Loading…
Design and implementation of secure boot architecture on RISC-V using FPGA
There are many well-known open-source bootloaders solutions available today such as UEFI/BIOS, Coreboot and Uboot. Recently, RISC-V as an open-source Instruction Set Architecture, has gained a lot of attention in new embedded products creation and academic research purpose. In this study, RISC-V Ins...
Saved in:
Published in: | Microprocessors and microsystems 2023-09, Vol.101, p.104889, Article 104889 |
---|---|
Main Authors: | , , |
Format: | Article |
Language: | English |
Subjects: | |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
cited_by | |
---|---|
cites | |
container_end_page | |
container_issue | |
container_start_page | 104889 |
container_title | Microprocessors and microsystems |
container_volume | 101 |
creator | Loo, Tung Lun Ishak, Mohamad Khairi Ammar, Khalid |
description | There are many well-known open-source bootloaders solutions available today such as UEFI/BIOS, Coreboot and Uboot. Recently, RISC-V as an open-source Instruction Set Architecture, has gained a lot of attention in new embedded products creation and academic research purpose. In this study, RISC-V Instruction Set Architecture boot flow and boot solutions are studied, simulated, experimented, and summarized. Security feature is implemented in firmware and measured against non-secured firmware to compare boot performance without security inclusion. A new proposed method to create a security block in Register Transfer Level to generate Secure Hash Algorithms 5 digest is implemented using Field Programmable Gate Array. The performance of this method is analyzed with the numbers of logic gate required and the execution time in software versus hardware. As a result of this study, it is observed that in simulated environment, secured firmware incurred 3.3 Megabytes of additional binary size and 747 ms (35%) additional boot time compared to non-secured firmware. A hardware implementation is proposed in Field Programmable Gate Array (FPGA) to reduce the need for a larger size firmware and longer boot time to implement security. The results of this implementation indicate a requirement of 32,048 gates to implement a SHA512 IP that reduce software execution time by 1132%. |
doi_str_mv | 10.1016/j.micpro.2023.104889 |
format | article |
fullrecord | <record><control><sourceid>elsevier_cross</sourceid><recordid>TN_cdi_crossref_primary_10_1016_j_micpro_2023_104889</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><els_id>S0141933123001321</els_id><sourcerecordid>S0141933123001321</sourcerecordid><originalsourceid>FETCH-LOGICAL-c255t-d761ea46b90776448c2d3f6b68d6a73f79e6148287dab643e903ca2dce67f7763</originalsourceid><addsrcrecordid>eNp9kNtKAzEQhoMoWKtv4EVeYGtOTbI3Qqm2VgqKp9uQTWZrSndTkq3Qt3fLeu3VwD98PzMfQreUTCih8m47aYLbpzhhhPE-ElqXZ2hEtWJFKbg8RyNCBS1Kzuklusp5SwiZEslG6PkBcti02LYeh2a_gwbaznYhtjjWOIM7JMBVjB22yX2HDlx3Svr12-p9XnzhQw7tBi9el7NrdFHbXYabvzlGn4vHj_lTsX5ZruazdeHYdNoVXkkKVsiqJEpJIbRjnteyktpLq3itSpBUaKaVt5UUHErCnWXegVR1T_AxEkOvSzHnBLXZp9DYdDSUmJMPszWDD3PyYQYfPXY_YNDf9hMgmewCtA58SP1Xxsfwf8EvBp1qRQ</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Design and implementation of secure boot architecture on RISC-V using FPGA</title><source>ScienceDirect Freedom Collection</source><creator>Loo, Tung Lun ; Ishak, Mohamad Khairi ; Ammar, Khalid</creator><creatorcontrib>Loo, Tung Lun ; Ishak, Mohamad Khairi ; Ammar, Khalid</creatorcontrib><description>There are many well-known open-source bootloaders solutions available today such as UEFI/BIOS, Coreboot and Uboot. Recently, RISC-V as an open-source Instruction Set Architecture, has gained a lot of attention in new embedded products creation and academic research purpose. In this study, RISC-V Instruction Set Architecture boot flow and boot solutions are studied, simulated, experimented, and summarized. Security feature is implemented in firmware and measured against