Rejuvenation of Diverse FPGA Softcores in a SoC
Overview
A field-programmable gate array (FPGA) is an integrated circuit designed to be reconfigured by the user after manufacturing to build a System-on-Chip (SoC) embedded device. The needed logic is usually implemented as a software image and then instantiated on the FPGA to inherit the nice properties of hardware, like higher speed and better security. Unfortunately, since the image itself, e.g., a Softcore that represents a Processing Unit, is a software, it is prone to faults and vulnerabilities that manifest after instantiation on the FPGA. Unfortunately, an Advanced Persistent Threat (APT) is possible if a determined adversary managed to discover a new vulnerability to initiate a zero-day, leaving no chance for classical detection and prevention tools to recover. In addition, the softcore can include bugs and glitches that manifest only at run time. Fault and Intrusion Tolerance (FIT) is a technique used to make a process resilient to such attacks by masking them. A FIT protocol replicates the processors, i.e., a softcore in our case, by running three versions simultaneously, and collecting a majority agreement (or consensus) on each operation. If the majority (e.g., 2/3 processors) did not fail at the same instant, the fault is masked, and the SoC continues operation as designed. This requires some level of diversity in the running softcore to increase the chances of independence of failures.
Expected deliverables
The goal of this project is to experiment running an FIT we are implementing on a diverse softcores, e.g., Microblaze, RISC-V, Openpiton, etc., on an FPGA and simulate some fault or attacks. We are experimenting the concept on a Xilinx Zinc board using equivalent replicas. The objectives are to check the feasibility of running the FIT with different softcore types and evaluate the behavior in action. The intern will acquire all this knowledge and publish the results by working with a team of experts.
Questions and Answers
Where to find answers to Frequently Asked Questions about applying to VSRP?
Contacts
Supervisors
Paulo Esteves-Verissimo
- Professor (former), Computer Science
Biography
Paulo Esteves-Veríssimo is a professor in the Computer Science (CS) program at KAUST. Previously, he was a professor and FNR PEARL Chair at the University of Luxembourg's (Uni.lu) Faculty of Science, Technology and Medicine (FSTM). He also led the CritiX Research Lab at the SnT Centre at Uni.lu, which achieved world-class results and established enduring research capacity in resilient computing, cybersecurity, and dependability.
He has also been a professor and a board member of the University of Lisbon (ULisboa), Portugal. At ULisboa, he created the Navigators research group and was the founding director of Laboratório de Sistemas Informáticos de Grande Escala (LaSIGE). From its founding in 1998, the computer science and engineering lab LaSIGE has carried out research in leading-edge areas backed by key indicators of excellence.
He was UNILU-SnT’s representative at the European Cyber Security Organization (ESCO) and member of its Scientific & Technical Committee (STC). He served as Chair of the IFIP WG 10.4 on Dependable Computing and Fault-Tolerance and vice-chair of the Steering Committee of the IEEE/IFIP DSN conference. He is a Fellow of the IEEE, a Fellow of the ACM and an associate editor of IEEE Transactions on Emerging Topics in Computing (TETC).
Research Interests
Professor Esteves-Veríssimo is interested in architectures, middleware and algorithms for resilient modular and distributed computing. In addition to examining paradigms and techniques that reconcile security and dependability, he also explores novel applications of these paradigms and techniques. By doing so, he achieves system resilience in areas such as autonomous vehicles, distributed control systems, digital health and genomics, and blockchain and cryptocurrency.
Dr. Esteves-Veríssimo’s research has featured in over 200 peer-reviewed international publications and five international books. He has delivered over 70 keynote speeches and distinguished lectures at reputable venues. As a systems and engineering specialist, he has contributed to designing and engineering several advanced industrial prototypes of distributed, fault-tolerant, secure or real-time systems developed through research and development.