Proof-Carrying Hardware versus the Stealthy Malicious LUT Hardware Trojan

Qazi Arbab Ahmed, Tobias Wiersema, Marco Platzner

Reconfigurable hardware has received considerable attention as a platform that enables dynamic hardware updates and thus is able to adapt new configurations at runtime. However, due to their dynamic nature, e.g., field-programmable gate arrays (FPGA) are subject to a constant possibility of attacks, since each new configuration might be compromised. Trojans for reconfigurable hardware that evade state-of- the-art detection techniques and even formal verification, are thus a large threat to these devices. One such stealthy hardware Trojan, that is in- serted and activated in two stages by compromised electronic design au- tomation (EDA) tools, has recently been presented and shown to evade all forms of classical pre-configuration detection techniques. This paper presents a successful pre-configuration countermeasure against this “Ma- licious Look-up-table (LUT)”-hardware Trojan, by employing bitstream- level Proof-Carrying Hardware (PCH). We show that the method is able to alert innocent module creators to infected EDA tools, and to prohibit malicious ones to sell infected modules to unsuspecting customers.

Secure Local Configuration of Intellectual Property without a Trusted Third Party

Nadir Khan, Arthur Silitonga, Brian Pachideh, Sven Nitzsche, Jürgen Becker

Trading intellectual property (IP) for FPGAs relies on configuring devices securely. This is achieved by using built-in security features of modern FPGAs, i.e. internal decryption engines. The disadvantage of using these fea- tures is that a trusted third party (TTP) needs to be involved for the preparation of the devices. Previously published schemes, in this area, are dependent on a TTP that mediates between core vendors (CVs) and system developers (SDs), which poses a major flaw in the chain of trust. In this paper, we propose a scheme where CV and SD can establish a licensing agreement without the par- ticipation of a TTP using off-the-shelf products. The IP is delivered in a secure format using state-of-the-art encryption methods. Decryption of the IP is han- dled by an application running on the FPGA that furthermore guarantees a se- cure configuration of the device. In order to prevent reverse engineering (RE) of the application, we rely on the progress made in hardware-assisted software (HAS) protection using a tamper and side channel attack (SCA) resistant hard- ware component. As a result, the application establishes a chain of trust be- tween CVs and SDs without the need for a TTP.

ReM: a Reconfigurable Multipotent Cell for New Distributed Reconfigurable Architectures

Ludovica Bozzoli, Luca Sterpone

Recently, the usage of the reconfigurable computing devices has seen a sharp increase in many application fields. Several reconfigurable architectures have been proposed in the last decades, with different levels of granularity and complexity and SRAM-based Field Programmable Gate Array (FPGA) remains the target support to develop reconfigurable architectures. However, even if FPGA is an established technology, it is not fully optimized for detailed partial run time reconfiguration. In fact, FPGAs reconfiguration granularity is large, even if single resources are configured by few bits, since the amount of data to be re-loaded inside the configuration memory for small changes is huge. Con- sidering that the major bottleneck of reconfiguration is the excessive reconfigu- ration time, which is proportional to the number of bits to be reconfigured, when reconfiguration involves few basic resources, such architecture leads to a considerable overhead. In this paper, we propose a new reconfigurable computing architecture that im- plement distributed reconfiguration at the lowest granularity to maximize flexi- bility and scalability. This is obtained providing to the basic reconfigurable functional unit the ability to reconfigure itself and the neighbor units. In fact, each cell, beside functioning as Logic, Memory and Connectivity can also trig- ger reconfiguration for itself and for given portion of the array of cells. To show the feasibility and the advantages of our idea, we designed and implemented a Reconfigurable Multipotent Cell, ReM. The results obtained with the imple- mentation of benchmark circuits on this architecture confirm the advantages in terms of reconfiguration time.

Update or Invalidate: Influence of Coherence Protocols on Configurable HW Accelerators

Johanna Rohde, Lukas Johannes Jung, Christian Hochberger

Configurable hardware accelerators offer the opportunity to execute compute intense parts of applications with a higher performance and a higher en- ergy efficiency as in pure software execution. One important component in such accelerators is the memory access to the system memory. Typically, this is real- ized through a cache hierarchy. In this contribution, we implement two different cache coherence protocols in two different configurable HW accelerators on real hardware. Using multiple benchmarks, we evaluate the influence of the cache co- herence protocol on the execution time of the accelerators. As a result, we show that the Dragon protocol performs better than the MOESI protocol.