Invited Tutorial

Matas, Kaspar; La, Tuan; Grunchevski, Nikola; Pham, Khoa Dang; Koch, Dirk

doi:10.1145/3373087.3375390

Cited by 21 publications

(2 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Also in 2019, S. S. Mirzargar, M. Stojilović authored a survey on side-channel and covert-channel attacks targeting FPGA devices. In 2020, K. Matas et al [14] reviewed in an invited tutorial the security concerns that arise when FPGAs are used according to the FPGA-as-a-Service model in data centers. The tutorial highlights the threat of ring oscillators from both the attack and defense perspectives.…”

Section: Previous Workmentioning

confidence: 99%

FPGA Bitstream Modification: Attacks and Countermeasures

Moraitis

2023

IEEE Access

View full text Add to dashboard Cite

Advances in FPGA technology in recent years have resulted in an expansion of its usage in a very wide spectrum of applications. Apart from serving the traditional prototyping purposes, FPGAs are currently regarded as an integral part of embedded systems used in many industries, including communication, medical, aerospace, automotive, and military. Moreover, the emerging trend of AI has found FPGAs to be at the technological forefront with their use as deep learning acceleration platforms. The demand for FPGAs has grown to the point that major companies (e.g. Amazon) are offering cloudbased access to FPGAs, known as FPGA-as-a-Service. In many applications, FPGAs handle sensitive data and/or host cryptographic algorithm implementations. These FPGAs are not always located in a tamperresistant environment, which makes their security a major concern, especially in light of the ever-growing number of publications demonstrating effective attacks specifically tailored to exploit the physical traits of FPGA implementations. In this survey, we cover the subset of those attacks that involve tampering with the FPGA configuration bitstream. We start by discussing how the FPGA vendors attempt to protect their products and how malicious parties try to overcome this protection. We then proceed to present the different bitstream modification attacks that can be found in the literature organized according to their targets. Finally, we present various countermeasures that can be deployed, drawing on bibliographic references from works specifically focused on FPGA bitstream protection, as well as those initially proposed for different purposes or devices that can be adapted for bitstream protection.

show abstract

Section: Previous Workmentioning

confidence: 99%

FPGA Bitstream Modification: Attacks and Countermeasures

Moraitis

2023

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Apart from C4IIoT, recent studies have emerged, such as: building a complete identity verification framework based on Physical Unclonable Functions (PUFs) [31], FPGA hardware security for data centres [32] and a re-configurable hardware-based isolation and protection mechanism for IoT devices [33].…”

Section: Related Workmentioning

confidence: 99%

Secure Sensor Prototype Using Hardware Security Modules and Trusted Execution Environments in a Blockchain Application: Wine Logistic Use Case

et al. 2023

View full text Add to dashboard Cite

The security of Industrial Internet of Things (IIoT) systems is a challenge that needs to be addressed immediately, as the increasing use of new communication paradigms and the abundant use of sensors opens up new opportunities to compromise these types of systems. In this sense, technologies such as Trusted Execution Environments (TEEs) and Hardware Security Modules (HSMs) become crucial for adding new layers of security to IIoT systems, especially to edge nodes that incorporate sensors and perform continuous measurements. These technologies, coupled with new communication paradigms such as Blockchain, offer a high reliability, robustness and good interoperability between them. This paper proposes the design of a secure sensor incorporating the above mentioned technologies—HSMs and a TEE—in a hardware device based on a dual-core architecture. Through this combination of technologies, one of the cores collects the data extracted by the sensors and implements the security mechanisms to guarantee the integrity of these data, while the remaining core is responsible for sending these data through the appropriate communication protocol. This proposed approach fits into the Blockchain networks, which act as an Oracle. Finally, to illustrate the application of this concept, a use case applied to wine logistics is described, where this secure sensor is integrated into a Blockchain that collects data from the storage and transport of barrels, and a performance evaluation of the implemented prototype is provided.

show abstract