Securing Embedded Digital Systems For In-Field Applications

Nowadays, special purpose embedded system design relies on the availability of the hardware configurable technology. Space missions, aerospace defense, high performance computing and networking applications benefit from the adoption of field programamble gate arrays (FPGAs) as they provide high degrees of flexibility, fast time-to-market, and low overall non-recurring engineering costs (NRE), but they almost lack in providing security mechanisms to protect intellectual properties (IPs) configured on them. The FPGA programming process is accomplished by a configuration file, so called bitstream and hacking attempts can succeed in either cloning the bitstream or, by means of reverse engineering techniques, extracting from it some IPs. Furthermore, through the program- ming interface, a malicious bitstream can be injected such that the device is reconfigured with a new configuration which overwrites the previous one. The consequences could be really dangerous, not only for the application, but also because they can cause money loss. Since the FPGA programming is pretty much like to software developing process, some existing techniques can be adopted in order to secure the device, mainly involving cryptography primitives. They can guarantee authenticity and confidentiality by ex- ploiting a key stored in each device, but they can be successfully hacked with physical attacks on the device, such that the key is discovered or the configuration file in plain is extracted once deciphered. Recently in the literature, a new technique has been intro- duced to cope with these issues, called Physically Unclonable Function, since it provides a unique, unclonable and unpredictable hardware fingerprint. Even with the best design effort, PUFs suffer from instability such that their values are variable in time. To face with these issues, this doctoral thesis shows the research activity conducted with the aim of exploring the security threats that characterize the configurable devices and of defining involved roles and new techniques for a design methodology able to guaran- tee several security attributes, demonstrating the feasibility with a very extended case study, based on a mobile scenario in which high throughput traffic analyzer IP core is distributed to a reconfigurable devices population.