A Security Model for Reconfigurable Microcomputers

نویسندگان

  • Richard Neil Pittman
  • Alessandro Forin
چکیده

We define a security model for FPGAs that provides virtualization and sharing of the reconfigurable fabric. The approach is to encapsulate the reconfigurable fabric within the context of a standard OS process, separated from the security-sensitive resources iff the process is a user-mode one. The key elements of the model are the software application loader and the physical interface between the processor and reconfigurable fabric. The basic approach is to virtualize the reconfigurable fabric by encapsulating it within the virtual memory confines of the application process(es) that uses it. A fabric configuration file must pass a number of security checks before it gains the trust of the system software. The system loader only loads images signed by a locally recognized entity and applies standard tamper detection tests to the executable images and to the fabric configuration files. Before the fabric is loaded, the interconnection points in the configuration file are checked for location, direction, and routing of the signals that cross the interface to the processor. System software applies functional tests before enabling a minimal set of signals and the full interface only after the file passes additional tests. Privileged signals are only available for certified privileged-mode fabric configurations. We implemented the model in the eMIPS dynamically extensible processor [25]. A standard MIPS ISA operates in conjunction with one or more reconfigurable Extension slots. Applications of eMIPS include zero-overhead online software verification, application-specific hardware accelerators, a secure and extensible software debugger, and loadable I/O peripherals and bus interfaces. The new functionality supports additional security defenses. Two instances include debugging support and intrusion detection.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Planning and Operation of the Active and Reactive sources Constrained to Voltage Security in the Reconfigurable Smart Distribution Network

One of the most important objectives of smart distribution networks (SDNs) is to achieve a secure and reliable network. This can be realized by optimal operation in the presence of active power sources such as the distributed generations (DGs), reactive power sources such as switched capacitor bank (SCB), active loads such as the demand response program (DRP), and various network management str...

متن کامل

A maintenance system model for optimal reconfigurable vibrating screen management

The reconfigurable vibrating screen (RVS) machine is an innovative beneficiation machine designed for screening different mineral particles of varying sizes and volumes required by the customers’ through the geometric transformation of its screen structure. The successful RVS machine upkeep requires its continuous, availability, reliability and maintainability. The RVS machine downtime, which c...

متن کامل

Real Time Dynamic Simulation of Power System Using Multiple Microcomputers

Recent developments in the design and manufacture of microcomputers together with improved simulation techniques make it possible to achieve the speed and accuracy required for the dynamic simulation of power systems in real time. This paper presents some experimental results and outlines new ideas on hardware architecture, mathematical algorithms and software development for this purpose. The ...

متن کامل

Reconfigurable Cryptography: A Flexible Approach to Long-Term Security

We put forward the concept of a reconfigurable cryptosystem. Intuitively, a reconfigurable cryptosystem allows to increase the security of the system at runtime, by changing a single central parameter we call common reference string (CRS). In particular, e.g., a cryptanalytic advance does not necessarily entail a full update of a large public-key infrastructure; only the CRS needs to be updated...

متن کامل

84-01-35 Client/Server Security With Mainframe Access

Microcomputers (clients), local area networks, and mainframes (servers) should be combined into a cooperative processing structure, because such a structure can leverage the advantages of each technology. The success of this type of system depends on the effective distribution of data on the client and server components. This article discusses a client/server system that connects clients throug...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2008