Nathalie Bijnens, Director Product Management | Originally published on Military Embedded
Protecting unmanned systems with flexible key management for FPGAs
Aerospace and government defense program users have unique needs when it comes to FPGA (field-programmable gate array) devices, both in terms of security and in terms of long-term deployments. Increasing use of unmanned systems and other autonomous assets has created new security challenges. Physical unclonable function (PUF)-based security technologies for FPGAs have been created with these unique needs in mind. These solutions are instantiated through the user configuration file, so they are easy to implement and can be applied to the entire range of Xilinx FPGAs – even those already in the field.
Autonomous systems, such as unmanned aerial vehicles (UAVs), are playing an ever-larger role for defense systems in many theaters of operation. These systems can lower the risk and reduce the cost of a wide spectrum of tasks if used in place of manned operations. These new systems come with some new risks, however: For example, UAVs must communicate with a remote command-and-control system, and these communications must be secured. In addition, authentication is critical to guard against these assets being replaced by counterfeit devices while in the field. Very often, UAVs and other autonomous assets are left unattended for strategic reasons, whether for monitoring purposes or for logistical reasons. The data stored in these assets must be protected in these circumstances.
Systems used in the defense and aerospace arenas often employ field-programmable gate arrays (FPGAs), as they provide flexible, lower-cost solutions for limited-production systems and possess the critical ability to update the circuits as deployments require. FPGA companies have done a lot to secure the FPGA bitstream, which contains all of the user configuration data for a device. Currently, for most FPGAs, the on-chip encrypted key protecting the bitstream can only be used for this purpose. However, the rise in the use of autonomous systems, such as UAVs, has created a need to create and manage user keys for purposes beyond securing the bitstream.
In fact, user-managed keys are needed for most defense and aerospace applications, as design files may be too confidential to share with any outside entity, including those in the defense-electronics supply chain. Government defense programs need the ability to generate their own keys after configuration; these unique keys remain unknown to the remainder of the supply chain. Such users need a flexible key-management system that, in addition to providing a unique identity for authenticating FPGAs, can be used to secure user keys that are not known at the time of manufacturing and that can be used to secure both user data and FPGA connections.
Soft PUFs: A new solution for FPGA user key management
New solutions for FPGA security have emerged to meet these challenges. One approach that has gained traction over the last decade in the microprocessor world is the use of physical unclonable functions (PUFs) as unique chip identifiers that serve as the base of security systems that enable security, authentication, and key provisioning services. This concept has been translated to the FPGA world in the form of solutions that use “soft” PUFs that are incorporated into the configurable part of the FPGA, rather than hard IP in the FPGA device itself.
Soft PUF-based systems enable lifetime authentication for FPGAs deployed in defense systems, guarding against counterfeiting and supplying the means to authenticate communications with the device, both of which are critical for the security of UAVs and other unmanned systems. In addition, these systems protect the FPGA’s secrets from attackers who capture or otherwise gain access to a system containing the device.