Visible to the public SACHa: Self-Attestation of Configurable Hardware

TitleSACHa: Self-Attestation of Configurable Hardware
Publication TypeConference Paper
Year of Publication2019
AuthorsVliegen, Jo, Rabbani, Md Masoom, Conti, Mauro, Mentens, Nele
Conference Name2019 Design, Automation Test in Europe Conference Exhibition (DATE)
Keywordsattestation, composability, Computer architecture, configurable FPGA hardware, configurable hardware, device attestation, embedded device, Embedded Software, Embedded systems, field programmable gate arrays, Field-Programmable Gate Arrays, FPGAs, Hardware, hardware-based attestation, hardware-software system, Human Behavior, intended application code, Microprocessors, physical attacks, Protocols, pubcrawl, Read only memory, remote attacks, Resiliency, SACHa, self-attestation, Software, tamper-resistant hardware module
AbstractDevice attestation is a procedure to verify whether an embedded device is running the intended application code. This way, protection against both physical attacks and remote attacks on the embedded software is aimed for. With the wide adoption of Field-Programmable Gate Arrays or FPGAs, hardware also became configurable, and hence susceptible to attacks (just like software). In addition, an upcoming trend for hardware-based attestation is the use of configurable FPGA hardware. Therefore, in order to attest a whole system that makes use of FPGAs, the status of both the software and the hardware needs to be verified, without the availability of a tamper-resistant hardware module.In this paper, we propose a solution in which a prover core on the FPGA performs an attestation of the entire FPGA, including a self-attestation. This way, the FPGA can be used as a tamper-resistant hardware module to perform hardware-based attestation of a processor, resulting in a protection of the entire hardware/software system against malicious code updates.
Citation Keyvliegen_sacha_2019