Paper
3 May 2018 Exploiting side-channel emissions to detect changes in FPGA firmware
Author Affiliations +
Abstract
Field Programmable Gate Arrays (FPGAs) are increasingly vital components of electronic systems used in numerous industries. FPGAs possess well-documented logic and hardware vulnerabilities that could allow an adversary to penetrate and manipulate FPGA-based electronic infrastructure. To detect such attacks against FPGA firmware, we developed a technique that exploits the unintended RF side-channel emitted from an FPGA. Our approach presumes that malicious modification to a trusted FPGA bitstream will result in changes in radio frequency (RF) emissions—changes that our technique can detect and measure using signal processing and machine learning. The development of our RF side-channel technique was divided into three tasks: (1) determine if firmware changes can be detected using side-channel emissions, (2) determine the minimum firmware change that can be detected, and (3) extend our approach to work across multiple devices of the same type. We used the Digilent Arty development board to accomplish these tasks. We developed baseline firmware for the board and then generated additional bitstreams that incorporated quantifiable changes in the logic and placement. We then collected RF side-channel emissions for each bitstream using the Riscure EM Probe Station, which uses a 1 GHz bandwidth near-field antenna. Using our RF side-channel approach, we were able to detect the movement of a single register or lookup table element by one slice. We proved the effectiveness of our technique to detect changes across multiple FPGAs of the same type by achieving detection accuracy greater than 98%.
© (2018) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Ryan M. Fuller, Ronald A. Riley, and James T. Graham "Exploiting side-channel emissions to detect changes in FPGA firmware", Proc. SPIE 10630, Cyber Sensing 2018, 106300A (3 May 2018); https://doi.org/10.1117/12.2304450
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Field programmable gate arrays

Logic

Clocks

Signal processing

Oscilloscopes

Machine learning

Digital signal processing

Back to Top