Securely updating FPGA-based embedded systems
Not only is the corruption of the flash an issue, how the remote data is secured is also of critical importance. When an embedded product is accessible by an end user, it has the potential of being tampered with. To prevent unwanted attacks, both software and hardware security must be employed. It is not adequate to only have a remote configuration data file encrypted. Although this software encrypted security helps, the hardware (FPGA) that is going to unencrypt the data must have built in security protection too. An encrypted data file can easily have its key extracted when the user can access the embedded device. This is done by using an inexpensive electromagnetic probe and implementing differential power analysis (DPA). There are numerous examples of FPGA security keys which have been extracted by using this technique. If the FPGA does not have DPA countermeasures built in, then any remote update could become a security vulnerability. When an embedded product is accessible by a user, not having DPA countermeasures is the same as having no security.
With flash-embedded FPGAs, the configuration memory is stored on-chip and is closely integrated within the FPGA fabric. For example, on Microsemi SmartFusion2 and IGLOO2 flash FPGAs, programming can take place via an external communications port such as USB, PCIe or JTAG and the entire programming process is managed by an on-chip dedicated programming interface. Additionally, an advanced programming facility, called In-Application Programming (IAP) is available on SmartFusion2 and IGLOO2 FPGAs which provides the desired reliable, safe and secure programming facility even in the face of a power loss during programming. Let’s now look at how the IAP facility can be used to help implement the robust remote update capability required by todays embedded systems.
Implementing a Reliable, Safe and Secure Remote Update in an FPGA-based Embedded System
A flash-embedded FPGA can provide the key functions required to more easily support secure and robust remote updates. For example, SmartFusion2 has all the mainstream FPGA features needed to implement the key bridging functions as well as the required security and IAP functions. As shown in Figure 3 below, the low speed interfaces can connect using I2C and GPIO. The high speed host interface, PCIe, is implemented as a dedicated port that doesn’t require FPGA fabric.
Figure 3. SmartFusion2 In Application Programming (IAP) Supports Secure, Safe and Reliable Remote Updates in a Chassis Control Plane Bridge
The on-chip processor can use the high speed memory subsystem (HSMS) to access the large internal flash memory for code storage, large internal SRAM for data buffering and the dedicated DDR controller provides access to additional external memory if needed. The dedicated system controller provides security functions used during programming and the IAP function used during remote updates. A more detailed view of the key functions available on the SmartFusion2 FPGA is shown in Figure 4, below.
Click for larger image
Figure 4. Microsemi SmartFusion2 SoC FPGAs have Mainstream Features along with Robust Security and Remote Update Capabilities
Using In-Application Programming for Safe, Secure and Reliable Updates
The In-Application Programming (IAP) facility available with SmartFusion2 and IGLOO2 provides a means for securely and reliably updating the configuration bitstream remotely. IAP is executed from the dedicated system controller within the FPGA so it doesn’t require the use of any FPGA fabric or other user configurable logic. The IAP function is two-step process and uses an external SPI flash memory device. In the first step the external SPI flash device is programmed with the desired bitstream using any of the available interfaces - PCIe, USB, JTAG or even Ethernet. All bitstreams used to program SmartFusion2 devices are encrypted to make sure they are protected from tampering, so this bitstream will also be in an encrypted form.
In the next step the System Controller performs the IAP service via a system service call. The user provides a pointer to the System Controller with the starting address of the bitstream location in the external SPI flash memory. The IAP system service call also has three options for the user: Authenticate, Program or Verify. Authentication is typically performed prior to programming the FPGA configuration memory to verify that the bitstream in the SPI flash is properly constructed for the device being programmed. During authentication the device operates normally.
The external SPI flash that contains the new bitstream can also contain an additional image as well, one that can be used as a known good version for recovery purposes. The user can at any time point to the recovery image and use it to configure the FPGA into a known good state. The recovery image can be saved, ‘as is’ from day one, or it can also be updated for critical bug fixes as needed.
During the IAP function a Program Recovery option is available. When Programming Recovery is enabled if power fails during programming, the system controller will disable internal charge pumps used to program the FPGA in a controlled manner. On the next subsequent power-up cycle, prior to enabling the FPGA fabric, the system controller will detect that the device programming operation has been interrupted and it will initiate a programming cycle from a bitstream located in the external SPI flash. Users have a choice of updating from the known good image or the remote updated image that was just pushed to the SPI flash memory. When an external bitstream is loaded into the SmartFusion2 FPGA, it employs the built in DPA countermeasure logic. This ensures no electromagnetic probe can decipher the encryption key, thus resulting in a trusted, secure device for the embedded system.
Program recovery, when combined with the secure encrypted bitstream and bitstream authentication, delivers the reliable, safe and secure remote programming update facility required by today’s connected embedded systems, even if power is lost during FPGA configuration memory programming.
Ted Marena is the director of FPGA/SOC marketing at Microsemi. He has over 20 years’ experience in FPGAs. Previously Marena has held roles in business development, product & strategic marketing. He was awarded Innovator of the Year in February 2014 when he worked for Lattice Semiconductor. Marena has defined, created and executed unique marketing platform solutions for vertical markets including consumer, wireless small cells, industrial, cameras, displays and automotive applications.