Visible to the public MUTARCH: Architectural diversity for FPGA device and IP security

TitleMUTARCH: Architectural diversity for FPGA device and IP security
Publication TypeConference Paper
Year of Publication2017
AuthorsKaram, R., Hoque, T., Ray, S., Tehranipoor, M., Bhunia, S.
Conference Name2017 22nd Asia and South Pacific Design Automation Conference (ASP-DAC)
Keywordsarchitectural diversity, automotive systems, biomedical systems, bitstream encryption, Collaboration, composability, configuration file, diverse applications, Encryption, field programmable gate arrays, FPGA device, Hardware, in-field reconfiguration, intellectual property blocks, Internet of Things, IoT, IP blocks, IP piracy, IP security, logic circuits, logical configuration keys, microprocessor chips, modern remote upgrade techniques, MUTARCH, physical configuration keys, policy, policy-based governance, pubcrawl, Resiliency, security through diversity principle, static keys, Table lookup, time-varying keys, Transforms, unauthorized in-field reprogramming
AbstractField Programmable Gate Arrays (FPGAs) are being increasingly deployed in diverse applications including the emerging Internet of Things (IoT), biomedical, and automotive systems. However, security of the FPGA configuration file (i.e. bitstream), especially during in-field reconfiguration, as well as effective safeguards against unauthorized tampering and piracy during operation, are notably lacking. The current practice of bitstreram encryption is only available in high-end FPGAs, incurs unacceptably high overhead for area/energy-constrained devices, and is susceptible to side channel attacks. In this paper, we present a fundamentally different and novel approach to FPGA security that can protect against all major attacks on FPGA, namely, unauthorized in-field reprogramming, piracy of FPGA intellectual property (IP) blocks, and targeted malicious modification of the bitstream. Our approach employs the security through diversity principle to FPGA, which is often used in the software domain. We make each device architecturally different from the others using both physical (static) and logical (time-varying) configuration keys, ensuring that attackers cannot use a priori knowledge about one device to mount an attack on another. It therefore mitigates the economic motivation for attackers to reverse engineering the bitstream and IP. The approach is compatible with modern remote upgrade techniques, and requires only small modifications to existing FPGA tool flows, making it an attractive addition to the FPGA security suite. Our experimental results show that the proposed approach achieves provably high security against tampering and piracy with worst-case 14% latency overhead and 13% area overhead.
Citation Keykaram_mutarch:_2017