TY - GEN
T1 - Reconfigurable Hardware Root-of-Trust for Secure Edge Processing
AU - Ehret, Alan
AU - Rosario, Eliakin Del
AU - Schwicking, Carsten
AU - Gettings, Karen
AU - Kinsy, Michel A.
N1 - Funding Information:
. DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited. This material is based upon work supported by the Under Secretary of Defense for Research and Engineering under Air Force Contract No. FA8702-15-D-0001. Any opinions, findings, conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the Under Secretary of Defense for Research and Engineering. @ 2021 Massachusetts Institute of Technology. Delivered to the U.S. Government with Unlimited Rights, as defined in DFARS Part 252.227-7013 or 7014 (Feb 2014). Notwithstanding any copyright notice, U.S. Government rights in this work are defined by DFARS 252.227-7013 or DFARS 252.227-7014 as detailed above. Use of this work other than as specifically authorized by the U.S. Government may violate any copyrights that exist in this work.
Publisher Copyright:
© 2021 IEEE.
PY - 2021
Y1 - 2021
N2 - In this work, we introduce key security primitives for secure edge processing based on a reconfigurable hardware Root-of-Trust. We present a reference architecture, named RECORD SoC, that makes use of these security primitives. These modules can be configured to support a variety of security features, including isolated firmware, I/O access policies, and digital signature verification of an initially untrusted application. We demonstrate that a hardware root-of-Trust can be implemented flexibly and efficiently for an edge system vulnerable to physical access-based attacks, requiring only a 16.8% area overhead. Except for a one-Time application verification at startup, the security features we examine represent only 0.08% of the latency required to process a sample of sensor data.
AB - In this work, we introduce key security primitives for secure edge processing based on a reconfigurable hardware Root-of-Trust. We present a reference architecture, named RECORD SoC, that makes use of these security primitives. These modules can be configured to support a variety of security features, including isolated firmware, I/O access policies, and digital signature verification of an initially untrusted application. We demonstrate that a hardware root-of-Trust can be implemented flexibly and efficiently for an edge system vulnerable to physical access-based attacks, requiring only a 16.8% area overhead. Except for a one-Time application verification at startup, the security features we examine represent only 0.08% of the latency required to process a sample of sensor data.
UR - http://www.scopus.com/inward/record.url?scp=85123504561&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85123504561&partnerID=8YFLogxK
U2 - 10.1109/HPEC49654.2021.9622830
DO - 10.1109/HPEC49654.2021.9622830
M3 - Conference contribution
AN - SCOPUS:85123504561
T3 - 2021 IEEE High Performance Extreme Computing Conference, HPEC 2021
BT - 2021 IEEE High Performance Extreme Computing Conference, HPEC 2021
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2021 IEEE High Performance Extreme Computing Conference, HPEC 2021
Y2 - 20 September 2021 through 24 September 2021
ER -