Providing Tamper-Secure SoC Updates through Reconfigurable Hardware

Streit FJ, Wildermann S, Pschyklenk M, Teich J (2021)

Publication Language: English

Publication Type: Conference contribution, Conference Contribution

Publication year: 2021

Publisher: Springer Computer Science Proceedings

Conference Proceedings Title: Springer Proceedings of the 17th International Symposium on Applied Reconfigurable Computing

Event location: Rennes, France FR

ISBN: 978-3-030-79025-7

DOI: 10.1007/978-3-030-79025-7_17

Abstract

Remote firmware updates have become the de facto standard to guarantee a secure deployment of often decentrally operated IoT devices. However, the transfer and the provision of updates are considered as highly security-critical. Immunity requirements, such as the authenticity of the update provider and the integrity and confidentiality of the content typically loaded from an external cloud server over an untrusted network are therefore mandatory. This is especially true for FPGA-based programmable System-on-Chip (PSoC) architectures, as they are ideal implementation candidates for products with a long lifetime due to their adaptivity of both software and hardware configurations. In this paper, we propose a methodology for securely updating PSoC architectures by exploiting the reconfigurable logic of the FPGA. In the proposed approach, the FPGA serves as a secure anchor point by performing the required authenticity and integrity checks before granting the system update to be installed. In particular, a hardware design called Trusted Update Unit (TUU) is defined that is loaded from memory for the duration of an update session to first verify the identity of an external update provider and then, based on this verification, to establish a secure channel for protected data transfers. The proposed approach is also able to secure the confidentiality of cryptographic keys even if the software of the PSoC is compromised by applying them only as device-intrinsic secrets. Finally, an implementation of the approach on a Xilinx Zynq PSoC is described and evaluated for the design objectives performance and resource costs.

Authors with CRIS profile

Franz-Josef Streit Lehrstuhl für Informatik 12 (Hardware-Software-Co-Design) Stefan Wildermann Lehrstuhl für Informatik 12 (Hardware-Software-Co-Design) Jürgen Teich Lehrstuhl für Informatik 12 (Hardware-Software-Co-Design)

Related research project(s)

Security Concepts for PSoCs (SecPSoCs) Aug. 1, 2018 - July 31, 2020

Involved external institutions

Schaeffler Technologies AG & Co. KG DE Germany (DE)

How to cite

APA:

Streit, F.-J., Wildermann, S., Pschyklenk, M., & Teich, J. (2021). Providing Tamper-Secure SoC Updates through Reconfigurable Hardware. In Springer Proceedings of the 17th International Symposium on Applied Reconfigurable Computing. Rennes, France, FR: Springer Computer Science Proceedings.

MLA:

Streit, Franz-Josef, et al. "Providing Tamper-Secure SoC Updates through Reconfigurable Hardware." Proceedings of the International Symposium on Applied Reconfigurable Computing (ARC), Rennes, France Springer Computer Science Proceedings, 2021.

BibTeX: Download