Skip to main content
SpringerLink
Log in

A Secure Boot Framework with Multi-security Features and Logic-Locking Applications for Reconfigurable Logic

  • Published:
Journal of Hardware and Systems Security Aims and scope Submit manuscript

Abstract

Reconfigurable platforms such as field-programmable gate arrays (FPGAs) are widely used as an optimized platform with fast design time. New features such as dynamic reconfiguration make the bitstream vulnerable to clone/modification attacks which raise a security concern in today’s heterogeneous computing architecture. A widely adopted countermeasure is by providing a secure boot mechanism as root-of-trust to authenticate the unmodified firmware to prevent attackers from manipulating it. In this work, we propose an automated security-aware design flow scheme by integrating the logic-locking scheme for secure boot in Xilinx FPGAs. The proposed design implements FPGA-based logic obfuscation, with a pre-boot in-field device authentication scheme implemented using ARM TrustZone enabled with Trusted Platform Modules (TPM) key provisioning. This scheme constructs security features that can protect the IPs during the design process and integrates the primitives with FPGAs secure boot process and enhances bitstream security.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Zhang Jiliang, Gang Qu (2019) Recent attacks and defenses on FPGA-based systems. ACM Trans Reconfigurable Technol Syst 12:1–24. https://doi.org/10.1145/3340557

    Article  Google Scholar 

  2. Rajendran J, Sam M, Sinanoglu O, Karri R (2013) Security analysis of integrated circuit camouflaging. In: ACM/SIGSAC Conference on Computer and Communications Security, pp 709–720

  3. Jarvis RW, McIntyre MG (2007) Split manufacturing method for advanced semiconductor circuits. US Patent 7(195):931

  4. Chakraborty RS, Bhunia S (2009) HARPOON: an obfuscation-based SoC design methodology for hardware protection. IEEE Trans Comput Aided Des Integr Circuits Syst 28(10):1493–1502

    Article  Google Scholar 

  5. Xilinx Inc. (2014) Zynq-7000 all programmable SoC secure boot. https://www.xilinx.com/support/documentation/user-guides/ug1025-zynq-secure-boot-gsg.pdf

  6. Trusted Computing Group (2017) TCG PC client platform TPM profile (PTP) specification family ‘2.0’ TCG public review

  7. Benhani EM, Bossuet L, Aubert A (2019) The security of ARM TrustZone in a FPGA-based SoC. IEEE Trans Comput 68(8):1238–1248. https://doi.org/10.1109/TC.2019.2900235

  8. Xilinx (2017) Understanding FPGA architecture. https://www.xilinx.com/html-docs/xilinx2017-2/sdaccel-doc/topics/devices/con-fpga-architecture.html/

  9. Cowan C, Pu C, Maier D, Hintony H, Walpole J, Bakke P, Beattie S, Grier A, Wagle P, Zhang Q (1998) StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In: Usenix, p 5

  10. Prandini M, Ramilli M (2012) Return-oriented programming, pp 84–87

  11. Xilinx (2013) Zynq-7000 All Programmable SoC Software Developers Guide. Tech Rep. https://www.xilinx.com/support/documentation/user-guides/ug821-zynq-7000swdev.pdf

  12. Xilinx and Inc. (2017) Using encryption and authentication to secure an ultraScale/ultraScale+ FPGA bitstream application note (XAPP1267), XAPP1267

  13. Siddiqui AS, Gui Y, Saqib F (2020) Secure boot for reconfigurable architectures. Cryptography 4(4):26. https://doi.org/10.3390/cryptography4040026

  14. Siddiqui AS et al (2019) Multilayer camouflaged secure boot for SoCs. In: 2019 20th international workshop on microprocessor/SoC test, security and verification (MTV), pp 56–61

  15. Pocklassery G, Che W, Saqib F, Areno M, Plusquellic J (2018) Self-authenticating secure boot for FPGAs. In: 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). IEEE, pp 221–226

  16. Haj-Yahya J, Wong MM, Pudi V, Bhasin S, Chattopadhyay A (2019) Lightweight secure-boot architecture for RISC-V system-on-chip. In: 20th International Symposium on Quality Electronic Design (ISQED), pp 216-223. https://doi.org/10.1109/ISQED.2019.8697657

  17. Hosseinzadeh S, Sequeiros B, Inácio PR, Leppänen V (2020) Recent trends in applying TPM to cloud computing. Secur Priv 3: n. pag

  18. Zuo X, Liu W (2007) TPM based key backup and recovery. Int Conf Mach Learn Cybern 2007:2164–2167. https://doi.org/10.1109/ICMLC.2007.4370503

    Article  Google Scholar 

  19. Shin J, Kim Y, Park W, Park C (2012) DFCloud: A TPM-based secure data access control method of cloud storage in mobile devices. In: 4th IEEE International Conference on Cloud Computing Technology and Science Proceedings, pp 551–556. https://doi.org/10.1109/CloudCom.2012.6427606

  20. Yasin M, Mazumdar B, Rajendran JJ, Sinanoglu O (2016) SARLock: Sat attack resistant logic locking. In: 2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp 236–241

