Abstract
Remote firmware updates have become the de facto standard to guarantee a secure deployment of often decentrally operated IoT devices. However, the transfer and the provision of updates are considered as highly security-critical. Immunity requirements, such as the authenticity of the update provider and the integrity and confidentiality of the content typically loaded from an external cloud server over an untrusted network are therefore mandatory. This is especially true for FPGA-based programmable System-on-Chip (PSoC) architectures, as they are ideal implementation candidates for products with a long lifetime due to their adaptivity of both software and hardware configurations. In this paper, we propose a methodology for securely updating PSoC architectures by exploiting the reconfigurable logic of the FPGA. In the proposed approach, the FPGA serves as a secure anchor point by performing the required authenticity and integrity checks before granting the system update to be installed. In particular, a hardware design called Trusted Update Unit (TUU) is defined that is loaded from memory for the duration of an update session to first verify the identity of an external update provider and then, based on this verification, to establish a secure channel for protected data transfers. The proposed approach is also able to secure the confidentiality of cryptographic keys even if the software of the PSoC is compromised by applying them only as device-intrinsic secrets. Finally, an implementation of the approach on a Xilinx Zynq PSoC is described and evaluated for the design objectives performance and resource costs.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Anderson, J.H.: A PUF design for secure FPGA-based embedded systems. In: ASPDAC. IEEE (2010)
Baudet, M., Lubicz, D., Micolod, J., Tassiaux, A.: On the security of oscillator-based random number generators. J. Cryptol. 24(2), 398–425 (2010). https://doi.org/10.1007/s00145-010-9089-3
Canvel, B., Hiltgen, A., Vaudenay, S., Vuagnoux, M.: Password interception in a SSL/TLS channel. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 583–599. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_34
Coughlin, A., Cusack, G., Wampler, J., Keller, E., Wustrow, E.: Breaking the trust dependence on third party processes for reconfigurable secure hardware. In: FPGA (2019)
Drimer, S., Kuhn, M.G.: A protocol for secure remote updates of FPGA configurations. In: Becker, J., Woods, R., Athanas, P., Morgan, F. (eds.) ARC 2009. LNCS, vol. 5453, pp. 50–61. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00641-8_8
Guajardo, J., Kumar, S.S., Schrijen, G.-J., Tuyls, P.: FPGA intrinsic PUFs and their use for IP protection. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 63–80. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74735-2_5
Guajardo, J., Kumar, S.S., Schrijen, G.J., Tuyls, P.: Physical unclonable functions and public-key crypto for FPGA IP protection. In: FPL (2007)
Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987)
Morris, K.: Xilinx Hits the Road with Daimler SoCs to Power Automotive AI Applications. https://www.eejournal.com/article/xilinx-hits-the-road-with-daimler. Accessed March 2021
Ray, S., Basak, A., Bhunia, S.: Patching the Internet of Things. IEEE Spectr. 54(11), 30–35 (2017)
Ronen, E., Gillham, R., Genkin, D., Shamir, A., Wong, D., Yarom, Y.: The 9 lives of bleichenbacher’s CAT: new cache attacks on TLS implementations. In: SP. IEEE (2019)
Simpson, E., Schaumont, P.: Offline hardware/software authentication for reconfigurable platforms. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 311–323. Springer, Heidelberg (2006). https://doi.org/10.1007/11894063_25
Somorovsky, J.: Systematic fuzzing and testing of TLS libraries. In: CCS (2016)
Streit, F., et al.: Data acquisition and control at the edge: a hardware/software-reconfigurable approach. Prod. Eng. 14(3), 365–371 (2020). https://doi.org/10.1007/s11740-020-00964-x
Streit, F.J., Fritz, F., Becher, A., et al.: Secure boot from non-volatile memory for programmable SoC architectures. In: HOST. IEEE (2020)
Streit, F.J., Letras, M., Schid, M., Falk, J., Wildermann, S., Teich, J.: High-level synthesis for hardware/software co-design of distributed smart camera systems. In: ICDSC. ACM (2017)
Unterstein, F., Jacob, N., Hanley, N., Gu, C., Heyszl, J.: SCA secure and updatable crypto engines for FPGA SoC bitstream decryption. In: ASHES (2019)
Zandberg, K., Schleiser, K., Acosta, F., Tschofenig, H., Baccelli, E.: Secure firmware updates for constrained IoT devices using open standards: a reality check. IEEE Access 7, 71907–71920 (2019)
Acknowledgment
The work has been supported by the Schaeffler Hub for Advanced Research at Friedrich-Alexander University (SHARE at FAU).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Streit, FJ., Wildermann, S., Pschyklenk, M., Teich, J. (2021). Providing Tamper-Secure SoC Updates Through Reconfigurable Hardware. In: Derrien, S., Hannig, F., Diniz, P.C., Chillet, D. (eds) Applied Reconfigurable Computing. Architectures, Tools, and Applications. ARC 2021. Lecture Notes in Computer Science(), vol 12700. Springer, Cham. https://doi.org/10.1007/978-3-030-79025-7_17
Download citation
DOI: https://doi.org/10.1007/978-3-030-79025-7_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-79024-0
Online ISBN: 978-3-030-79025-7
eBook Packages: Computer ScienceComputer Science (R0)