Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems

Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems

Blurring the line between software and hardware, reconfigurable devices strike a balance between the raw high speed of custom silicon and the post-fabrication flexibility of general-purpose processors. While this flexibility is a boon for embedded system developers, who can now rapidly prototype and...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Huffmire, T., Brotherton, B., Gang Wang, Sherwood, T., Kastner, R., Levin, T., Nguyen, T., Irvine, C.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Broadcasting
Control systems
Embedded system
Hardware
Operating systems
Prototypes
Resource management
Security
Silicon
Software prototyping
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 295
container_issue
container_start_page 281
container_title
container_volume
creator Huffmire, T.
Brotherton, B.
Gang Wang
Sherwood, T.
Kastner, R.
Levin, T.
Nguyen, T.
Irvine, C.
description Blurring the line between software and hardware, reconfigurable devices strike a balance between the raw high speed of custom silicon and the post-fabrication flexibility of general-purpose processors. While this flexibility is a boon for embedded system developers, who can now rapidly prototype and deploy solutions with performance approaching custom designs, this results in a system development methodology where functionality is stitched together from a variety of "soft IP cores," often provided by multiple vendors with different levels of trust. Unlike traditional software where resources are managed by an operating system, soft IP cores necessarily have very fine grain control over the underlying hardware. To address this problem, the embedded systems community requires novel security primitives which address the realities of modern reconfigurable hardware. We propose an isolation primitive, moats and drawbridges, that are built around four design properties: logical isolation, interconnect traceability, secure reconfigurable broadcast, and configuration scrubbing. Each of these is a fundamental operation with easily understood formal properties, yet maps cleanly and efficiently to a wide variety of reconfigurable devices. We carefully quantify the required overheads on real FPGAs and demonstrate the utility of our methods by applying them to the practical problem of memory protection.
doi_str_mv 10.1109/SP.2007.28
format Conference Proceeding
fullrecord <record><control><sourceid>ieee_RIE</sourceid><recordid>TN_cdi_ieee_primary_4223233</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>4223233</ieee_id><sourcerecordid>4223233</sourcerecordid><originalsourceid>FETCH-LOGICAL-c252t-202f3940c00102994d91481e8696b745d5c9338c77ad8a60dc91d3c54b62d0b53</originalsourceid><addsrcrecordid>eNotzstOAjEUgOHGSyIiG7du-gKDp6fTmzsEFRKMRDQuSaftkBqYMe0o4e2dRFf_7s9HyDWDMWNgbterMQKoMeoTMkCuRMEQ1Cm5BCWNQF1qdkYGDDQrJDB2QUY5fwIAM1L1GZCP59Z2mdrG01myhypFvw35jk4ausjtznaxbegqxX3s4k-gdZvoa3BtU8ftd7LVLtC5Tf5gU6D3NgdP18fchX2-Iue13eUw-u-QvD8-vE3nxfLlaTGdLAuHArsCAWtuSnA9CdCY0hvWm4OWRlaqFF44w7l2SlmvrQTvDPPcibKS6KESfEhu_r4xhLD56qE2HTclIkfO-S-u8VCw</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems</title><source>IEEE Electronic Library (IEL)</source><creator>Huffmire, T. ; Brotherton, B. ; Gang Wang ; Sherwood, T. ; Kastner, R. ; Levin, T. ; Nguyen, T. ; Irvine, C.</creator><creatorcontrib>Huffmire, T. ; Brotherton, B. ; Gang Wang ; Sherwood, T. ; Kastner, R. ; Levin, T. ; Nguyen, T. ; Irvine, C.</creatorcontrib><description>Blurring the line between software and hardware, reconfigurable devices strike a balance between the raw high speed of custom silicon and the post-fabrication flexibility of general-purpose processors. While this flexibility is a boon for embedded system developers, who can now rapidly prototype and deploy solutions with performance approaching custom designs, this results in a system development methodology where functionality is stitched together from a variety of "soft IP cores," often provided by multiple vendors with different levels of trust. Unlike traditional software where resources are managed by an operating system, soft IP cores necessarily have very fine grain control over the underlying hardware. To address this problem, the embedded systems community requires novel security primitives which address the realities of modern reconfigurable hardware. We propose an isolation primitive, moats and drawbridges, that are built around four design properties: logical isolation, interconnect traceability, secure reconfigurable broadcast, and configuration scrubbing. Each of these is a fundamental operation with easily understood formal properties, yet maps cleanly and efficiently to a wide variety of reconfigurable devices. We carefully quantify the required overheads on real FPGAs and demonstrate the utility of our methods by applying them to the practical problem of memory protection.