Compromising FPGA SoCs using malicious hardware blocks

Jacob, Nisha; Rolfes, Carsten; Zankl, Andreas; Heyszl, Johann; Sigl, Georg

doi:10.23919/date.2017.7927157

Cited by 15 publications

(8 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Consequently, these systems are highly vulnerable to many inside-SoC physical attacks including SoC security corruption by using malicious IP/hardware, side-channel analysis, fault injection and covert channel. SoC security corruption attacks have been proposed first by Jacob et al [23] which showed how a malicious hardware IP can access processor core features and memory to bypass software or system security such as the secure boot. Then Benhani and Bossuet [6] evaluated the security of the ARM TrustZone technology in an FPGAbased SoC.…”

Section: B Attacks and Defenses On System On Chipsmentioning

confidence: 99%

Virtual Platform to Analyze the Security of a System on Chip at Microarchitectural Level

Forcioli

Danger

Maurice

et al. 2021

2021 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)

View full text Add to dashboard Cite

Section: B Attacks and Defenses On System On Chipsmentioning

confidence: 99%

Virtual Platform to Analyze the Security of a System on Chip at Microarchitectural Level

Forcioli

Danger

Maurice

et al. 2021

2021 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)

View full text Add to dashboard Cite

“…To balance the system performance with the resource cost becomes increasingly important as it is able to significantly save the area‐time‐energy with the increasing number of IPs on SoC. Earlier works in this research area mainly focused on specific applications, such as [9–11] for designing SoCs with untrusted IPs, and [12, 13] for improving the system‐level performance in terms of design space and timing constraints.…”

Section: Related Workmentioning

confidence: 99%

Towards IP integration on SoC: a case study of high‐throughput and low‐cost wrapper design on a novel IBUS architecture

Yang

Sha²,

Unwala

et al. 2020

IET Computers & Digital Techniques

View full text Add to dashboard Cite

“…Their proposed work reduces the performance penalty compared to a fully encrypted approach, however it is limited to the detection of attacks and does not provide countermeasures, other than freezing the system communication bus [22]. Jacob et al presented a detailed study of FPGA MPSoC security mechanisms with the focus on Hardware Trojans [13]. They proposed the concept of a light-weight AXI-wrapper as one of the prevention methods, similar to one proposed by [22], to encapsulate system assets.…”

Section: Related-workmentioning

confidence: 99%

“…The development of complex MPSoC based embedded solutions often involves the integration of third-party intellectual property (IP) to reduce time-to-market. The use of vulnerable third-party IP can open the door to attacks such as Hardware Trojans and malware, that can be launched within any device using the compromised IP [11], [12], [13]. Besides, the adaptation of thirdparty software components for ease of integration of network communication stacks, software libraries and services that were not designed primarily for machine-to-machine (M2M) devices pose serious security risks to the device when they are connected to a network or exposed to the Internet.…”

Section: Introductionmentioning

confidence: 99%

Pro-Active Policing and Policy Enforcement Architecture for Securing MPSoCs

Siddiqui

Hagan

Sezer

2018

2018 31st IEEE International System-on-Chip Conference (SOCC)

View full text Add to dashboard Cite

Embedded multiprocessor system-on-chip (MPSoC) architectures allow implementation of mixed critical applications and provide security mechanisms to segregate and protect system resources such as ARM TrustZone. These architectures enforce strict security measures right from the powering on of the system, to prevent misuse and compromise. However, such security measures have been found vulnerable where security design practices are not considered or are poorly implemented, particularly at software and hardware stack boundaries. Also, the embedded solutions developed using these MPSoC platforms are vulnerable to single points of failure and do not contain active response or mitigations for circumstances where a compromise occurs. This paper proposes pro-active hardware based policing and policy enforcement approach, along with system architecture and its hardware components, to this research problem. The architecture is physically isolated from the rich computing resources which actively monitors communications of system resources on the ARM AMBA-AXI4 bus. It detects anomalous system behaviours such as policy violation or compromised bus communication responses, and responds with predefined active countermeasures, such as deletion of secret data or disabling of the device to tackle security vulnerabilities and attacks at runtime. This proposed solution complements existing embedded hardware and software security technologies and provides an additional layer of hardware security when a vulnerability is found and exploited. This contribution lends itself to the principle of least privilege, implemented in software-based access control solutions like SELinux to mitigate when other protections have failed. This paper presents a proof-of-concept work supported by preliminary synthesis results on Xilinx Zynq-7000 and Ultra-Scale+ MPSoC chips.

show abstract

Compromising FPGA SoCs using malicious hardware blocks

Cited by 15 publications

References 8 publications

Virtual Platform to Analyze the Security of a System on Chip at Microarchitectural Level

Virtual Platform to Analyze the Security of a System on Chip at Microarchitectural Level

Towards IP integration on SoC: a case study of high‐throughput and low‐cost wrapper design on a novel IBUS architecture

Pro-Active Policing and Policy Enforcement Architecture for Securing MPSoCs

Contact Info

Product

Resources

About