Results 1 - 10
of
21
Moats and drawbridges: An isolation primitive for reconfigurable hardware based systems
- in Proc. Int. Symposium on Security and Privacy, 2007
"... Blurring the line between software and hardware, reconfigurable devices strike a balance between the raw high speed of custom silicon and the post-fabrication flexibility of general-purpose processors. While this flexibility is a boon for embedded system developers, who can now rapidly prototype and ..."
Abstract
-
Cited by 30 (6 self)
- Add to MetaCart
(Show Context)
Blurring the line between software and hardware, reconfigurable devices strike a balance between the raw high speed of custom silicon and the post-fabrication flexibility of general-purpose processors. While this flexibility is a boon for embedded system developers, who can now rapidly prototype and deploy solutions with performance approaching custom designs, this results in a system development methodology where functionality is stitched together from a variety of “soft IP cores, ” often provided by multiple vendors with different levels of trust. Unlike traditional software where resources are managed by an operating system, soft IP cores necessarily have very fine grain control over the underlying hardware. To address this problem, the embedded systems community requires novel security primitives which address the realities of modern reconfigurable hardware. We propose an isolation primitive, moats and drawbridges, that are built around four design properties: logical isolation, interconnect traceability, secure reconfigurable broadcast, and configuration scrubbing. Each of these is a fundamental operation with easily understood formal properties, yet maps cleanly and efficiently to a wide variety of reconfigurable devices. We carefully quantify the required overheads on real FPGAs and demonstrate the utility of our methods by applying them to the practical problem of memory protection. 1
Policy-driven memory protection for reconfigurable hardware
- In Proceedings of the European Symposium on Research in Computer Security (ESORICS), volume LNCS 4189
, 2006
"... Abstract. While processor based systems often enforce memory pro-tection to prevent the unintended sharing of data between processes, current systems built around reconfigurable hardware typically offer no such protection. Several reconfigurable cores are often integrated onto a single chip where th ..."
Abstract
-
Cited by 15 (6 self)
- Add to MetaCart
(Show Context)
Abstract. While processor based systems often enforce memory pro-tection to prevent the unintended sharing of data between processes, current systems built around reconfigurable hardware typically offer no such protection. Several reconfigurable cores are often integrated onto a single chip where they share external resources such as memory. While this enables small form factor and low cost designs, it opens up the op-portunity for modules to intercept or even interfere with the operation of one another. We investigate the design and synthesis of a memory protection mechanism capable of enforcing policies expressed as a formal language. Our approach includes a specialized compiler that translates a policy of legal sharing to reconfigurable logic blocks which can be di-rectly transferred to an FPGA. The efficiency of our access language design flow is evaluated in terms of area and cycle time across a variety of security scenarios.
Data Communication Estimation and Reduction for Reconfigurable Systems
- IN PROC. 40TH DESIGN AUTOMATION CONF
, 2003
"... Widespread adoption of reconfigurable devices requires system level synthesis techniques to take an application written in a high level language and map it to the reconfigurable device. This paper describes methods for synthesizing the internal representation of a compiler into a hardware descriptio ..."
Abstract
-
Cited by 8 (4 self)
- Add to MetaCart
Widespread adoption of reconfigurable devices requires system level synthesis techniques to take an application written in a high level language and map it to the reconfigurable device. This paper describes methods for synthesizing the internal representation of a compiler into a hardware description language in order to program reconfigurable hardware devices. We demonstrate the usefulness of static single assignment (SSA) in reducing the amount of data communication in the hardware. However, the placement of -nodes by current SSA algorithms is not optimal in terms of minimizing data communication. We propose a new algorithm which optimally places -nodes, further decreasing area and communication latency. Our algorithm reduces the data communication (measured as total edge weight in a control data flow graph) by as much as 20% for some applications as compared to the best-known SSA algorithm - the pruned algorithm. We also describe future modifications to our model that should increase the effectiveness of our methods.
Energy Benefits of Reconfigurable Hardware for Use in Underwater Sensor Nets
"... Abstract — Small, dense underwater sensor networks have the potential to greatly improve undersea environmental and structural monitoring. However, few sensor nets exist because commercially available underwater acoustic modems are too costly and energy inefficient to be practical for this applicati ..."
Abstract
-
Cited by 3 (2 self)
- Add to MetaCart
Abstract — Small, dense underwater sensor networks have the potential to greatly improve undersea environmental and structural monitoring. However, few sensor nets exist because commercially available underwater acoustic modems are too costly and energy inefficient to be practical for this applications. Therefore, when designing an acoustic modem for sensor networks, the designer must optimize for low cost and low energy consumption at every level, from the analog electronics, to the signal processing scheme, to the hardware platform. In this paper we focus on the design choice of hardware platform: digital signal processors, microcontrollers, or reconfigurable hardware, to optimize for energy efficiency while keeping costs low. We implement one algorithm used in an acoustic modem design-Matching Pursuits for channel estimation- on all three platforms and perform a design space exploration to compare the timing, power and energy consumption of each implementation. We show that the reconfigurable hardware implementation can provide a maximum of 210X and 52X decrease in energy consumption over the microcontroller and DSP implementations respectively. Keywords- underwater acoustic modems, mapping parallel algorithms, energy efficiency issues, field programmable gate arrays, design space exploration I.