non-secured firmware to compare boot performance without security inclusion. A new proposed method to create a security block in Register Transfer Level to generate Secure Hash Algorithms 5 digest is implemented using Field Programmable Gate Array. The performance of this method is analyzed with the numbers of logic gate required and the execution time in software versus hardware. As a result of this study, it is observed that in simulated environment, secured firmware incurred 3.3 Megabytes of additional binary size and 747 ms (35%) additional boot time compared to non-secured firmware. A hardware implementation is proposed in Field Programmable Gate Array (FPGA) to reduce the need for a larger size firmware and longer boot time to implement security. The results of this implementation indicate a requirement of 32,048 gates to implement a SHA512 IP that reduce software execution time by 1132%.</description><identifier>ISSN: 0141-9331</identifier><identifier>EISSN: 1872-9436</identifier><identifier>DOI: 10.1016/j.micpro.2023.104889</identifier><language>eng</language><publisher>Elsevier B.V</publisher><subject>Firmware ; RISCV ; Security</subject><ispartof>Microprocessors and microsystems, 2023-09, Vol.101, p.104889, Article 104889</ispartof><rights>2023</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><orcidid>0000-0002-3554-0061</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,776,780,27903,27904</link.rule.ids></links><search><creatorcontrib>Loo, Tung Lun</creatorcontrib><creatorcontrib>Ishak, Mohamad Khairi</creatorcontrib><creatorcontrib>Ammar, Khalid</creatorcontrib><title>Design and implementation of secure boot architecture on RISC-V using FPGA</title><title>Microprocessors and microsystems</title><description>There are many well-known open-source bootloaders solutions available today such as UEFI/BIOS, Coreboot and Uboot. Recently, RISC-V as an open-source Instruction Set Architecture, has gained a lot of attention in new embedded products creation and academic research purpose. In this study, RISC-V Instruction Set Architecture boot flow and boot solutions are studied, simulated, experimented, and summarized. Security feature is implemented in firmware and measured against non-secured firmware to compare boot performance without security inclusion. A new proposed method to create a security block in Register Transfer Level to generate Secure Hash Algorithms 5 digest is implemented using Field Programmable Gate Array. The performance of this method is analyzed with the numbers of logic gate required and the execution time in software versus hardware. As a result of this study, it is observed that in simulated environment, secured firmware incurred 3.3 Megabytes of additional binary size and 747 ms (35%) additional boot time compared to non-secured firmware. A hardware implementation is proposed in Field Programmable Gate Array (FPGA) to reduce the need for a larger size firmware and longer boot time to implement security. The results of this implementation indicate a requirement of 32,048 gates to implement a SHA512 IP that reduce software execution time by 1132%.</description><subject>Firmware</subject><subject>RISCV</subject><subject>Security</subject><issn>0141-9331</issn><issn>1872-9436</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><recordid>eNp9kNtKAzEQhoMoWKtv4EVeYGtOTbI3Qqm2VgqKp9uQTWZrSndTkq3Qt3fLeu3VwD98PzMfQreUTCih8m47aYLbpzhhhPE-ElqXZ2hEtWJFKbg8RyNCBS1Kzuklusp5SwiZEslG6PkBcti02LYeh2a_gwbaznYhtjjWOIM7JMBVjB22yX2HDlx3Svr12-p9XnzhQw7tBi9el7NrdFHbXYabvzlGn4vHj_lTsX5ZruazdeHYdNoVXkkKVsiqJEpJIbRjnteyktpLq3itSpBUaKaVt5UUHErCnWXegVR1T_AxEkOvSzHnBLXZp9DYdDSUmJMPszWDD3PyYQYfPXY_YNDf9hMgmewCtA58SP1Xxsfwf8EvBp1qRQ</recordid><startdate>202309</startdate><enddate>202309</enddate><creator>Loo, Tung Lun</creator><creator>Ishak, Mohamad Khairi</creator><creator>Ammar, Khalid</creator><general>Elsevier