How to Break Secure Boot on FPGA SoCs Through Malicious Hardware.

In this contribution, we demonstrate how an FPGA hardware design can compromise the important secure boot process of the main software system to boot from a malicious network source instead of an authentic ... This significant and new threat arises from the fact that the CPU and FPGA are connected to the same memory bus, so that FPGA hardware designs can interfere with secure boot routines on FPGA SoCs that ... Conclusion We successfully demonstrated the feasibility and practical impact of attacks on the secure boot process of FPGA SoCs through hardware on the FPGA. ...

doi:10.1007/978-3-319-66787-4_21 fatcat:n2fz4op665caba27jyp55u6pma

The proposed framework implements a secure boot protocol on Xilinx based FPGAs. ... This process is susceptible to remote hijacking, where the attacker can maliciously update the reconfigurable hardware target with tainted hardware configuration. ... How to break secure boot on FPGA SoCs through malicious hardware. ...

doi:10.3390/cryptography4040026 fatcat:rrutti77gnaspirfcmz4p22bbq

DOAJ

Index Terms—Internet of Things, hardware-based security, embedded systems, SoC, FPGA, secure communications ... Specifically, we have proposed (1) hardware based schemes for establishment of root of trust; (2) the design of a reliable and secure key generator and management system using SoC FPGA; (3) development ... Using dedicated hardware assist (e.g., SoC, FPGA) can relieve the burden on processors. ...

doi:10.5281/zenodo.4577525 fatcat:gjhzrn7tszgs5fxdjuwjkzngeq

Open Access

Concentrating on hardware security will help users to have better insight about IoT/CPS security requirements, identify the vulnerabilities of these systems and give good information on how to build secure ... Recent Field Programmable Gate Array (FPGA) and System on Chips (SoCs) can help in implementing a security system that extends to the IC level. ... Cloud-based protection and security in this case might be enough and a way of how to protect the data from the sensor through to the cloud aggregation point, and from there on to the applications is needed ...

doi:10.18502/keg.v3i7.3072 fatcat:chrzt55wxbfhjhuf6cyxvd4cs4

Open Access

This work shows how the entire boot security of an Nvidia SoC, used in Tesla's autopilot and Mercedes-Benz's infotainment system, can be circumvented using voltage FI. ... At the same time, modern systems on a chip (SoCs) are used in security-critical applications, such as self-driving cars and autonomous machines. ... To this end, we explain how a hardware implant can permanently manipulate the RoT. ...

arXiv:2108.06131v2 fatcat:7oor7ezryrbevksuyjxa5zhjnm

Multiple Versions

This paper introduces an ongoing study aiming at analyzing the attacks relying on the hardware vulnerabilities of the microarchitectures of CPUs and SoCs. ... The processors (CPUs) embedded in System on Chip (SoC) have to face recent attacks taking advantage of vulnerabilities/features in their microarchitectures to retrieve secret information. ... [23] which showed how a malicious hardware IP can access processor core features and memory to bypass software or system security such as the secure boot. ...

doi:10.1109/eurospw54576.2021.00017 fatcat:ljhuwgh3ebb47ksi3bocapspmy

A proof-ofconcept FPGA implementation of the proposed RoT module is demonstrated on Zynq SoCs, as an add-on extension to a RISC-V processor for establishing trust between applications of connected devices ... CCS Concepts • Security and privacy → Embedded systems security. ... Acknowledgments This work was supported in part by the German Research Foundation (DFG) as part of the Transregional Collaborative Research Centre "Invasive Computing" (SFB/TR 89), the KU Leuven Research Council through ...

doi:10.1145/3342559.3365334 dblp:conf/sosp/TuranV19 fatcat:gfdco6f54rbs3fxt5hrmuoi4s4

Even so, such interference can never break the security of the SA, and it may only disturb the loading of the SA to deactivate our TEE on the FPGA. ... Only the infrastructure hardware can use the key to decrypt and install the encrypted bitstream when the FPGA is booted. ...

doi:10.1109/access.2021.3069223 fatcat:3slznw6funfa7oq6o4esiutvuq

DOAJ

The security of FPGAs is a crucial topic, as any vulnerability within the hardware can have severe consequences, if they are used in a secure design. ... Adversaries have many motivations to recover and manipulate the bitstream, including design cloning, IP theft, manipulation of the design, or design subversions e.g., through hardware Trojans. ... Acknowledgments We communicate these findings with Xilinx in a responsible disclosure on 24 September 2019. ...

