 |
Conference papers
Security enhancements for FPGA-based MPSoCs: a boot-to-runtime protection flow for an embedded Linux-based system
Abstract : Nowadays, embedded systems become more and more complex: the hardware/software codesign approach is a method to create such systems in a single chip which can be based on reconfigurable technologies such as FPGAs (Field-Programmable Gate Arrays). In such systems, data exchanges are a key point as they convey critical and confidential information and data are transmitted between several hardware modules and software layers. In case of an FPGA development life cycle, OS (Operating System) / data updates as runtime communications can be done through an insecure link: attackers can use this medium to make the system misbehave (malicious injection) or retrieve bitstream-related information (eavesdropping). Recent works propose solutions to securely boot a bitstream and the associated OS while runtime transactions are not protected. This work proposes a full boot-to-runtime protection flow of an embedded Linux kernel during boot and confidentiality/integrity protection of the external memory containing the kernel and the main application code/data. This work shows that such a solution with hardware components induces an area occupancy of 10% of a xc6vlx240t Virtex-6 FPGA while having an improved throughput for Linux booting and lowlatency security for runtime protection.
Cited literature [15 references]
https://hal.archives-ouvertes.fr/hal-00750339
Contributor : Cotret Pascal <>
Submitted on : Saturday, November 10, 2012 - 10:33:39 AM
Last modification on : Tuesday, August 25, 2020 - 11:51:52 AM
Long-term archiving on: : Monday, February 11, 2013 - 2:45:11 AM
Contributor : Cotret Pascal <>
Submitted on : Saturday, November 10, 2012 - 10:33:39 AM
Last modification on : Tuesday, August 25, 2020 - 11:51:52 AM
Long-term archiving on: : Monday, February 11, 2013 - 2:45:11 AM
File
recosoc2012_cotret.pdf
Files produced by the author(s)