconfigurable architectures • AES case study • Conclusions

  4. Security and attacks • Security Objectives • Security is required in order to guaranty: • The protection of private data(typically key, PIN, secret or confidential data) • The protection of the design(typically some IPs) • The protection of the system(typically its functionality, so that nobody else can control the system) • Attack Objectives • Attacks aim to break security in order to get access to: • Private data so that changing some values, copying the data or destroying the data • The design so that changing some modules, copying the design or destroying the design • The system so that changing its behavior or destroying the system

  5. Attacks on Embedded Systems Promity-based Hardware attacks Power or EM analysis Remote software attacks Worm, virus, Trojan horse Reversible proximity-based attacks Fault injection turbo code AES KEY RAM µP RAM Proximity-based hardware attacks Tampering RSA

  6. Countermeasures • Designers should have in mind…

  7. Outline • Attacks and countermeasures on embedded systems • Reconfigurable architectures • Security and reconfigurable architectures • AES case study • Conclusions

  8. Why reconfigurable architectures? • Potential advantages of configurable computing for security • System Agility: switching from one protection mechanism to another, balance protection mechanisms depending on requirements • System Upload: upgrade of the protection mechanisms • Potential advantages of configurable computing for efficiency (and particularly for the security system) • Specialization: design the system for a specific set of parameters • Resource sharing: temporal resources sharing • Throughput: high parallelism and deep pipeline implementation is possible • Configurable computing enables Dynamic Configuration at Run Time • To react and adapt rapidly to an irregular situation

  9. Cryptography onto FPGA ? Energy efficiency of embedded technologies University of California, UCLA FPGA processors ASIC P. Schaumont, I. Verbauwhede. Domain-Specific Codesign for Embedded Security. In IEEE Computer Society, 2003

  10. Advantages of reconfigurable architectures Attack type Countermeasure Configurable computing advantages Robustness Activity-awareness Technology/Sensors System agility Active - Irreversible Sensors System agility System upload High performance Security-awareness Activity-awareness Active - Reversible Agility Symptom-free Security-awareness Activity-awareness System agility System upload High performance Passive – Side channel

  11. Outline • Attacks and countermeasures on embedded systems • Reconfigurable architectures • Security and reconfigurable architectures • AES case study • Conclusions

  12. Configurable Computing Security Space: This space highlights the issues that must be addressed to build secure systems Configurable Computing Security Hierarchy: This hierarchy highlights that security must be addressed at all layers of the systems Security and reconfigurable architectures • The security issue with configurable computing can be seen through two complementary views:

  13. Configurable Computing Security Space • Configurable Security Primitive • Use configurable computing primitive to protect a system, the module is seen as an agile hardware unit Attacks • Secure Configurable System • The whole system is configurable. The security is provided by the agility of the whole system Attacks • Configurable Design Security • Protect the configurable computing configuration Attacks

  14. Configurable Security Primitive • The configurable security primitive is a part of the whole system and performs some security primitives • A system generally embeds several configurable security primitives • Its goal is to: • Speedup the computation of the security primitive compared to a software execution • Provide agility compared to an ASIC implementation • Provide various tradeoffs in terms of delay, area, latency, reliability and power • Provide various levels of configurability depending on the granularity of the underlying configurable architecture

  15. Secure Configurable System • To build Secure Configurable System three main points must be addressed: • Security-awareness • Activity-awareness • Agility • Distributed agents (System Security Controllers) can work independently or together. They monitor the system activity and take the decision to reconfigure a part or the whole system • Different levels of reaction can be considered depending of the type of attack : • reflex (performed by a single SSC) • global (performed after a system level analysis). Reaction time can be critical, in that case reflex reconfiguration must be performed

  16. Configurable Design Security • Configurable computing module/system is defined through configuration data • Each hardware execution context is defined through a specific configuration data • The configuration data represents the design of the module/system • The configuration data may contain private information and needs to be protected • The design security is provided through cryptography (Confidentiality, Data integrity, Authentication) • It needs a configurable security module Source : Altera, Design Security in Stratix II Devices http://www.altera.com/products/devices/stratix2/features/security/st2-security.html

  17. Outline • Attacks on embedded systems • Countermeasures • Reconfigurable architectures • Security and reconfigurable architectures • AES case study • Conclusions

  18. Agility leverages security • At the system and architectural level (Secure Configurable System and Configurable security module) agility is provided through reconfiguration • How can it be performed? Need to deal with these points: • Self-reconfiguration or Remote-reconfiguration • Partial or full reconfiguration, Dynamic or static reconfiguration • Predefined configuration data or dynamic configuration data • Reconfiguration time • Configuration memory • Communication links • Configuration controller (what is the policy?)

  19. AES (Rijndael) Security Primitive agility case study • To illustrate the concepts related to agility we propose in the following slides an analysis of a Security Primitive (SP) • All the implementations have been performed on Xilinx Virtex FPGA • Various area/throughput/reliability tradeoffs: • AES cryptographic core SP with BRAMs on non-feedback mode • AES cryptographic core SP without BRAMs on feedback and non-feedback modes • AES cryptographic core SP with and without concurrent error detection mechanism on feedback mode • AES cryptographic core and key setup SP using or not partial configuration

  20. Key setup management is not considered Static and full configuration Predefined configuration data Remote-configuration Various area/throughput tradeoffs AES cryptographic core SP with BRAMs on non-feedback mode # of slices [13] × 12600 80 BRAMs [16] × 5810 [17] 100 BRAMs × 5177 [15] 84 BRAMs × 2784 [14] × 2222 Throughput (Gbits/s) 6.95 12.1 20.3 11.77 21.54

  21. AES cryptographic core SP without BRAMs on feedback and non-feedback modes • Key setup management is not considered • Static and full configuration • Predefined configuration data • Remote-configuration • Various area/throughput tradeoffs # of slices [18] × 15112 [17] × 12450 [8] × 10992 [19] × 10750 non-feedback mode [9] × 5673 [8] feedback mode × 3528 [13] × 2507 Throughput (Gbits/s) 1.94 17.8 0.414 0.294 0.353 18.56 21.54

  22. AES cryptographic core SP with and without concurrent error detection mechanism on feedback mode • Key setup management is not considered • Performance/reliability tradeoffs • Finer granularity enables reduced fault detection latency and then promotes fast reaction against an attack • Efficiency is at the price of area overhead # of slices [20] × Operation level 5486 [20] Algorithm level × 4806 [20] × 4724 Round level Concurrent Error Detection [20] × 3973 no Concurrent Error Detection Throughput (Mbits/s) 101.4 136.5 53.1 100.3

  23. AES cryptographic core and key setup SP using or not partial configuration • Key setup management is considered • Dynamic configuration • Partial and full configuration • Predefined configuration data or dynamic configuration data • Remote-configuration # of slices [9] × 4312 no partial configuration partial configuration [21] Speed efficient 32 BRAMs × 288 [21] area efficient 8 BRAMs × 250 Throughput (Mbits/s) 250 300 353

  24. Outline • Attacks on embedded systems • Countermeasures • Reconfigurable architectures • Security and reconfigurable architectures • AES case study • Conclusions

  25. Conclusions • Configurable computing presents significant features to target high-security/high performance ambient systems • It is time to extend the vision of security using configurable computing (Configurable computing is not just hardware accelerators for security primitives) • Two complementary views to guide the designer when facing with the difficult problem of system security • Key aspects related to agility are presented and illustrated through the AES security primitive • There are still many issues to make security commonplace dealing with configurable computing and to define the overhead costs that imply security mechanisms at the hardware level

More Related