Streit FJ, Wildermann S, Pschyklenk M, Teich J (2021)
Publication Language: English
Publication Type: Conference contribution, Conference Contribution
Publication year: 2021
Publisher: Springer Computer Science Proceedings
Conference Proceedings Title: Springer Proceedings of the 17th International Symposium on Applied Reconfigurable Computing
Remote firmware updates have become the de facto standard to guarantee a secure deployment of often decentrally operated IoT devices. However, the transfer and the provision of updates are considered as highly security-critical. Immunity requirements, such as the authenticity of the update provider and the integrity and confidentiality of the content typically loaded from an external cloud server over an untrusted network are therefore mandatory. This is especially true for FPGA-based programmable System-on-Chip (PSoC) architectures, as they are ideal implementation candidates for products with a long lifetime due to their adaptivity of both software and hardware configurations. In this paper, we propose a methodology for securely updating PSoC architectures by exploiting the reconfigurable logic of the FPGA. In the proposed approach, the FPGA serves as a secure anchor point by performing the required authenticity and integrity checks before granting the system update to be installed. In particular, a hardware design called Trusted Update Unit (TUU) is defined that is loaded from memory for the duration of an update session to first verify the identity of an external update provider and then, based on this verification, to establish a secure channel for protected data transfers. The proposed approach is also able to secure the confidentiality of cryptographic keys even if the software of the PSoC is compromised by applying them only as device-intrinsic secrets. Finally, an implementation of the approach on a Xilinx Zynq PSoC is described and evaluated for the design objectives performance and resource costs.
Streit, F.-J., Wildermann, S., Pschyklenk, M., & Teich, J. (2021). Providing Tamper-Secure SoC Updates through Reconfigurable Hardware. In Springer Proceedings of the 17th International Symposium on Applied Reconfigurable Computing. Rennes, France, FR: Springer Computer Science Proceedings.
Streit, Franz-Josef, et al. "Providing Tamper-Secure SoC Updates through Reconfigurable Hardware." Proceedings of the International Symposium on Applied Reconfigurable Computing (ARC), Rennes, France Springer Computer Science Proceedings, 2021.