Loading…

Design and implementation of secure boot architecture on RISC-V using FPGA

There are many well-known open-source bootloaders solutions available today such as UEFI/BIOS, Coreboot and Uboot. Recently, RISC-V as an open-source Instruction Set Architecture, has gained a lot of attention in new embedded products creation and academic research purpose. In this study, RISC-V Ins...

Full description

Saved in:
Bibliographic Details
Published in:Microprocessors and microsystems 2023-09, Vol.101, p.104889, Article 104889
Main Authors: Loo, Tung Lun, Ishak, Mohamad Khairi, Ammar, Khalid
Format: Article
Language:English
Subjects:
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page
container_issue
container_start_page 104889
container_title Microprocessors and microsystems
container_volume 101
creator Loo, Tung Lun
Ishak, Mohamad Khairi
Ammar, Khalid
description There are many well-known open-source bootloaders solutions available today such as UEFI/BIOS, Coreboot and Uboot. Recently, RISC-V as an open-source Instruction Set Architecture, has gained a lot of attention in new embedded products creation and academic research purpose. In this study, RISC-V Instruction Set Architecture boot flow and boot solutions are studied, simulated, experimented, and summarized. Security feature is implemented in firmware and measured against non-secured firmware to compare boot performance without security inclusion. A new proposed method to create a security block in Register Transfer Level to generate Secure Hash Algorithms 5 digest is implemented using Field Programmable Gate Array. The performance of this method is analyzed with the numbers of logic gate required and the execution time in software versus hardware. As a result of this study, it is observed that in simulated environment, secured firmware incurred 3.3 Megabytes of additional binary size and 747 ms (35%) additional boot time compared to non-secured firmware. A hardware implementation is proposed in Field Programmable Gate Array (FPGA) to reduce the need for a larger size firmware and longer boot time to implement security. The results of this implementation indicate a requirement of 32,048 gates to implement a SHA512 IP that reduce software execution time by 1132%.
doi_str_mv 10.1016/j.micpro.2023.104889
format article
fullrecord <record><control><sourceid>elsevier_cross</sourceid><recordid>TN_cdi_crossref_primary_10_1016_j_micpro_2023_104889</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><els_id>S0141933123001321</els_id><sourcerecordid>S0141933123001321</sourcerecordid><originalsourceid>FETCH-LOGICAL-c255t-d761ea46b90776448c2d3f6b68d6a73f79e6148287dab643e903ca2dce67f7763</originalsourceid><addsrcrecordid>eNp9kNtKAzEQhoMoWKtv4EVeYGtOTbI3Qqm2VgqKp9uQTWZrSndTkq3Qt3fLeu3VwD98PzMfQreUTCih8m47aYLbpzhhhPE-ElqXZ2hEtWJFKbg8RyNCBS1Kzuklusp5SwiZEslG6PkBcti02LYeh2a_gwbaznYhtjjWOIM7JMBVjB22yX2HDlx3Svr12-p9XnzhQw7tBi9el7NrdFHbXYabvzlGn4vHj_lTsX5ZruazdeHYdNoVXkkKVsiqJEpJIbRjnteyktpLq3itSpBUaKaVt5UUHErCnWXegVR1T_AxEkOvSzHnBLXZp9DYdDSUmJMPszWDD3PyYQYfPXY_YNDf9hMgmewCtA58SP1Xxsfwf8EvBp1qRQ</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Design and implementation of secure boot architecture on RISC-V using FPGA</title><source>ScienceDirect Freedom Collection</source><creator>Loo, Tung Lun ; Ishak, Mohamad Khairi ; Ammar, Khalid</creator><creatorcontrib>Loo, Tung Lun ; Ishak, Mohamad Khairi ; Ammar, Khalid</creatorcontrib><description>There are many well-known open-source bootloaders solutions available today such as UEFI/BIOS, Coreboot and Uboot. Recently, RISC-V as an open-source Instruction Set Architecture, has gained a lot of attention in new embedded products creation and academic research purpose. In this study, RISC-V Instruction Set Architecture boot flow and boot solutions are studied, simulated, experimented, and summarized. Security feature is implemented in firmware and measured against