Title: SeReCon: a secure reconfiguration controller for self-reconfigurable systems

Authors: Krzysztof Kepa, Fearghal Morgan, Krzysztof Kosciuszkiewicz, Tomasz Surmacz

Addresses: Bio-Inspired and Reconfigurable Computing (BIRC) Group, Electrical and Electronic Engineering, National University of Ireland, Nun's Island, Galway, Ireland. ' Bio-Inspired and Reconfigurable Computing (BIRC) Group, Electrical and Electronic Engineering, National University of Ireland, Nun's Island, Galway, Ireland. ' Bio-Inspired and Reconfigurable Computing (BIRC) Group, Electrical and Electronic Engineering, National University of Ireland, Nun's Island, Galway, Ireland. ' Institute of Computer Engineering, Control and Robotics (CECR), Wroclaw University of Technology, Janiszewskiego 11-17, 50-372 Wroclaw, Poland

Abstract: A risk of covert insertion of circuitry into reconfigurable computing (RC) systems exists. This paper reviews risks of hardware attack on field programmable gate array (FPGA)-based RC systems and proposes a method for secure system credentials generation (unique, random and partially anonymous) and trusted self-reconfiguration, using a secure reconfiguration controller (SeReCon) and partial reconfiguration (PR). SeReCon provides a root of trust (RoT) for RC systems, incorporating novel algorithms for security credentials generation and trusted design verification. Credentials are generated internally, during system certification. The private credential element never leaves the SeReCon security perimeter. To provide integrity-maintaining self-reconfiguration, SeReCon performs analysis of each new IP core structure prior to reconfiguration. An unverified IP core can be used provided that its spatial isolation is retained. SeReCon provides encrypted storage for installed IP cores. Resource usage for a prototype SeReCon system is presented. The protection provided by SeReCon is illustrated in a number of security attack scenarios.

Keywords: field programmable gate arrays; FPGA; partial reconfiguration; reconfigurable computing; trusted computing; critical embedded systems; design security; design assurance; design integrity; critical computing; self-reconfiguration; reconfiguration control; hardware attacks.

DOI: 10.1504/IJCCBS.2010.031707

International Journal of Critical Computer-Based Systems, 2010 Vol.1 No.1/2/3, pp.86 - 103

Published online: 21 Feb 2010 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article