Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

PUFBind: PUF-Enabled Lightweight Program Binary Authentication for FPGA-based Embedded Systems

Sneha Swaroopa, Venkata Sreekanth Balijabudda, Rajat Subhra Chakraborty, Indrajit Chakrabarti

TL;DR

PUFBind addresses the risk of malicious software on FPGA-based embedded systems by binding a program binary to a trusted FPGA via a PUF signature and a SHA-256 digest, enabling runtime authentication without encryption. The solution uses a Butterfly PUF on the FPGA and a fuzzy extractor to derive a hardware-bound key, which is XORed with the binary's SHA-256 digest to create a binding that can be verified at load time. It executes in two stages: FPGA platform trust establishment and PUF-based program binary authentication, ensuring Confidentiality, Integrity, and Availability without key storage or OS support. A one-time hardware authentication incurs minimal overhead, and a prototype on an Artix-7/Nexys-A7 with a $4$ kB BRAM and a $128$-bit PUF demonstrates practical latency of about $10^3$ cycles at typical clock rates, validating practicality for bare-metal embedded systems.

Abstract

Field Programmable Gate Array (FPGA)-based embedded systems have become mainstream in the last decade, often in security-sensitive applications. However, even with an authenticated hardware platform, compromised software can severely jeopardize the overall system security, making hardware protection insufficient if the software itself is malicious. In this paper, we propose a novel low-overhead hardware-software co-design solution that utilizes Physical Unclonable Functions (PUFs) to ensure the authenticity of program binaries for microprocessors/microcontrollers mapped on the FPGA. Our technique binds a program binary to a specific target FPGA through a PUF signature, performs runtime authentication for the program binary, and allows execution of the binary only after successful authentication. The proposed scheme is platform-agnostic and capable of operating in a "bare metal'' mode (no system software requirement) for maximum flexibility. Our scheme also does not require any modification of the original hardware design or program binary. We demonstrate a successful prototype implementation using the open-source PicoBlaze microcontroller on AMD/Xilinx FPGA, comparing its hardware resource footprint and performance with other existing solutions of a similar nature.

PUFBind: PUF-Enabled Lightweight Program Binary Authentication for FPGA-based Embedded Systems

TL;DR

PUFBind addresses the risk of malicious software on FPGA-based embedded systems by binding a program binary to a trusted FPGA via a PUF signature and a SHA-256 digest, enabling runtime authentication without encryption. The solution uses a Butterfly PUF on the FPGA and a fuzzy extractor to derive a hardware-bound key, which is XORed with the binary's SHA-256 digest to create a binding that can be verified at load time. It executes in two stages: FPGA platform trust establishment and PUF-based program binary authentication, ensuring Confidentiality, Integrity, and Availability without key storage or OS support. A one-time hardware authentication incurs minimal overhead, and a prototype on an Artix-7/Nexys-A7 with a kB BRAM and a -bit PUF demonstrates practical latency of about cycles at typical clock rates, validating practicality for bare-metal embedded systems.

Abstract

Field Programmable Gate Array (FPGA)-based embedded systems have become mainstream in the last decade, often in security-sensitive applications. However, even with an authenticated hardware platform, compromised software can severely jeopardize the overall system security, making hardware protection insufficient if the software itself is malicious. In this paper, we propose a novel low-overhead hardware-software co-design solution that utilizes Physical Unclonable Functions (PUFs) to ensure the authenticity of program binaries for microprocessors/microcontrollers mapped on the FPGA. Our technique binds a program binary to a specific target FPGA through a PUF signature, performs runtime authentication for the program binary, and allows execution of the binary only after successful authentication. The proposed scheme is platform-agnostic and capable of operating in a "bare metal'' mode (no system software requirement) for maximum flexibility. Our scheme also does not require any modification of the original hardware design or program binary. We demonstrate a successful prototype implementation using the open-source PicoBlaze microcontroller on AMD/Xilinx FPGA, comparing its hardware resource footprint and performance with other existing solutions of a similar nature.
Paper Structure (21 sections, 7 figures, 3 tables)

This paper contains 21 sections, 7 figures, 3 tables.

Table of Contents

  1. Introduction
  2. Salient Features of PUFBind
  3. Organization of the Paper
  4. Background
  5. Program Binary Integrity and Its Impact
  6. Existing Schemes for Program Binary Authentication
  7. Remote System Monitoring and Attestation
  8. Hardware-assisted Software and Platform Authentication
  9. Confidential Computing Solutions
  10. PUF and PUF-based Secure System Development
  11. PUFBind: Details of the Scheme
  12. Butterfly PUF: FPGA Implementation and Reasons for Choosing It
  13. Steps of PUFBind
  14. Step-1: Trust Establishment of FPGA Platform (Hardware Authentication)
  15. Step-2: PUF-based Authentication of Program Binary on a Pre-authenticated FPGA Platform
  16. ...and 6 more sections

Figures (7)

  • Figure 1: The different authentication scenarios and the corresponding outcomes, as enforced by PUFBind.
  • Figure 2: Details of Butterfly PUF (BPUF) implementation on Xilinx Artix-7 FPGA: (a) circuit schematic of a single BPUF cell showing cross-coupled latches (implemented with Xilinx-specific hardware modules LDPE and LDCE); (b) physical view of implementation of a single BPUF cell on Xilinx/AMD Artix-7 FPGA; (c) physical view of symmetric placement of first 64 BPUF cells (out of 128) on the FPGA fabric; (d) physical view of control circuitry for the BPUF circuit on the FPGA fabric; (e) physical view of symmetric placement of the second 64 BPUF cells (out of 128) on the FPGA fabric.
  • Figure 3: Overall architecture of PUF-based program binary authentication through PUFBind, for a prototype implementation on Xilinx (AMD) FPGA.
  • Figure 4: PUF-based FPGA platform trust establishment.
  • Figure 5: Example program binary image and BRAM content, for a BRAM with 32-bit words and total size 4 kB.
  • ...and 2 more figures