non-secured firmware to compare boot performance without security inclusion. A new proposed method to create a security block in Register Transfer Level to generate Secure Hash Algorithms 5 digest is implemented using Field Programmable Gate Array. The performance of this method is analyzed with the numbers of logic gate required and the execution time in software versus hardware. As a result of this study, it is observed that in simulated environment, secured firmware incurred 3.3 Megabytes of additional binary size and 747 ms (35%) additional boot time compared to non-secured firmware. A hardware implementation is proposed in Field Programmable Gate Array (FPGA) to reduce the need for a larger size firmware and longer boot time to implement security. The results of this implementation indicate a requirement of 32,048 gates to implement a SHA512 IP that reduce software execution time by 1132%.</description><identifier>ISSN: 0141-9331</identifier><identifier>EISSN: 1872-9436</identifier><identifier>DOI: 10.1016/j.micpro.2023.104889</identifier><language>eng</language><publisher>Elsevier B.V</publisher><subject>Firmware ; RISCV ; Security</subject><ispartof>Microprocessors and microsystems, 2023-09, Vol.101, p.104889, Article 104889</ispartof><rights>2023</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><orcidid>0000-0002-3554-0061</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,776,780,27903,27904</link.rule.ids></links><search><creatorcontrib>Loo, Tung Lun</creatorcontrib><creatorcontrib>Ishak, Mohamad Khairi</creatorcontrib><creatorcontrib>Ammar, Khalid</creatorcontrib><title>Design and implementation of secure boot architecture on RISC-V using FPGA</title><title>Microprocessors and microsystems</title><description>There are many well-known open-source bootloaders solutions available today such as UEFI/BIOS, Coreboot and Uboot. Recently, RISC-V as an open-source Instruction Set Architecture, has gained a lot of attention in new embedded products creation and academic research purpose. In this study, RISC-V Instruction Set Architecture boot flow and boot solutions are studied, simulated, experimented, and summarized. Security feature is implemented in firmware and measured against non-secured firmware to compare boot performance without security inclusion. A new proposed method to create a security block in Register Transfer Level to generate Secure Hash Algorithms 5 digest is implemented using Field Programmable Gate Array. The performance of this method is analyzed with the numbers of logic gate required and the execution time in software versus hardware. As a result of this study, it is observed that in simulated environment, secured firmware incurred 3.3 Megabytes of additional binary size and 747 ms (35%) additional boot time compared to non-secured firmware. A hardware implementation is proposed in Field Programmable Gate Array (FPGA) to reduce the need for a larger size firmware and longer boot time to implement security. The results of this implementation indicate a requirement of 32,048 gates to implement a SHA512 IP that reduce software execution time by 1132%.</description><subject>Firmware</subject><subject>RISCV</subject><subject>Security</subject><issn>0141-9331</issn><issn>1872-9436</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><recordid>eNp9kNtKAzEQhoMoWKtv4EVeYGtOTbI3Qqm2VgqKp9uQTWZrSndTkq3Qt3fLeu3VwD98PzMfQreUTCih8m47aYLbpzhhhPE-ElqXZ2hEtWJFKbg8RyNCBS1Kzuklusp5SwiZEslG6PkBcti02LYeh2a_gwbaznYhtjjWOIM7JMBVjB22yX2HDlx3Svr12-p9XnzhQw7tBi9el7NrdFHbXYabvzlGn4vHj_lTsX5ZruazdeHYdNoVXkkKVsiqJEpJIbRjnteyktpLq3itSpBUaKaVt5UUHErCnWXegVR1T_AxEkOvSzHnBLXZp9DYdDSUmJMPszWDD3PyYQYfPXY_YNDf9hMgmewCtA58SP1Xxsfwf8EvBp1qRQ</recordid><startdate>202309</startdate><enddate>202309</enddate><creator>Loo, Tung Lun</creator><creator>Ishak, Mohamad Khairi</creator><creator>Ammar, Khalid</creator><general>Elsevier