Field Programmable Gate Arrays (FPGAs) were introduced in the late 1980s and have grown in capacity and complexity since then. FPGAs include high-speed transceivers, megabytes of memory, millions of logic gates, multicore processors, and analog interfaces. Typically, FPGA applications include industrial control systems, high-performance signal processing, digital communication, and databases. Most of these applications handle large volumes of vulnerable and sensitive data. Therefore, FPGA vendors and engineers must safeguard these applications. Let’s review some of the different aspects of FPGA security.
Getting to Know an FPGA
A field-programmable gate array (FPGA) is an integrated circuit (IC) designed to be configured by a customer or a designer after manufacturing – hence the term field-programmable. It encompasses numerous programmable logic gates, memory, and other components. They are often sold off-the-shelf and allow customers to reconfigure the hardware to meet their specific needs after the manufacturing process.
The FPGA configuration is usually specified using a hardware description language (HDL), much like an application-specific integrated circuit (ASIC). FPGAs are used for multiple applications and include consumer electronics like autonomous vehicles, smartphones, cameras, security systems, and more. FPGA commercial usages include servers and verticals like medical electronics, military systems, and aerospace.
There’s a growing trend among our customers using FPGAs in areas such as accelerated cloud services, machine learning, platform firmware resilience, and the Internet of Things (IoT). Apart from that, we have noticed that FPGAs help to facilitate the development of significant open-source hardware projects such as OpenTitan, RISC-V, and more.
1. Distinctive Facets of FPGA Security
Loading a bitstream file into the FPGA is known as FPGA programming. Typically, a bitstream file includes the binary sequence for the FPGA design. Bitstreams are susceptible to the same security perils as regular software, including malware, unauthorized copy, and Intellectual Property (IP) theft. Cybercriminals can reverse engineer or replicate FPGA applications by intercepting the bitstream, reading the internal memory, or extracting the protective cover of the chip.
2. Ecosystem and the Cost of Security
FPGA security design presumes that the attacker has physical access to the device and may implement any electrical, physical, or replay attacks. If the attacker does not have physical access, the containing system can ensure security by monitoring all FPGA access points. In this case, internal FPGA security is not required. Nevertheless, this methodology is not practical in commercial systems since hackers usually have an economic intent, such as IP theft.
3. FPGA Security Threats
FPGA defense or security assaults can damage FPGA-based systems, causing significant data loss and IP theft. Every attack involves various security features. The critical FPGA attacks can be divided into the following categories.
A cybercriminal can reverse engineer the bitstream to retrieve the circuit design that it employs. Reverse engineering attacks are employed to duplicate and realize the functionality of that application. Likewise, reverse engineering may be used to harm the application by introducing malware. Reverse engineering attacks on FPGA bitstreams are problematic because FPGA vendors do not have a compatible bitstream. Consequently, every new FPGA device involves a new bitstream reverse engineering endeavor.
- Cloning and Overbuilding
In cloning, attackers duplicate the FPGA programming. Then they utilize the bitstream in an indistinguishable device and sell it as their own. Cloning may be relevant to the complete design or a design subgroup. In overbuilding, the attacker is usually a genuine contract manufacturer that employs an active bitstream to develop their systems. Then the attackers sell those systems without the designer’s authorization. In both cases, the attacker does not need comprehensive design knowledge.
In tampering, the attacker alters the application design. By tampering, the attacker can insert logic that leaks data from an application or deactivates parts of the application. Tampering may also need reverse engineering since it involves set values in the bitstream.
In spoofing, the attacker switches the initial FPGA bitstream with their own. That bitstream can consist of elements from reverse engineering or cloning. A spoofed application may compromise any FPGA-based system.
4. Information Security
The fundamental facets of information security are authentication, integrity, and confidentiality. FPGA security's primary focus is authentication, integrity, and privacy.
It is usually a one-way communication channel between data transfer from the bitstream file to the FPGA. Robust authentication involves a Message Authentication Code (MAC), a cryptographic hash function calculated over the whole message. Authentication creates trust in the running application since the process validates that the application has not been deliberately or accidentally altered.
Bitstream data integrity is the capability to ensure that a design has not been inadvertently altered. A poorly programmed FPGA may facilitate a connection between two large internal drivers. This design defect can harm the chip by affecting it to create extreme heat and current.
Big FPGA designs can include valuable IPs. IP encryption and Bitstream restrict a competitor from stealing that information. However, encryption can also deliver trust assurance by requesting a suitable key to access the FPGA designs.
FPGAs will let developers choose if they intend to encrypt the bitstream or not. It is effective during the integration or testing stages. However, you need to enable encryption when the system is deployed. The option to deactivate encryption subjects the device to attacks like Trojan insertion.
As FPGAs increase in capability, the applications develop in value, driving the need for more robust security. Since the FPGA application design is incorporated in a design file, FPGA developers must utilize information security attributes like encryption in their design. It is well known that FPGAs are deployed in hostile ecosystems, and you need to enhance protocols and execute secure designs. These include not only encrypting configuration files but also developing fault-tolerant design approaches.
ACL Digital has the in-house skills needed to develop, verify, and take to market complex, reliable FPGA-based products for the most demanding markets. From RTL design to IP integration and more, our experts have the necessary expertise to handle these areas. Contact us for more details.
Getting to Know an FPGA: https://en.wikipedia.org/wiki/Field-programmable_gate_array