New-Tech Europe Magazine | June 2016

serve as security hubs. Xilinx

Xilinx Artix FPGAs provide various AT features. Passive features are built-in to the silicon - COTS features - and do not require design development, while active features can be incorporated as needed as part of the Commissioned FPGA design effort. available AT features. Lattice Lattice MACHXO2 FPGAs incorporate on-chip embedded flash memory to eliminate configuration bit-stream vulnerability. Device security bits prevent read-back of the configuration from the device, and a one-time- programmable mode prevents erasure or reprogramming of the configuration. Conclusion Anti-tamper plays a vital role in the overall information assurance scheme for embedded systems. A successful AT campaign provides layered safeguards for prevention, detection, and response. A carefully considered COTS/Commissioned combination leverages lower-cost, reliable COTS elements while allowing customers to incorporate sensitive or restricted technologies, policies, and procedures. Abaco uses its partner relationships and engagements to provide synergy between the hardware, middleware, stacks, partitioned operating system, and hypervisors. The use of Intel’s Trusted Execution Technology and Freescale’s Trust Architecture provides industry-standard trust mechanisms, while a Xilinx- or Lattice-based FPGA security hub augments a robust tamper response. Hardware build options are available to provide the flexibility to meet customer requirements

Table 1 Xilinx Artix AT Features

chain of trust.

begins executing internal boot code from a hardwired location within the internal boot ROM. The ISBC is inherently trusted. It confirms the binding of the public key to the device, validates the digital signature of the ESBC, validates the ESBC image, and confirms that the first instruction falls within the validated range and executes. External Secure Boot Code (ESBC) Phase: 5. The ESBC can be a monolithic image, or multi-stage boot images, which validates the digital signature and image of the operating system or application, thereby extending the

COTS Secure FPGA Technology

The FPGA security hub receives input from tamper detection sensors throughout the system and has the ability to interface with the processor; erase data, configuration and key storage; and disable interfaces to provide an appropriate tamper response. The FPGA can use either a standard COTS or a Commissioned configuration to define its response behavior. The FPGA configuration is encrypted with various safeguards to protect content. Both Xilinx Artix and Lattice MACHXO2 devices are used to

New-Tech Magazine Europe l 47