arXiv:2105.13756v1 fatcat:ga6gvxg2ivhpbctweecft7ayue

This seminar aims to bring together a group of researchers, who are actively involved in the design and the security assessment of hardware primitives. ... In addition to these presentations, the program also included three discussion sessions, and two special sessions on curriculum development and funding programs. ... technologies of modern FPGAs and programmable SoCs. ...

doi:10.4230/dagrep.6.5.72 dblp:journals/dagstuhl-reports/KerenPT16 fatcat:dj5xqpsogrgtlgut3oneo6qss4

However, latest technology in embedded security combined (low power, on-SOC memory, small size) with trusted computing specifications (ensuring trusted communication and user) is believed to enhance security ... Introduction Consideration for security level in Wireless Sensor Networks (WSN) should depend on the demand of the intended applications. ... Secure boot with the root of trust located in On-SoC ROM will provide a chain of trust for all the secure world software and hardware peripherals and some of the normal world software. ...

doi:10.5772/13712 fatcat:r65jbllfzzc6bjgd5kxinkgmlu

We demonstrate how a heterogeneous architecture can be utilized to realize a secure TEE design. ... hardware. ... More concretely, we demonstrate how the TEE can be used to boot Linux on the main application processor securely. ...

arXiv:2009.05262v2 fatcat:jnbxmxy2bfe4njryhenrn3zdvy

Multiple Versions

In this work, we show how fault attacks can be launched within an FPGA, through software-provided bitstreams alone. ... To cause this voltage drop, we first show how specific patterns to activate Ring Oscillators can cause timing failures in simple test designs on various FPGA boards. ... Acknowledgements We like to thank Amir Moradi from Ruhr-Universität Bochum for allowing us to use his example AES implementation, which was also previously used in our joint work [SGMT18] . ...

doi:10.13154/tches.v2018.i3.44-68 dblp:journals/tches/KrautterGT18 fatcat:i3rkd2uasffohcxpf3ajdv4wze

DOAJ OJS

Based on our primitives, we design and implement LifeLine, a hardware design protection mechanism for FPGAs using hardware/software co-obfuscated cryptography. ... We then describe the design and implementation of novel hardware obfuscation primitives based on the intrinsic structure of FPGAs. ... Technical Background on FPGA Security Bitstream Encryption FPGAs are digital hardware devices that are designed to be userprogrammable after manufacturing. ...

doi:10.46586/tches.v2021.i4.412-446 fatcat:tvapiwiqojhq7hbecgzgk7at5y

DOAJ OJS

One approach to this research problem is to introduce fail-over mechanisms that can detect unexpected or malicious behaviours, caused by attack or malfunction, and pro-actively respond to control and minimise ... A realistic attack scenarios have been considered to derive security policies and enforced by the proposed security platform to provide security and safety to domain-specific features. ... Jacob et al. described a similar attack on the secure boot mechanism on FPGA MP-SoC, which ensures secure system start-up by building chain-of-trust [28] . ...

arXiv:2004.10672v1 fatcat:hda7w26qnzdspp5bmlyd6ku5ze

How to Break Secure Boot on FPGA SoCs Through Malicious Hardware [chapter]

Preserved Fulltext

Secure Boot for Reconfigurable Architectures

Preserved Fulltext

Towards a Safe and Secure Internet of Things Critical Infrastructure

Preserved Fulltext

Survey of Hardware-based Security support for IoT/CPS Systems

Preserved Fulltext

The Forgotten Threat of Voltage Glitching: A Case Study on Nvidia Tegra X2 SoCs [article]

Preserved Fulltext

Other Versions

Virtual Platform to Analyze the Security of a System on Chip at Microarchitectural Level

Preserved Fulltext

Propagating trusted execution through mutual attestation

Preserved Fulltext

MeetGo: A Trusted Execution Environment for Remote Applications on FPGA

Preserved Fulltext

The Unpatchable Silicon: A Full Break of the Bitstream Encryption of Xilinx 7-Series FPGAs [article]

Preserved Fulltext

Hardware Security (Dagstuhl Seminar 16202)

Preserved Fulltext

Integrity Enhancement in Wireless Sensor Networks [chapter]

Preserved Fulltext

HECTOR-V: A Heterogeneous CPU Architecture for a Secure RISC-V Execution Environment [article]

Preserved Fulltext

Other Versions

FPGAhammer: Remote Voltage Fault Attacks on Shared FPGAs, suitable for DFA on AES

Preserved Fulltext

LifeLine for FPGA Protection: Obfuscated Cryptography for Real-World Security

Preserved Fulltext

Embedded Policing and Policy Enforcement based Security in the era of Digital-Physical Convergence for Next-Generation Vehicular Electronics [article]

Preserved Fulltext