Hardware Support for Trustworthy Systems
description
Transcript of Hardware Support for Trustworthy Systems
![Page 1: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/1.jpg)
Hardware Support for Trustworthy Systems
Ted HuffmireACACES 2012Fiuggi, Italy
![Page 2: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/2.jpg)
Disclaimer
• The views presented in this course are those of the speaker and do not necessarily reflect the views of the United States Department of Defense.
![Page 3: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/3.jpg)
Lecture 3 Overview
• Apply primitives to memory protection• Design Example
![Page 4: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/4.jpg)
Memory Protection
• Apply primitives to memory protection• Design Example
![Page 5: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/5.jpg)
Memory Protection
• Goal: Allow cores to share memory securely• Opportunity: Leverage the benefits of
hardware• A reconfigurable reference monitor enforces a
policy that specifies the legal sharing of memory
![Page 6: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/6.jpg)
FPGA Chip
Memory Protection
SDRAM (off-chip)
DRAM
DRAM
DRAM
DRAM
DRAM
DRAM
DRAM
DRAM
DRAM
DRAM
DRAM
DRAM
Crypto Core
CPU Core
CPU Core
AESAES
Reference Monitor
X
XReference M
onitor
![Page 7: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/7.jpg)
Memory Protection
• Goal: Allow cores to share memory securely• Opportunity: Leverage the benefits of
hardware• A reconfigurable reference monitor enforces a
policy that specifies the legal sharing of memory
![Page 8: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/8.jpg)
A Memory Protection Language
• All modules on chip must obey a memory access policy
• Memory protection policies are expressed in the language
• Compiler translates the policy to a circuit
![Page 9: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/9.jpg)
Formal Top Level Specification (FTLS)
• A precise language of legal accesses– Subjects (Modules)–Access Rights–Objects (Memory Ranges)
• Fixed (Stateless) Models• Transitional (Stateful) Models
![Page 10: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/10.jpg)
Isolation Example• A fixed (stateless) model• Each core is restricted to a fixed range (or set of ranges) of
memory• Each range can only be assigned to one core• Access{Module1,rw,Range1} | {Module2,rw,Range2};• Policy(Access)*;
Module1
Range1
Compartment 1
rw
Module2
Range2
Compartment 2
rw
![Page 11: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/11.jpg)
Policy Compiler• 1. Policy FTLS:
– Access{Module1,rw,Range1} | {Module2,rw,Range2};– Policy(Access)*;
• 2. Regular Expression:– ({Module1,rw,Range1} | {Module2,rw,Range2})*
• 3. Minimized DFA:• 4. Verilog HDL:
– case({module_id,op,r1,r2})• 9’b011110: //Module1,rw,Range1
– state=s0;• 9’b101101: //Module2,rw,Range2
– state=s0;• default:
– state=s1; //reject– endcase
init
0{M1,rw,R1},{M2,rw,R2}
![Page 12: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/12.jpg)
Policy Compiler Design FlowPolicy Compiler Design Flow
![Page 13: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/13.jpg)
Enforcement Module
• Parallel search
![Page 14: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/14.jpg)
What we have done
• Automated design flow from FTLS to synthesized circuit
• Language has a well-defined grammar• Powerful enough to express a variety of
policies that we have compiled and tested
![Page 15: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/15.jpg)
Methodology
• Constructed several isolation policies– Varied the number of ranges
• Used Quartus to synthesize• Measured:– Area (Logic Cells)– Setup Time– Cycle Time
Range
State
Tsu
Tc
![Page 16: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/16.jpg)
Synthesis Results
![Page 17: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/17.jpg)
Possible Storage Channel
M1 M2R1: r_ r_R2: __ _w
R2: __ r_
M1 M2R1: r_ __
{M1,r,R1} {M1,r,R1}
Step 1: Module2 can read Range1
Step 2: Module1 changes the state by reading Range1
