Remote dynamic partial reconfiguration: A threat to Internet-of-Things and embedded security applications

Anju Pulikkakudi Johnson; Sikhar Patranabis; Rajat Subhra  Chakraborty; Debdeep Mukhopadhyay

doi:10.1016/j.micpro.2017.06.005

Remote dynamic partial reconfiguration: A threat to Internet-of-Things and embedded security applications

Anju Pulikkakudi Johnson, Sikhar Patranabis, Rajat Subhra Chakraborty, Debdeep Mukhopadhyay

Electronic Engineering

Research output: Contribution to journal › Article › peer-review

Abstract

The advent of the Internet of Things has motivated the use of Field Programmable Gate Array (FPGA) devices with Dynamic Partial Reconfiguration (DPR) capabilities for dynamic non-invasive modifications to circuits implemented on the FPGA. In particular, the ability to perform DPR over the network is essential in the context of a growing number of Internet of Things (IoT)-based and embedded security applications. However, the use of remote DPR brings with it a number of security threats that could lead to potentially catastrophic consequences in practical scenarios. In this paper, we demonstrate four examples where the remote DPR capability of the FPGA may be exploited by an adversary to launch Hardware Trojan Horse (HTH) attacks on commonly used security applications. We substantiate the threat by demonstrating remotely-launched attacks on Xilinx FPGA-based hardware implementations of a cryptographic algorithm, a true random number generator, and two processor-based security applications - namely, a software implementation of a cryptographic algorithm and a cash dispensing scheme. The attacks are launched by on-the-fly transfer of malicious FPGA configuration bitstreams over an Ethernet connection to perform DPR and leak sensitive information. Finally, we comment on plausible countermeasures to prevent such attacks

Original language	English
Pages (from-to)	131-144
Number of pages	14
Journal	Microprocessors and Microsystems
Volume	52
Early online date	8 Jun 2017
DOIs	https://doi.org/10.1016/j.micpro.2017.06.005
Publication status	Published - 1 Jul 2017

Bibliographical note

Access to Document

10.1016/j.micpro.2017.06.005

micpro_IoT
©2017 Elsevier B.V. All rights reserved.This is an author-produced version of the published paper. Uploaded in accordance with the publisher’s self-archiving policy.
Accepted author manuscript, 2.64 MBLicence: CC BY-NC-ND

http://www.sciencedirect.com/science/article/pii/S0141933116303970

Cite this

@article{3c8f7c4424d64a1facdd44d43fe58ebf,

title = "Remote dynamic partial reconfiguration: A threat to Internet-of-Things and embedded security applications",

abstract = "The advent of the Internet of Things has motivated the use of Field Programmable Gate Array (FPGA) devices with Dynamic Partial Reconfiguration (DPR) capabilities for dynamic non-invasive modifications to circuits implemented on the FPGA. In particular, the ability to perform DPR over the network is essential in the context of a growing number of Internet of Things (IoT)-based and embedded security applications. However, the use of remote DPR brings with it a number of security threats that could lead to potentially catastrophic consequences in practical scenarios. In this paper, we demonstrate four examples where the remote DPR capability of the FPGA may be exploited by an adversary to launch Hardware Trojan Horse (HTH) attacks on commonly used security applications. We substantiate the threat by demonstrating remotely-launched attacks on Xilinx FPGA-based hardware implementations of a cryptographic algorithm, a true random number generator, and two processor-based security applications - namely, a software implementation of a cryptographic algorithm and a cash dispensing scheme. The attacks are launched by on-the-fly transfer of malicious FPGA configuration bitstreams over an Ethernet connection to perform DPR and leak sensitive information. Finally, we comment on plausible countermeasures to prevent such attacks",

author = "Johnson, {Anju Pulikkakudi} and Sikhar Patranabis and Chakraborty, {Rajat Subhra} and Debdeep Mukhopadhyay",

note = "{\textcopyright}2017 Elsevier B.V. All rights reserved.This is an author-produced version of the published paper. Uploaded in accordance with the publisher{\textquoteright}s self-archiving policy. ",

year = "2017",

month = jul,

day = "1",

doi = "10.1016/j.micpro.2017.06.005",

language = "English",

volume = "52",

pages = "131--144",

journal = "Microprocessors and Microsystems",

issn = "0141-9331",

publisher = "Elsevier",

}

TY - JOUR

T1 - Remote dynamic partial reconfiguration: A threat to Internet-of-Things and embedded security applications

AU - Johnson, Anju Pulikkakudi

AU - Patranabis, Sikhar

AU - Chakraborty, Rajat Subhra

AU - Mukhopadhyay, Debdeep

PY - 2017/7/1

Y1 - 2017/7/1

N2 - The advent of the Internet of Things has motivated the use of Field Programmable Gate Array (FPGA) devices with Dynamic Partial Reconfiguration (DPR) capabilities for dynamic non-invasive modifications to circuits implemented on the FPGA. In particular, the ability to perform DPR over the network is essential in the context of a growing number of Internet of Things (IoT)-based and embedded security applications. However, the use of remote DPR brings with it a number of security threats that could lead to potentially catastrophic consequences in practical scenarios. In this paper, we demonstrate four examples where the remote DPR capability of the FPGA may be exploited by an adversary to launch Hardware Trojan Horse (HTH) attacks on commonly used security applications. We substantiate the threat by demonstrating remotely-launched attacks on Xilinx FPGA-based hardware implementations of a cryptographic algorithm, a true random number generator, and two processor-based security applications - namely, a software implementation of a cryptographic algorithm and a cash dispensing scheme. The attacks are launched by on-the-fly transfer of malicious FPGA configuration bitstreams over an Ethernet connection to perform DPR and leak sensitive information. Finally, we comment on plausible countermeasures to prevent such attacks

AB - The advent of the Internet of Things has motivated the use of Field Programmable Gate Array (FPGA) devices with Dynamic Partial Reconfiguration (DPR) capabilities for dynamic non-invasive modifications to circuits implemented on the FPGA. In particular, the ability to perform DPR over the network is essential in the context of a growing number of Internet of Things (IoT)-based and embedded security applications. However, the use of remote DPR brings with it a number of security threats that could lead to potentially catastrophic consequences in practical scenarios. In this paper, we demonstrate four examples where the remote DPR capability of the FPGA may be exploited by an adversary to launch Hardware Trojan Horse (HTH) attacks on commonly used security applications. We substantiate the threat by demonstrating remotely-launched attacks on Xilinx FPGA-based hardware implementations of a cryptographic algorithm, a true random number generator, and two processor-based security applications - namely, a software implementation of a cryptographic algorithm and a cash dispensing scheme. The attacks are launched by on-the-fly transfer of malicious FPGA configuration bitstreams over an Ethernet connection to perform DPR and leak sensitive information. Finally, we comment on plausible countermeasures to prevent such attacks

U2 - 10.1016/j.micpro.2017.06.005

DO - 10.1016/j.micpro.2017.06.005

M3 - Article

SN - 0141-9331

VL - 52

SP - 131

EP - 144

JO - Microprocessors and Microsystems

JF - Microprocessors and Microsystems

ER -