Recent Advances in FPGA Reverse Engineering

Yu, Hoyoung; Lee, Hansol; S, Lee; Kim, Youngmin; Lee, Hyung Min

doi:10.3390/electronics7100246

Cited by 30 publications

(18 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Arachne-PNR is currently unsupported and the NextPNR tool became a full functional replacement with significant enhancements. Finally, (3) IcePack converts TXT file into bitstream [9,34]. The implementation of the cores was developed in Verilog language through the IceStorm tool.…”

Section: Reconfigurable Hardware Descriptionmentioning

confidence: 99%

A New Methodology for a Retrofitted Self-tuned Controller with Open-Source FPGA

Cruz-Miguel

García-Martínez

Rodríguez‐Reséndiz

et al. 2020

Sensors

View full text Add to dashboard Cite

Servo systems are feedback control systems characterized by position, speed, and/or acceleration outputs. Nowadays, industrial advances make the electronic stages in these systems obsolete compared to the mechanical elements, which generates a recurring problem in technological, commercial and industrial applications. This article presents a methodology for the development of an open-architecture controller that is based on reconfigurable hardware under the open source concept for servo applications. The most outstanding contribution of this paper is the implementation of a Genetic Algorithm for online self tuning with a focus on both high-quality servo control and reduction of vibrations during the positioning of a linear motion system. The proposed techniques have been validated on a real platform and form a novel, effective approach as compared to the conventional tuning methods that employ empirical or analytical solutions and cannot improve their parameter set. The controller was elaborated from the Graphical User Interface to the logical implementation while using free tools. This approach also allows for modification and updates to be made easily, thereby reducing the susceptibility to obsolescence. A comparison of the logical implementation with the manufacturer software was also conducted in order to test the performance of free tools in FPGAs. The Graphical User Interface developed in Python presents features, such as speed profiling, controller auto-tuning, measurement of main parameters, and monitoring of servo system vibrations.

show abstract

Section: Reconfigurable Hardware Descriptionmentioning

confidence: 99%

A New Methodology for a Retrofitted Self-tuned Controller with Open-Source FPGA

Cruz-Miguel

García-Martínez

Rodríguez‐Reséndiz

et al. 2020

Sensors

View full text Add to dashboard Cite

show abstract

“…Security investigations are mostly centred around injecting malicious bits into the bitstream (Ender et al, 2019;Swierczynski, Becker, Moradi, & Paar, 2018), weakening/breaking bitstream encryption (Celebucki, Graham, & Gunawardena, 2018;Swierczynski, Fyrbiak, Koppe, & Paar, 2015), and extracting the design from the device (Ding, Wu, Zhang, & Zhu, https://doi.org/10.18489/sacj.v31i1.620 2013). An excellent source covering the current state of reverse engineering of FPGA bitstreams, including those from other vendors, can be found in (Yu, Lee, Lee, Kim, & Lee, 2018).…”

Section: Manipulating Fpga Resourcesmentioning

confidence: 99%

Parsing and analysis of a Xilinx FPGA bitstream for generating new hardware by direct bit manipulation in real-time

Roux

Schoor

Vuuren

2019

SACJ

View full text Add to dashboard Cite

Despite the many advantages run-time reconfiguration of FPGAs brings to the table, its usage is mostly limited to quasi-static applications. This is either due to the throughput of the reconfiguration process, or the time required to create new hardware. In order to optimise the former, the literature proposes a block RAM (BRAM)-based architecture in which a new configuration is stored in localised memory and reconfiguration is facilitated by a controller implemented in the FPGA fabric. The limitation of this architecture is that only a subset of configurations can be stored. When new hardware is required, the slow synthesis process (or a part thereof) has to be repeated for each new configuration. Various third-party tools aim to mitigate this overhead, but since the bitstream is shrouded in obscurity, all rely on a layer of abstraction that make them unusable in real-time. To address this issue, this paper presents a novel method to parse and analyse a Xilinx® FPGA bitstream to extract certain characteristics. It is shown how these characteristics could be used to design and implement a bitstream specialiser, capable of taking a bitstream and modifying the configuration bits of lookup tables in real-time.

show abstract

“…Field programmable gate arrays (FPGAs) are a type of semiconductor device that can be reconfigured by register transfer level (RTL) designers to realize target functionality. A typical FPGA conceptually consists of a tile of three major blocks [1,2], configurable logic blocks (CLBs), input/output blocks (IOBs), and switch matrices (SMs), as shown in Figure 1. CLB is a primary resource to realize target logic function.…”

Section: Introductionmentioning

confidence: 99%

“…In addition, IOBs are responsible for controlling external connectivity and SMs provide configurable internal connectivity between the CLBs and IOBs within the FPGA. It is important that the configurability of FPGA originates from values that are stored in programmable points [1,2] such as programmable logic points (PLP), programmable interconnect points (PIP), and programmable content points (PCP), denoted as bold red boxes in Figure 2. According to the values stored in the programmable points, a FPGA is allowed to provide various logical functionalities as required by the RTL designer intends.…”

Section: Introductionmentioning

confidence: 99%

Fast Logic Function Extraction of LUT from Bitstream in Xilinx FPGA

Choi

Yoo

2020

Electronics

View full text Add to dashboard Cite

This paper presents a fast method to extract logic functions of look-up tables (LUTs) from a bitstream in Xilinx FPGAs. In general, FPGAs utilize LUTs as a primary resource to realize a logic function, and a typical N-input LUT comprises 2N 1-bit SRAM and N – 1 multiplexers. Whereas the previous research demands 2N exhaustive processing to find a mapping rule between an LUT and a bitstream, the proposed method decreases the processing to 2N by eliminating unnecessary processing. Experimental results show that the proposed method can reduce reversing time by more than 57% and 85% for Xilinx Spartan-3 and Virtex-5 compared to the previous exhaustive algorithm. It is noticeable that the reduction time becomes more significant as a commercial Xilinx FPGA tends to include a more tremendous number of LUTs.

show abstract

Recent Advances in FPGA Reverse Engineering

Cited by 30 publications

References 14 publications

A New Methodology for a Retrofitted Self-tuned Controller with Open-Source FPGA

A New Methodology for a Retrofitted Self-tuned Controller with Open-Source FPGA

Parsing and analysis of a Xilinx FPGA bitstream for generating new hardware by direct bit manipulation in real-time

Fast Logic Function Extraction of LUT from Bitstream in Xilinx FPGA

Contact Info

Product

Resources

About