|
Field-programmable gate arrays (FPGAs) represent an important computing infrastructure which must be protected from attackers. They are used in a wide variety of applications, including networking routers, satellites, military equipment, and automobiles, among others. The storage of FPGA programming information in memory external to the device creates a natural security weakness which, to date, has primarily been addressed via bitstream encryption. Recent work has shown that bitstream encryption is not impervious to attack and, with sufficient effort, the logical function of some or all of an FPGA design can be determined from a bitstream. This work systematically investigates advanced attacks on FPGA designs and, more importantly, develops sound countermeasures against FPGA design manipulations by determined attackers. To eliminate weaknesses, FPGA security is addressed from a new angle: the use of hardware obfuscation to make the true functionality of an FPGA design nearly indecipherable even if the entire logic-level design can be determined by bitstream reverse engineering. These questions are addressed by first developing a series of search-based computer-aided design tools which can identify security primitives (e.g. crypto primitives) in FPGA design logic-level netlists. As a result of this work, a series of automated tools which allow FPGA circuit designers to obscure the functionality of their subcircuits will be developed. These tools will make malicious design modification significantly more difficult or impossible.
|
TWC: Small: New Directions in Field Programmable Gate Arrays (FPGA) Security