A Lightweight Hardware-Assisted Security Method for eFPGA Edge Devices

Security has been a concern for all connected devices. Attackers continually search for vulnerabilities from software, firmware, and all the way down to hardware level. At the same time, cybersecurity has also been pushed to the hardware platform to keep invaders out. In this paper, the main objective is to provide a cost effective solution to FPGA configuration bitstream confidentiality/authentication. A lightweight hardware assisted chaos-based stream cipher for FPGA bitstream protection is proposed and integrated into a system-level security architecture. This enhances cyber resilience at the platform level and strengthens the platform's ability to prevent attacks. The design targets hardware environments where gate count and power consumption are limited. The proposed security approach is integrated into the FPGA system's boot process to assure a secure booting process, secure key management, and secure remote updating. As chaotic dynamics can be controlled by a low power signal, and require fewer resources to implement the cipher, lower power consumption and hardware utilization are expected. A Physical Unclonable Function (PUF) is applied to provide secrecy to the proposed security approach, making key management feasible for remotely placed devices. A protocol for remote system updating is also proposed. Performance and security analysis show that the proposed approach can be used for securing FPGA-based edge devices.