# Reconfigurable Hardware for High-Security/High-Performance Embedded Systems The SAFES Perspective

Authors:

Guy Gogniat<sup>1</sup>, Tilman Wolf<sup>2</sup>, Wayne Burleson<sup>2</sup>, Jean-Philippe Diguet<sup>1</sup>, Lilian Bossuet<sup>3</sup>, and Romain Vaslin<sup>2</sup>

Presented by: Brian Woods UNCC February 14, 2013

> <sup>1</sup>University of South Britanny <sup>2</sup>University of Massachusetts

<sup>3</sup>University of Bordeaux

Brian Woods(UNCC)

Reconfigurable Hardware for High-Security/High-Performance Embedded Systems

## Overview

- Motivation
- Background
- Related Work
- Introduction
- Main Architecture
- Experiment Set Up
- Results
- Conclusions
- References

## Motivation

- People feel security is big concern. 52% for phones and 47% said that credit card security concerns is an obstacle prevents mCommerce [1].
- Increasing useage of mobilty devices like:
  - Personal Digital Assistants (PDAs)
  - Cellphones
  - Other Personal Mobile Deives (PMDs)
- Growing computational power for cracking data

## Background



#### Figure: Types of Attacks[2]

Brian Woods(UNCC) Reconfigurable Hardware for High-Security/High-Performance Embedded Systems 4 / 11

#### Background

- Only focus on hardware attacks
- System needs to be:

Symptom-free No data leaks to disable passive attacks Security-aware Aware of it's state and vulnerabilities Activity-aware Must detect irregularities with sensors Agile Able to predict or quickly detect an attack and to act fast to update securtiy measures Robust Tamper tolerant to resist physical attacks

- High performance
- Power aware/efficent

- Processor bassed methods, but this is costly in resources
- Using accelerators/coproccessors but these don't address the attack issues
- Engery efficency, but like the above they don't consider attacks
- Programmable accelerators have been used but not to detect and change the configuration

## SAFES Architecture

- System on a chip with with reconfigurable logic
- The reconfigurable logic can be dynamically reconfigured
- Monitors to detect attacks
  - Power monitor
  - Clock monitor
  - Bus monitor
  - Channel monitor
  - Primitive monitor

## SAFES Architecture



Figure: High level Overview[2]

Brian Woods(UNCC)

# Reconfigurable Motivation

- Acceleration of security algorithms
- Flexibility over application specific circuits
- Configuration can vary for:
  - Throughput
  - Latency
  - Area
  - Reliability
  - Power

# Reconfigurable Architecture

- Processer acts at the master
- Reconfigurable logic is split into security primitives
- Main components of the security primitives are:
  - Datapath
  - Security Primitive Controller (SPC)
    - Communicates to the processor for function of the datapata
    - Reconfigures the datapath
    - Memory mapped
  - System Security Controller (SSC)
    - Monitors the datapath
    - Checks the system state through themonitors
    - Main goal is to detect attacks against the primitive
    - Memory mapped

- [1] epaynews.com, ePaynews.com payment news and resource center -Statistics for Mobile Commerce, http://www.epaynews.com/statistics/mcommstats.html, 2004
- T. Wolf et al, Reconfigurable Hardware for High-Security/High-Performance Embedded Systems: The SAFES Perspective, Very Large Scale Integration (VLSI) Systems, IEEE Transactions on , vol.16, no.2, pp.144-155, Feb. 2008