Enforcing Memory Policy Specifications in Reconfigurable Hardware

Abstract

While general-purpose processor based systems are built to enforce memory protection to prevent the unintended sharing of data between processes, current systems built around reconfigurable hardware typically offer no such protection. Several reconfigurable cores are often integrated onto a single chip where they share external resources such as memory. While this enables small form factor and low cost designs, it opens up the opportunity for modules to intercept or even interfere with the operation of one another. We investigate the design and synthesis of a FPGA memory protection mechanism capable of enforcing access control policies and a methodology for translating formal policy descriptions into FPGA enforcement mechanisms. The efficiency of our access language design flow is evaluated in terms of area and cycle time across a variety of security scenarios. We also describe a technique for ensuring that the internal state of the reference monitor cannot be used as a covert storage channel.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 01, 2008
Accession Number
ADA511909

Entities

People

  • Ryan Kastner
  • Ted Huffmire
  • Timothy E. Levin
  • Timothy Sherwood

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Advanced Electronics
  • Energy and Power Technologies
  • Space

DTIC Thesaurus Topics

  • Computer Access Control
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Content Addressable Memory
  • Cryptography
  • Cybersecurity
  • Detection
  • Field Programmable Gate Arrays
  • Formal Languages
  • Intellectual Property
  • Intrusion Detection
  • Logic Gates
  • Operating Systems
  • Software-Defined Hardware
  • Specifications

Fields of Study

  • Computer science

Readers

  • Database Systems and Applications
  • Parallel and Distributed Computing.
  • Strategic Security Studies