Step 3: Module2 can no longer read Range1
Step 4: Module1 changes the state by reading Range1
init
![Page 18: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/18.jpg)
A Higher Level Language• Input
– High;– Module1TS;– Module2U;– Range1U;– Range2U;
• Output– Trigger1{M1,w,R1};– Trigger2{M1,w,R2};– Access0{M1,r,R1} |{M1,r,R2}|{M2,rw,R1}|{M2,rw,R2};– Access1{M1,rw,R1} |{M1,r,R2}|{M2,w,R1}|{M2,rw,R2};– Access12{M1,rw,R1}|{M1,rw,R2}|{M2,w,R1}|{M2,w,R2};– Access2{M1,r,R1}|{M1,rw,R2}|{M2,w,R1}|{M2,w,R2};– Access21{M1,rw,R1}|{M1,rw,R2}|{M2,w,R1}|{M2,w,R2};– Path1 (|Trigger1 Access1* ( |Trigger2 Access12*));– Path2 (|Trigger2 Access2* ( |Trigger1 Access21*));– PolicyAccess0* (|Path1|Path2);
![Page 19: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/19.jpg)
Design Example
• Apply primitives to memory protection• Design example
![Page 20: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/20.jpg)
Goals of Design Example
• Evaluate security primitives for reconfigurable hardware
• Build a real system with multiple cores• Design a security policy for the system• Efficient memory system performance• Programmatic interface to system
![Page 21: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/21.jpg)
System Overview
OPB
ublaze 1 ublaze 1
Ref Monitor/Arbiter
Shared External Memory
AES Core
RS232 Ethernet
![Page 22: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/22.jpg)
Security Policy
• Range0[0x41400000,0x4140ffff]; (Debug)• Range1[0x28000000,0x28000777]; (AES1)• Range2[0x28000800,0x28000fff]; (AES2)• Range3[0x24000000,0x24777777]; (DRAM1)• Range4[0x24800000,0x24ffffff]; (DRAM2)• Range5[0x40600000,0x4060ffff]; (RS-232)• Range6[0x40c00000,0x40c0ffff]; (Ethernet)• Range7[0x28000004,0x28000007]; (Ctrl_Word1)• Range8[0x28000008,0x2800000f]; (Ctrl_Word2)• Range9[0x28000000,0x28000003]; (Ctrl_WordAES)
![Page 23: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/23.jpg)
Security Policy• Access0{M1,rw,R5}|{M2,rw,R6}|{M1,rw,R3}• |{M2,rw,R4}|{M1,rw,R0}|{M2,rw,R0};• Access1Access0|{M1,rw,R1}|{M1,rw,R9};• Access2Access0|{M2,rw,R1}|{M2,rw,R9};• Trigger0{M1,w,R7};• Trigger1{M1,w,R8};• Trigger2{M2,w,R7};• Trigger3{M2,w,R8};• Expr1Access0|Trigger3Access2*Trigger4;• Expr2Access1|Trigger2Expr1*Trigger1;• Expr3Expr1*Trigger1Expr2*;• PolicyExpr1*|Expr1*Trigger3Access2*• |Expr3Trigger2Expr1*Trigger3Access2*• |Expr3Trigger2Expr1*|Expr3|;
![Page 24: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/24.jpg)
Security Policy DFA
![Page 25: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/25.jpg)
User Interface• Currently using Hyperterminal to
connect to AES core via serial connection– Tested using 128 bit key & data
manually parsed into 32 bit lines and sent via hyperterminal.
s5816160000ce537f5e5a567cc9966d92590336763e6a118a874519e64e9963798a503f1d35
![Page 26: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/26.jpg)
User Interface
• Progress– Implemented User Interface was implemented in
C++.• SERIAL OR ETHERNET? [1-SERIAL][2-ETHERNET]• ENCRYPT OR DECRYPT? [1-ENCRYPT][2-DECRYPT]• INPUT FILENAME:• KEY FILENAME:• OUTPUT SENT TO OUTPUT.TXT
![Page 27: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/27.jpg)
Conclusions
• Fabric of computing is changing• FPGAs are growing in importance• Efficient security primitives are possible to
build in reconfigurable hardware
![Page 28: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/28.jpg)
Future Work
• Multi-Core Security• Our methods can also be applied to the non-
reconfigurable domain• Modern FPGAs have multiple CPUs on one
chip• Reference monitor can be hard-wired
![Page 29: Hardware Support for Trustworthy Systems](https://reader035.fdocuments.us/reader035/viewer/2022081520/56815a62550346895dc7a0a3/html5/thumbnails/29.jpg)
Lecture 3 Reading
• [Conference Version] Policy-Driven Memory Protection for Reconfigurable Hardware• http://dl.acm.org/citation.cfm?id=2163301
• [Journal Version] Managing Security in FPGA-Based Embedded Systems• http://dx.doi.org/10.1016/j.cose.2008.05.002