B.V</general><scope>AAYXX</scope><scope>CITATION</scope><orcidid>https://orcid.org/0000-0002-3554-0061</orcidid></search><sort><creationdate>202309</creationdate><title>Design and implementation of secure boot architecture on RISC-V using FPGA</title><author>Loo, Tung Lun ; Ishak, Mohamad Khairi ; Ammar, Khalid</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c255t-d761ea46b90776448c2d3f6b68d6a73f79e6148287dab643e903ca2dce67f7763</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Firmware</topic><topic>RISCV</topic><topic>Security</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Loo, Tung Lun</creatorcontrib><creatorcontrib>Ishak, Mohamad Khairi</creatorcontrib><creatorcontrib>Ammar, Khalid</creatorcontrib><collection>CrossRef</collection><jtitle>Microprocessors and microsystems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Loo, Tung Lun</au><au>Ishak, Mohamad Khairi</au><au>Ammar, Khalid</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Design and implementation of secure boot architecture on RISC-V using FPGA</atitle><jtitle>Microprocessors and microsystems</jtitle><date>2023-09</date><risdate>2023</risdate><volume>101</volume><spage>104889</spage><pages>104889-</pages><artnum>104889</artnum><issn>0141-9331</issn><eissn>1872-9436</eissn><abstract>There are many well-known open-source bootloaders solutions available today such as UEFI/BIOS, Coreboot and Uboot. Recently, RISC-V as an open-source Instruction Set Architecture, has gained a lot of attention in new embedded products creation and academic research purpose. In this study, RISC-V Instruction Set Architecture boot flow and boot solutions are studied, simulated, experimented, and summarized. Security feature is implemented in firmware and measured against non-secured firmware to compare boot performance without security inclusion. A new proposed method to create a security block in Register Transfer Level to generate Secure Hash Algorithms 5 digest is implemented using Field Programmable Gate Array. The performance of this method is analyzed with the numbers of logic gate required and the execution time in software versus hardware. As a result of this study, it is observed that in simulated environment, secured firmware incurred 3.3 Megabytes of additional binary size and 747 ms (35%) additional boot time compared to non-secured firmware. A hardware implementation is proposed in Field Programmable Gate Array (FPGA) to reduce the need for a larger size firmware and longer boot time to implement security. The results of this implementation indicate a requirement of 32,048 gates to implement a SHA512 IP that reduce software execution time by 1132%.</abstract><pub>Elsevier B.V</pub><doi>10.1016/j.micpro.2023.104889</doi><orcidid>https://orcid.org/0000-0002-3554-0061</orcidid></addata></record>
fulltext fulltext
identifier ISSN: 0141-9331
ispartof Microprocessors and microsystems, 2023-09, Vol.101, p.104889, Article 104889
issn 0141-9331
1872-9436
language eng
recordid cdi_crossref_primary_10_1016_j_micpro_2023_104889
source ScienceDirect Freedom Collection
subjects Firmware
RISCV
Security
title Design and implementation of secure boot architecture on RISC-V using FPGA
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-27T22%3A46%3A10IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-elsevier_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Design%20and%20implementation%20of%20secure%20boot%20architecture%20on%20RISC-V%20using%20FPGA&rft.jtitle=Microprocessors%20and%20microsystems&rft.au=Loo,%20Tung%20Lun&rft.date=2023-09&rft.volume=101&rft.spage=104889&rft.pages=104889-&rft.artnum=104889&rft.issn=0141-9331&rft.eissn=1872-9436&rft_id=info:doi/10.1016/j.micpro.2023.104889&rft_dat=%3Celsevier_cross%3ES0141933123001321%3C/elsevier_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c255t-d761ea46b90776448c2d3f6b68d6a73f79e6148287dab643e903ca2dce67f7763%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true