Securing FPGA-based Obsolete Component Replacement for Legacy Systems

Zhiming Zhang1, Laurent Njilla2, Charles Kamhoua3, Kevin Kwiat2, Qiaoyan Yu1
1University of New Hampshire, 2Cyber Assurance Branch, Air Force Research Laboratory, 3Army Research Laboratory


Abstract

It is unavoidable that legacy systems confront to the component-aging issue. As re-designing the system typically results in a high cost, aged component replacement for legacy systems becomes a pressing need. Unfortunately, the aged com- ponents are likely to be obsolete and not available on the current market. Obsolete component replacement with FPGA devices is emerging as a feasible option to extend the lifetime of legacy systems. While replacing the aged component, we traditionally only focus on matching the functionality and neglect the potential security threats from FPGA replacement. However, recent liter- ature demonstrates that FPGA devices may contain hardware Trojans, which are induced during FPGA device fabrication or bitstream generation time. To prevent the Trojans on FPGA from receiving external inputs or leaking sensitive information, we propose a Runtime Pin Grounding (RPG) scheme to ground the unused pins and check the pin status at every clock cycle. Furthermore, we exploit the principle of Moving Target Defense (MTD) and propose a hardware MTD (HMTD) method. In our method, the aged obsolete unit is replicated to multiple copies in the FPGA device and two of the replicas are randomly selected for output comparison and thus Trojan detection. We successfully implemented the proposed RPG and HMTD methods on a Nexys- 3 FPGA board. Our case study shows that the proposed RPG scheme increases the FPGA utilization rate by less than 0.1%. On average, our HMTD method reduces the hardware Trojan bypass rate by 61% over the existing method.