Skip to Main content Skip to Navigation
Conference papers

Security enhancements for FPGA-based MPSoCs: a boot-to-runtime protection flow for an embedded Linux-based system

Abstract : Nowadays, embedded systems become more and more complex: the hardware/software codesign approach is a method to create such systems in a single chip which can be based on reconfigurable technologies such as FPGAs (Field-Programmable Gate Arrays). In such systems, data exchanges are a key point as they convey critical and confidential information and data are transmitted between several hardware modules and software layers. In case of an FPGA development life cycle, OS (Operating System) / data updates as runtime communications can be done through an insecure link: attackers can use this medium to make the system misbehave (malicious injection) or retrieve bitstream-related information (eavesdropping). Recent works propose solutions to securely boot a bitstream and the associated OS while runtime transactions are not protected. This work proposes a full boot-to-runtime protection flow of an embedded Linux kernel during boot and confidentiality/integrity protection of the external memory containing the kernel and the main application code/data. This work shows that such a solution with hardware components induces an area occupancy of 10% of a xc6vlx240t Virtex-6 FPGA while having an improved throughput for Linux booting and lowlatency security for runtime protection.
Complete list of metadatas

Cited literature [15 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-00750339
Contributor : Cotret Pascal <>
Submitted on : Saturday, November 10, 2012 - 10:33:39 AM
Last modification on : Tuesday, August 25, 2020 - 11:51:52 AM
Long-term archiving on: : Monday, February 11, 2013 - 2:45:11 AM

File

recosoc2012_cotret.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-00750339, version 1

Citation

Pascal Cotret, Florian Devic, Guy Gogniat, Benoit Badrignans, Lionel Torres. Security enhancements for FPGA-based MPSoCs: a boot-to-runtime protection flow for an embedded Linux-based system. ReCoSoC: Reconfigurable Communication-centric Systems-on-Chip, Jul 2012, York, United Kingdom. pp.1-8. ⟨hal-00750339⟩

Share

Metrics

Record views

1830

Files downloads

638