Table of Contents
Fetching ...

Building Your Own Trusted Execution Environments Using FPGA

Md Armanuzzaman, Ahmad-Reza Sadeghi, Ziming Zhao

TL;DR

This paper introduces BYOTee, a hardware-software co-design framework that builds multiple, customizable TEEs on commodity SoC FPGAs to address the static hardware TCB and cache-side-channel limitations of traditional TEEs. It delivers a dynamic root of trust and both software- and hardware-based attestation, along with a Python-based toolchain (HardwareBuilder, Hw-Att, SSAPacker) to generate protected bitstreams and SSA binaries for enclave deployment. The approach enables on-demand enclaves with isolated hardware resources (softcore CPUs, BRAM, peripherals) and secure boot/configuration flows, demonstrated on Xilinx Zynq-7000 with four SSAs and twelve Embench-IoT benchmarks, achieving favorable performance/power trade-offs relative to lightweight hard CPUs. The work presents a versatile path toward transparent, verifiable, and customizable hardware TEEs suitable for research and deployment on commodity devices, while acknowledging remaining challenges such as TOCTOU, side-channels, and dynamic reconfiguration security.

Abstract

In recent years, we have witnessed unprecedented growth in using hardware-assisted Trusted Execution Environments (TEE) or enclaves to protect sensitive code and data on commodity devices thanks to new hardware security features, such as Intel SGX and Arm TrustZone. Even though the proprietary TEEs bring many benefits, they have been criticized for lack of transparency, vulnerabilities, and various restrictions. For example, existing TEEs only provide a static and fixed hardware Trusted Computing Base (TCB), which cannot be customized for different applications. Existing TEEs time-share a processor core with the Rich Execution Environment (REE), making execution less efficient and vulnerable to cache side-channel attacks. Moreover, TrustZone lacks hardware support for multiple TEEs, remote attestation, and memory encryption. In this paper, we present BYOTee (Build Your Own Trusted Execution Environments), which is an easy-to-use infrastructure for building multiple equally secure enclaves by utilizing commodity Field Programmable Gate Arrays (FPGA) devices. BYOTee creates enclaves with customized hardware TCBs, which include softcore CPUs, block RAMs, and peripheral connections, in FPGA on demand. Additionally, BYOTee provides mechanisms to attest the integrity of the customized enclaves' hardware and software stacks, including bitstream, firmware, and the Security-Sensitive Applications (SSA) along with their inputs and outputs to remote verifiers. We implement a BYOTee system for the Xilinx System-on-Chip (SoC) FPGA. The evaluations on the low-end Zynq-7000 system for four SSAs and 12 benchmark applications demonstrate the usage, security, effectiveness, and performance of the BYOTee framework.

Building Your Own Trusted Execution Environments Using FPGA

TL;DR

This paper introduces BYOTee, a hardware-software co-design framework that builds multiple, customizable TEEs on commodity SoC FPGAs to address the static hardware TCB and cache-side-channel limitations of traditional TEEs. It delivers a dynamic root of trust and both software- and hardware-based attestation, along with a Python-based toolchain (HardwareBuilder, Hw-Att, SSAPacker) to generate protected bitstreams and SSA binaries for enclave deployment. The approach enables on-demand enclaves with isolated hardware resources (softcore CPUs, BRAM, peripherals) and secure boot/configuration flows, demonstrated on Xilinx Zynq-7000 with four SSAs and twelve Embench-IoT benchmarks, achieving favorable performance/power trade-offs relative to lightweight hard CPUs. The work presents a versatile path toward transparent, verifiable, and customizable hardware TEEs suitable for research and deployment on commodity devices, while acknowledging remaining challenges such as TOCTOU, side-channels, and dynamic reconfiguration security.

Abstract

In recent years, we have witnessed unprecedented growth in using hardware-assisted Trusted Execution Environments (TEE) or enclaves to protect sensitive code and data on commodity devices thanks to new hardware security features, such as Intel SGX and Arm TrustZone. Even though the proprietary TEEs bring many benefits, they have been criticized for lack of transparency, vulnerabilities, and various restrictions. For example, existing TEEs only provide a static and fixed hardware Trusted Computing Base (TCB), which cannot be customized for different applications. Existing TEEs time-share a processor core with the Rich Execution Environment (REE), making execution less efficient and vulnerable to cache side-channel attacks. Moreover, TrustZone lacks hardware support for multiple TEEs, remote attestation, and memory encryption. In this paper, we present BYOTee (Build Your Own Trusted Execution Environments), which is an easy-to-use infrastructure for building multiple equally secure enclaves by utilizing commodity Field Programmable Gate Arrays (FPGA) devices. BYOTee creates enclaves with customized hardware TCBs, which include softcore CPUs, block RAMs, and peripheral connections, in FPGA on demand. Additionally, BYOTee provides mechanisms to attest the integrity of the customized enclaves' hardware and software stacks, including bitstream, firmware, and the Security-Sensitive Applications (SSA) along with their inputs and outputs to remote verifiers. We implement a BYOTee system for the Xilinx System-on-Chip (SoC) FPGA. The evaluations on the low-end Zynq-7000 system for four SSAs and 12 benchmark applications demonstrate the usage, security, effectiveness, and performance of the BYOTee framework.
Paper Structure (30 sections, 8 figures, 5 tables)

This paper contains 30 sections, 8 figures, 5 tables.

Figures (8)

  • Figure 1: SoC FPGA architecture. The modules in green are the root of trust for the hardcore system and FPGA, respectively. Note that BYOTee only relies on the root of trust for FPGA. Solid lines represent hard-wired connections, whereas dashed lines represent configurable connections.
  • Figure 2: The architecture and workflow of the BYOTee framework at development- and run-time. During development, BYOTee and vendor-provided tools are used to generate the protected FPGA image and protected SSAs, which are loaded onto the FPGA (1) and enclaves (2), respectively. In this runtime architecture example, three enclaves with different hardware configurations, including softcore CPUs and peripherals, are presented. Untrusted Applications (UA) access the shared DRAM region through a userspace I/O interface (UIO).
  • Figure 3: SSA Execution Block (SEB) layout, simplified enclave address space layout, and steps in executing an SSA.
  • Figure 4: Resource footprints of the enclaves (software-based attestation profile) with MicroBlaze softcore CPUs for the example SSAs on the Cora Z7-07S. The yellow and red portions represent CPU cells. The purple portion represents BRAM cells. The pink rectangle represents I/O ports. In (d), the rectangle on top of the I/O ports represents an analog to digital conversion module. The blue portions represent all other IPs, such as debugging modules, interconnects.
  • Figure 5: Block diagram of SSA-1 with the Hw-Att module (hardware-based attestation profile).
  • ...and 3 more figures