Enforcing Memory Policy Specifications in Reconfigurable Hardware
"... While general-purpose processor based systems are built to enforce memory protection to prevent the unintended sharing of data between processes, current systems built around reconfigurable hardware typically offer no such protection. Several reconfigurable cores are often integrated onto a single c ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
While general-purpose processor based systems are built to enforce memory protection to prevent the unintended sharing of data between processes, current systems built around reconfigurable hardware typically offer no such protection. Several reconfigurable cores are often integrated onto a single chip where they share external resources such as memory. While this enables small form factor and low cost designs, it opens up the opportunity for modules to intercept or even interfere with the operation of one another. We investigate the design and synthesis of a FPGA memory protection mechanism capable of enforcing access control policies and a methodology for translating formal policy descriptions into FPGA enforcement mechanisms. The efficiency of our access language design flow is evaluated in terms of area and cycle time across a variety of security scenarios. We also describe a technique for ensuring that the internal state of the reference monitor cannot be used as a covert storage channel.
Handling Control Data Flow Graphs for a Tightly Coupled Reconfigurable Accelerator
"... Abstract. In an embedded system including a base processor integrated with a tightly coupled accelerator, extracting frequently executed portions of the code (hot portion) and executing their corresponding data flow graph (DFG) on the accelerator brings about more speedup. In this paper, we intend t ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Abstract. In an embedded system including a base processor integrated with a tightly coupled accelerator, extracting frequently executed portions of the code (hot portion) and executing their corresponding data flow graph (DFG) on the accelerator brings about more speedup. In this paper, we intend to present our motivations for handling control instructions in DFGs and extending them to Control DFGs (CDFGs). In addition, basic requirements for an accelerator with conditional execution support are proposed. Moreover, some algorithms are presented for temporal partitioning of CDFGs considering the target accelerator architectural specifications. To show the effectiveness of the proposed ideas, we applied them to the accelerator of an extensible processor called AMBER. Experimental results represent the effectiveness of covering control instructions and using CDFGs versus DFGs. 1
Data Partitioning for Reconfigurable Architectures with
- Distributed Block RAM” – International Workshop on Logic and Synthesis (IWLS
, 2005
"... Contemporary reconfigurable architectures integrate distributed block RAM modules on-chip to provide ample storage for DSP, wireless, and image processing applications. Synthesizing applications to these complex systems requires an effective and efficient approach to conduct data partitioning and st ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Contemporary reconfigurable architectures integrate distributed block RAM modules on-chip to provide ample storage for DSP, wireless, and image processing applications. Synthesizing applications to these complex systems requires an effective and efficient approach to conduct data partitioning and storage assignment. This work showed that different data partition schemes and storage assignment solutions, integrated with other memory optimization techniques, dramatically improve overall system performance. Experimental results indicated that partitioned designs could meet design goals and achieve much better performance. 1
Moats and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based Systems
"... Blurring the line between software and hardware, re-configurable devices strike a balance between the raw high speed of custom silicon and the post-fabrication flexibility of general-purpose processors. While this flexibility is a boon for embedded system developers, who can now rapidly prototype an ..."
Abstract
- Add to MetaCart
(Show Context)
Blurring the line between software and hardware, re-configurable devices strike a balance between the raw high speed of custom silicon and the post-fabrication flexibility of general-purpose processors. While this flexibility is a boon for embedded system developers, who can now rapidly prototype and deploy solutions with performance approach-ing custom designs, this results in a system development methodology where functionality is stitched together from a variety of “soft IP cores, ” often provided by multiple ven-dors with different levels of trust. Unlike traditional soft-ware where resources are managed by an operating system, soft IP cores necessarily have very fine grain control over the underlying hardware. To address this problem, the em-bedded systems community requires novel security primi-tives which address the realities of modern reconfigurable hardware. We propose an isolation primitive, moats and drawbridges, that are built around four design properties: logical isolation, interconnect traceability, secure reconfig-urable broadcast, and configuration scrubbing. Each of these is a fundamental operation with easily understood for-mal properties, yet maps cleanly and efficiently to a wide va-riety of reconfigurable devices. We carefully quantify the re-quired overheads on real FPGAs and demonstrate the utility of our methods by applying them to the practical problem of memory protection. 1
GANG WANG
"... Computing systems designed using reconfigurable hardware are increasingly composed using a number of different Intellectual Property (IP) cores, which are often provided by third-party vendors that may have different levels of trust. Unlike traditional software where hardware resources are mediated ..."
Abstract
- Add to MetaCart
Computing systems designed using reconfigurable hardware are increasingly composed using a number of different Intellectual Property (IP) cores, which are often provided by third-party vendors that may have different levels of trust. Unlike traditional software where hardware resources are mediated using an operating system, IP cores have fine-grain control over the underlying reconfigurable hardware. To address this problem, the embedded systems community requires novel security primitives that address the realities of modern reconfigurable hardware. In this work, we propose security primitives using ideas centered around the notion of “moats and drawbridges.” The primitives encompass four design properties: logical isolation, interconnect traceability, secure reconfigurable broadcast, and configuration scrubbing. Each of these is a fundamental
35.4 Data Communication Estimation and Reduction for Reconfigurable Systems
"... Widespread adoption of reconfigurable devices requires system level synthesis techniques to take an application written in a high level language and map it to the reconfigurable device. This paper describes methods for synthesizing the internal representation of a compiler into a hardware descriptio ..."
Abstract
- Add to MetaCart
(Show Context)
Widespread adoption of reconfigurable devices requires system level synthesis techniques to take an application written in a high level language and map it to the reconfigurable device. This paper describes methods for synthesizing the internal representation of a compiler into a hardware description language in order to program reconfigurable hardware devices. We demonstrate the usefulness of static single assignment (SSA) in reducing the amount of data communication in the hardware. However, the placement of Φ-nodes by current SSA algorithms is not optimal in terms of minimizing data communication. We propose a new algorithm which optimally places Φ-nodes, further decreasing area and communication latency. Our algorithm reduces the data communication (measured as total edge weight in a control data flow graph) by as much as 20 % for some applications as compared to the best-known SSA algorithm – the pruned algorithm. We also describe future modifications to our model that should increase the effectiveness of our methods. 1.