B.V</general><scope>AAYXX</scope><scope>CITATION</scope><orcidid>https://orcid.org/0000-0002-3554-0061</orcidid></search><sort><creationdate>202309</creationdate><title>Design and implementation of secure boot architecture on RISC-V using FPGA</title><author>Loo, Tung Lun ; Ishak, Mohamad Khairi ; Ammar, Khalid</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c255t-d761ea46b90776448c2d3f6b68d6a73f79e6148287dab643e903ca2dce67f7763</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Firmware</topic><topic>RISCV</topic><topic>Security</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Loo, Tung Lun</creatorcontrib><creatorcontrib>Ishak, Mohamad Khairi</creatorcontrib><creatorcontrib>Ammar, Khalid</creatorcontrib><collection>CrossRef</collection><jtitle>Microprocessors and microsystems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Loo, Tung Lun</au><au>Ishak, Mohamad Khairi</au><au>Ammar, Khalid</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Design and implementation of secure boot architecture on RISC-V using FPGA</atitle><jtitle>Microprocessors and microsystems</jtitle><date>2023-09</date><risdate>2023</risdate><volume>101</volume><spage>104889</spage><pages>104889-</pages><artnum>104889</artnum><issn>0141-9331</issn><eissn>1872-9436</eissn><abstract>There are many well-known open-source bootloaders solutions available today such as UEFI/BIOS, Coreboot and Uboot. Recently, RISC-V as an open-source Instruction Set Architecture, has gained a lot of attention in new embedded products creation and academic research purpose. In this study, RISC-V Instruction Set Architecture boot flow and boot solutions are studied, simulated, experimented, and summarized. Security feature is implemented in firmware and measured against non-secured firmware to compare boot performance without security inclusion. A new proposed method to create a security block in Register Transfer Level to generate Secure Hash Algorithms 5 digest is implemented using Field Programmable Gate Array. The performance of this method is analyzed with the numbers of logic gate required and the execution time in software versus hardware. As a result of this study, it is observed that in simulated environment, secured firmware incurred 3.3 Megabytes of additional binary size and 747 ms (35%) additional boot time compared to non-secured firmware. A hardware implementation is proposed in Field Programmable Gate Array (FPGA) to reduce the need for a larger size firmware and longer boot time to implement security. The results of this implementation indicate a requirement of 32,048 gates to implement a SHA512 IP that reduce software execution time by 1132%.</abstract><pub>Elsevier B.V</pub><doi>10.1016/j.micpro.2023.104889</doi><orcidid>https://orcid.org/0000-0002-3554-0061</orcidid></addata></record> |
fulltext | fulltext |
identifier | ISSN: 0141-9331 |
ispartof | Microprocessors and microsystems, 2023-09, Vol.101, p.104889, Article 104889 |
issn | 0141-9331 1872-9436 |
language | eng |
recordid | cdi_crossref_primary_10_1016_j_micpro_2023_104889 |
source | ScienceDirect Freedom Collection |
subjects | Firmware RISCV Security |
title | Design and implementation of secure boot architecture on RISC-V using FPGA |
url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-27T22%3A46%3A10IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-elsevier_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Design%20and%20implementation%20of%20secure%20boot%20architecture%20on%20RISC-V%20using%20FPGA&rft.jtitle=Microprocessors%20and%20microsystems&rft.au=Loo,%20Tung%20Lun&rft.date=2023-09&rft.volume=101&rft.spage=104889&rft.pages=104889-&rft.artnum=104889&rft.issn=0141-9331&rft.eissn=1872-9436&rft_id=info:doi/10.1016/j.micpro.2023.104889&rft_dat=%3Celsevier_cross%3ES0141933123001321%3C/elsevier_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c255t-d761ea46b90776448c2d3f6b68d6a73f79e6148287dab643e903ca2dce67f7763%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |