Compositional method of FPGA program code integrity monitoring based on the usage of digital watermarks
DOI:
https://doi.org/10.15276/aait.02.2019.5Keywords:
integrity monitoring of the program code, programmable hardware components, FPGA, LUT-oriented architecture, monitoring hash sum, digital watermark, steganographic approach to integrity monitoringAbstract
The paper considers a problem of provision of the programmable component integrity of computer systems. First the basic stages of the programmable components life cycle are presented. The authors note that the program code modification gives the opportunity to maliciously violate its (program code) integrity. The traditional methods of integrity modification are based on the usage of monitoring hash sums. However the main disadvantage of the traditional methods is that they are not able to hide the fact of integrity monitoring execution itself. This fact cannot be hidden and becomes obvious. Even under the conditions of extra encrypting of monitoring hash sum the very existence of it demonstrates that the integrity monitoring is carried out. The paper presents a class of methods which offer the hash sum embedding into program code in the form of digital watermark. This class of methods is considered with reference to monitoring the chip FPGA (Field Programmable Gate Array) program code integrity. For embedding the features of LUT-oriented FPGA architecture are used. The monitoring digital watermark embedding is performed due to the usage of equivalent program codes conversions in a set of LUT-units included in FPGA. The peculiarities of the digital watermark embedding are as follows – such kind of embedding does not change the program code size and does not modify the chip FPGA operation. As a result of embedding it is impossible to distinguish the monitoring hash sum in the program code in an evident way. The extraction of digital watermark including hash sum can be carried out only in the presence of special steganographic key, which sets the rules of watermark location in the FPGA program code space. In the given paper a compositional method of embedding the monitoring digital watermark into the FPGA program code is offered. The method combines the features of ones providing the recovery of initial program code state and the ones (methods), which implement the embedding on the basis of syndrome decoding. The proposed method incorporates the useful features of two classes of methods mentioned above and serves to reduce the amount of equivalent conversions applied to the program code in the course of the digital watermark embedding. This demonstrates the advantage of the proposed method as compared to the base ones of the digital watermark embedding in the FPGA program code. The description and results of experimental research of the proposed method are also presented.