Abstract
The Field Programmable Gate Array technology invaded the electronic market by offering economic advantages and many attractive features, such as the possibility to dynamically reprogram the hardware configuration in field. However, FPGA devices are not free of secure drawbacks, which include the possibility of install third-party components which may damage the system on which they are hosted. In this paper, we devise a policy enforcement mechanism to monitor and control the access of a dynamically installed component and we design it by employing Decision Trees. We demonstrate, with a significant experimental setup conducted on a commercial device, namely the Xilinx Zynq-7020, the efficacy of the DT based policy enforcer.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Amato, F., Chianese, A., Moscato, V., Picariello, A., Sperli, G.: Snops: A Smart Environment for Cultural Heritage Applications, pp. 49–56 (2012)
Amato, F., Fasolino, A., Mazzeo, A., Moscato, V., Picariello, A., Romano, S., Tramontana, P.: Ensuring Semantic Interoperability for E-health Applications, pp. 315–320 (2011)
Barbareschi, M.: Implementing hardware decision tree prediction: a scalable approach. In: IEEE International Conference on Advanced Information Networking and Applications (AINA-2016). IEEE (2016)
Barbareschi, M., Battista, E., Casola, V., Mazzocca, A.M.E.N.: On the adoption of fpga for protecting cyber physical infrastructures. In: 2013 Eighth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), pp. 430–435. IEEE (2013)
Barbareschi, M., Battista, E., Mazzocca, N., Venkatesan, S.: A hardware accelerator for data classification within the sensing infrastructure. In: 2014 IEEE 15th International Conference on Information Reuse and Integration (IRI), pp. 400–405. IEEE (2014)
Barbareschi, M., Mazzeo, A., Vespoli, A.: Network traffic analysis using android on a hybrid computing architecture. In: Algorithms and Architectures for Parallel Processing, pp. 141–148. Springer (2013)
Barbareschi, M., Mazzeo, A., Vespoli, A.: Malicious traffic analysis on mobile devices: a hardware solution. Int. J. Big Data Intell. 2(2), 117–126 (2015)
Chen, H., Chen, Y., Summerville, D.H.: A survey on the application of fpgas for network infrastructure security. Commun. Surv. Tutorials IEEE 13(4), 541–561 (2011)
Cilardo, A.: New techniques and tools for application-dependent testing of fpga-based components. IEEE Trans. Ind. Inf. 11(1), 94–103 (2015)
Cilardo, A., Mazzocca, N.: Exploiting vulnerabilities in cryptographic hash functions based on reconfigurable hardware. IEEE Trans. Inf. Forensics Secur. 8(5), 810–820 (2013)
Cilardo, A., Barbareschi, M., Mazzeo, A.: Secure distribution infrastructure for hardware digital contents. CDT, IET 8(6), 300–310 (2014)
Cilardo, A., Gallo, L., Mazzocca, N.: Design space exploration for high-level synthesis of multi-threaded applications. J. Syst. Archit. 59(10, Part D), 1171–1183 (2013). http://www.sciencedirect.com/science/article/pii/S1383762113001537
Drimer, S., Güneysu, T., Kuhn, M.G., Paar, C.: Protecting multiple cores in a single fpga design. http://www.cl.cam.ac.uk/sd410/ (2008). Accessed May 2008
Huffmire, T., Brotherton, B., Wang, G., Sherwood, T., Kastner, R., Levin, T., Nguyen, T., Irvine, C.: Moats and drawbridges: an isolation primitive for reconfigurable hardware based systems. In: IEEE Symposium on Security and Privacy, 2007. SP’07, pp. 281–295. IEEE (2007)
Huffmire, T., Prasad, S., Sherwood, T., Kastner, R.: Policy-driven memory protection for reconfigurable hardware. In: Computer Security–ESORICS 2006, pp. 461–478. Springer (2006)
Kashyap, H., Chaves, R.: Compact and on-the-fly secure dynamic reconfiguration for volatile fpgas. ACM Trans. Reconfigurable Technol. Syst. (TRETS) 9(2), 11 (2016)
Kastner, R., Huffmire, T.: Threats and challenges in reconfigurable hardware security. Technical report, DTIC Document (2008)
Maes, R., Schellekens, D., Verbauwhede, I.: A pay-per-use licensing scheme for hardware ip cores in recent sram-based fpgas. IEEE Trans. Inf. Forensics Secur. 7(1), 98–108 (2012)
Pagiamtzis, K., Sheikholeslami, A.: Content-addressable memory (cam) circuits and architectures: a tutorial and survey. IEEE J. Solid-State Circuits 41(3), 712–727 (2006)
Qu, Y.R., Zhou, S., Prasanna, V.K.: High-performance architecture for dynamically updatable packet classification on fpga. In: Proceedings of the Ninth ACM/IEEE Symposium on Architectures for Networking and Communications Systems. pp. 125–136. IEEE Press (2013)
Quinlan, J.R.: C4. 5: Programs for Machine Learning. Elsevier (2014)
Acknowledgments
The list of Authors is in alphabetical order. The corresponding author is Mario Barbareschi. This research work was partially supported by CeRICT for the project NEMBO—PONPE_00159.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Barbareschi, M., Mazzeo, A., Miranda, S. (2016). Adopting Decision Tree Based Policy Enforcement Mechanism to Protect Reconfigurable Devices. In: Pietro, G., Gallo, L., Howlett, R., Jain, L. (eds) Intelligent Interactive Multimedia Systems and Services 2016. Smart Innovation, Systems and Technologies, vol 55. Springer, Cham. https://doi.org/10.1007/978-3-319-39345-2_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-39345-2_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-39344-5
Online ISBN: 978-3-319-39345-2
eBook Packages: EngineeringEngineering (R0)