</description><identifier>ISSN: 1081-6011</identifier><identifier>ISBN: 0769528481</identifier><identifier>ISBN: 9780769528489</identifier><identifier>EISSN: 2375-1207</identifier><identifier>DOI: 10.1109/SP.2007.28</identifier><language>eng</language><publisher>IEEE</publisher><subject>Broadcasting ; Control systems ; Embedded system ; Hardware ; Operating systems ; Prototypes ; Resource management ; Security ; Silicon ; Software prototyping</subject><ispartof>2007 IEEE Symposium on Security and Privacy (SP '07), 2007, p.281-295</ispartof><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c252t-202f3940c00102994d91481e8696b745d5c9338c77ad8a60dc91d3c54b62d0b53</citedby></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/4223233$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,776,780,785,786,792,2051,27904,54736,54898</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/4223233$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Huffmire, T.</creatorcontrib><creatorcontrib>Brotherton, B.</creatorcontrib><creatorcontrib>Gang Wang</creatorcontrib><creatorcontrib>Sherwood, T.</creatorcontrib><creatorcontrib>Kastner, R.</creatorcontrib><creatorcontrib>Levin, T.</creatorcontrib><creatorcontrib>Nguyen, T.</creatorcontrib><creatorcontrib>Irvine, C.</creatorcontrib><title>Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems</title><title>2007 IEEE Symposium on Security and Privacy (SP '07)</title><addtitle>SP</addtitle><description>Blurring the line between software and hardware, reconfigurable devices strike a balance between the raw high speed of custom silicon and the post-fabrication flexibility of general-purpose processors. While this flexibility is a boon for embedded system developers, who can now rapidly prototype and deploy solutions with performance approaching custom designs, this results in a system development methodology where functionality is stitched together from a variety of "soft IP cores," often provided by multiple vendors with different levels of trust. Unlike traditional software where resources are managed by an operating system, soft IP cores necessarily have very fine grain control over the underlying hardware. To address this problem, the embedded systems community requires novel security primitives which address the realities of modern reconfigurable hardware. We propose an isolation primitive, moats and drawbridges, that are built around four design properties: logical isolation, interconnect traceability, secure reconfigurable broadcast, and configuration scrubbing. Each of these is a fundamental operation with easily understood formal properties, yet maps cleanly and efficiently to a wide variety of reconfigurable devices. We carefully quantify the required overheads on real FPGAs and demonstrate the utility of our methods by applying them to the practical problem of memory protection.</description><subject>Broadcasting</subject><subject>Control systems</subject><subject>Embedded system</subject><subject>Hardware</subject><subject>Operating systems</subject><subject>Prototypes</subject><subject>Resource management</subject><subject>Security</subject><subject>Silicon</subject><subject>Software prototyping</subject><issn>1081-6011</issn><issn>2375-1207</issn><isbn>0769528481</isbn><isbn>9780769528489</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2007</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNotzstOAjEUgOHGSyIiG7du-gKDp6fTmzsEFRKMRDQuSaftkBqYMe0o4e2dRFf_7s9HyDWDMWNgbterMQKoMeoTMkCuRMEQ1Cm5BCWNQF1qdkYGDDQrJDB2QUY5fwIAM1L1GZCP59Z2mdrG01myhypFvw35jk4ausjtznaxbegqxX3s4k-gdZvoa3BtU8ftd7LVLtC5Tf5gU6D3NgdP18fchX2-Iue13eUw-u-QvD8-vE3nxfLlaTGdLAuHArsCAWtuSnA9CdCY0hvWm4OWRlaqFF44w7l2SlmvrQTvDPPcibKS6KESfEhu_r4xhLD56qE2HTclIkfO-S-u8VCw</recordid><startdate>20070101</startdate><enddate>20070101</enddate><creator>Huffmire, T.</creator><creator>Brotherton, B.</creator><creator>Gang Wang</creator><creator>Sherwood, T.</creator><creator>Kastner, R.</creator><creator>Levin, T.