  21. Yasin M, Mazumdar B, Rajendran JJ, Sinanoglu O (2017) TTLock: Tenacious and traceless logic locking. In: 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), p 166

  22. Xie Y, Srivastava A (2018) Anti-sat: Mitigating sat attack on logic locking. IEEE Trans Comput Aided Des Integr Circuits Syst 38(2):199–207

    Article  Google Scholar 

  23. Yasin M, Sengupta A, Nabeel MT, Ashraf M, Rajendran J, Sinanoglu O (2017) Provably-secure logic locking: From theory to practice. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp 1601–1618

  24. Rajendran J, Pino Y, Sinanoglu O, Karri R (2012) Logic encryption: A fault analysis perspective. In: 2012 Design, Automation and Test in Europe Conference and Exhibition (DATE), pp 953–958

  25. Ngabonziza B, Martin D, Bailey A, Cho H, Martin S (2016) TrustZone explained: architectural features and use cases. In: 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC). Pittsburgh, PA, pp 445–451. https://doi.org/10.1109/CIC.2016.065

  26. Pinto S, Santos N (2019) Demystifying arm trustZone: a comprehensive survey. ACM Comput Surv 51(6):1–36. https://doi.org/10.1145/3291047

  27. Balisane RA, Martin A (2016) Trusted execution environment-based authentication gauge (TEEBAG). In: Proceedings of the 2016 New Security Paradigms Workshop (NSPW ’16). Association for Computing Machinery. New York, NY, USA, pp 61–67. https://doi.org/10.1145/3011883.3011892

  28. Zhao B, Xiao Y, Huang Y, Cui X (2017) A private user data protection mechanism in trustzone architecture based on identity authentication. Tsinghua Sci Technol 22(2):218–225. https://doi.org/10.23919/TST.2017.7889643

  29. Gross M et al (2019) Breaking trustzone memory isolation through malicious hardware on a modern FPGA-SoC. Proceedings of the 3rd ACM Workshop on Attacks and Solutions in Hardware Security Workshop

  30. Zhang J, Lin Y, Qu G (2015) Reconfigurable binding against FPGA replay attacks. ACM Trans Des Autom Electron Syst 20(2):1–20

    Article  Google Scholar 

  31. Xilinx Inc., UG 470 - 7 Series FPGAs Configuration. https://www.xilinx.com/support/documentation/user-guides/ug470-7Series-Config.pdf. Accessed 20 Aug 2018

  32. Chakraborty RS, Saha I, Palchaudhuri A, Naik GK (2013) Hardware trojan insertion by direct modification of FPGA configuration bitstream. IEEE Des Test 30(2):45–54

    Article  Google Scholar 

  33. Aarestad J, Ortiz P, Acharyya D, Plusquellic J (2013) HELP: a hardware-embedded delay PUF. IEEE Des Test 30(2):17–25. https://doi.org/10.1109/MDT.2013.2247459

    Article  Google Scholar 

  34. Zhang T, Wang J, Guo S, Chen Z (2019) A comprehensive FPGA reverse engineering tool-chain: from bitstream to RTL code. IEEE Access 7:38379–38389. https://doi.org/10.1109/ACCESS.2019.2901949

    Article  Google Scholar 

  35. Berkeley Logic Synthesis and Verification Group (2005) ABC: a system for sequential synthesis and verification

  36. Hyung Ki Lee and Dong Sam Ha (1996) HOPE: an efficient parallel fault simulator for synchronous sequential circuits. IEEE Trans Comput Aided Des Integr Circuits Syst 15(9):1048–1058. https://doi.org/10.1109/43.536711

    Article  Google Scholar 

  37. Hansen MC, Yalcin H, Hayes JP (1999) Unveiling the iscas-85 benchmarks: A case study in reverse engineering. IEEE Des Test Comput 16(3):72–80

    Article  Google Scholar 

  38. Rajendran J et al (2015) Fault analysis-based logic encryption. IEEE Trans Comput 64(2):410–424. https://doi.org/10.1109/TC.2013.193

    Article  MathSciNet  MATH  Google Scholar 

  39. Siddiqui AS, Saqib F. HEADS-UNCC/TPM-Baremetal-Drivers: TPM Baremetal for FPGAs and other Embedded Systems. https://github.com/HEADS-UNCC/TPM-baremetal-drivers. Accessed 30 Sept 2020

Download references

Author information

Authors and Affiliations

  1. University of North Carolina at Charlotte, Charlotte, North Carolina, USA

    Geraldine Shirley Nicholas, Ali Shuja Siddiqui, Sam Reji Joseph, Gregory Williams & Fareena Saqib

Authors
  1. Geraldine Shirley Nicholas
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ali Shuja Siddiqui
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sam Reji Joseph
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Gregory Williams
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Fareena Saqib
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Geraldine Shirley Nicholas.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Nicholas, G.S., Siddiqui, A.S., Joseph, S.R. et al. A Secure Boot Framework with Multi-security Features and Logic-Locking Applications for Reconfigurable Logic. J Hardw Syst Secur 5, 260–268 (2021). https://doi.org/10.1007/s41635-021-00123-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41635-021-00123-3

Keywords

Search

Navigation