</creator><creator>Nguyen, T.</creator><creator>Irvine, C.</creator><general>IEEE</general><scope>6IE</scope><scope>6IH</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIO</scope></search><sort><creationdate>20070101</creationdate><title>Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems</title><author>Huffmire, T. ; Brotherton, B. ; Gang Wang ; Sherwood, T. ; Kastner, R. ; Levin, T. ; Nguyen, T. ; Irvine, C.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c252t-202f3940c00102994d91481e8696b745d5c9338c77ad8a60dc91d3c54b62d0b53</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2007</creationdate><topic>Broadcasting</topic><topic>Control systems</topic><topic>Embedded system</topic><topic>Hardware</topic><topic>Operating systems</topic><topic>Prototypes</topic><topic>Resource management</topic><topic>Security</topic><topic>Silicon</topic><topic>Software prototyping</topic><toplevel>online_resources</toplevel><creatorcontrib>Huffmire, T.</creatorcontrib><creatorcontrib>Brotherton, B.</creatorcontrib><creatorcontrib>Gang Wang</creatorcontrib><creatorcontrib>Sherwood, T.</creatorcontrib><creatorcontrib>Kastner, R.</creatorcontrib><creatorcontrib>Levin, T.</creatorcontrib><creatorcontrib>Nguyen, T.</creatorcontrib><creatorcontrib>Irvine, C.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan (POP) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP) 1998-present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Huffmire, T.</au><au>Brotherton, B.</au><au>Gang Wang</au><au>Sherwood, T.</au><au>Kastner, R.</au><au>Levin, T.</au><au>Nguyen, T.</au><au>Irvine, C.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems</atitle><btitle>2007 IEEE Symposium on Security and Privacy (SP '07)</btitle><stitle>SP</stitle><date>2007-01-01</date><risdate>2007</risdate><spage>281</spage><epage>295</epage><pages>281-295</pages><issn>1081-6011</issn><eissn>2375-1207</eissn><isbn>0769528481</isbn><isbn>9780769528489</isbn><abstract>Blurring the line between software and hardware, reconfigurable devices strike a balance between the raw high speed of custom silicon and the post-fabrication flexibility of general-purpose processors. While this flexibility is a boon for embedded system developers, who can now rapidly prototype and deploy solutions with performance approaching custom designs, this results in a system development methodology where functionality is stitched together from a variety of "soft IP cores," often provided by multiple vendors with different levels of trust. Unlike traditional software where resources are managed by an operating system, soft IP cores necessarily have very fine grain control over the underlying hardware. To address this problem, the embedded systems community requires novel security primitives which address the realities of modern reconfigurable hardware. We propose an isolation primitive, moats and drawbridges, that are built around four design properties: logical isolation, interconnect traceability, secure reconfigurable broadcast, and configuration scrubbing. Each of these is a fundamental operation with easily understood formal properties, yet maps cleanly and efficiently to a wide variety of reconfigurable devices. We carefully quantify the required overheads on real FPGAs and demonstrate the utility of our methods by applying them to the practical problem of memory protection.</abstract><pub>IEEE</pub><doi>10.1109/SP.2007.28</doi><tpages>15</tpages><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 1081-6011
ispartof 2007 IEEE Symposium on Security and Privacy (SP '07), 2007, p.281-295
issn 1081-6011
2375-1207
language eng
recordid cdi_ieee_primary_4223233
source IEEE Electronic Library (IEL)
subjects Broadcasting
Control systems
Embedded system
Hardware
Operating systems
Prototypes
Resource management
Security
Silicon
Software prototyping
title Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-24T12%3A37%3A00IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Moats%20and%20Drawbridges:%20An%20Isolation%20Primitive%20for%20Reconfigurable%20Hardware%20Based%20Systems&rft.btitle=2007%20IEEE%20Symposium%20on%20Security%20and%20Privacy%20(SP%20'07)&rft.au=Huffmire,%20T.&rft.date=2007-01-01&rft.spage=281&rft.epage=295&rft.pages=281-295&rft.issn=1081-6011&rft.eissn=2375-1207&rft.isbn=0769528481&rft.isbn_list=9780769528489&rft_id=info:doi/10.1109/SP.2007.28&rft_dat=%3Cieee_RIE%3E4223233%3C/ieee_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=4223233&rfr_iscdi=true