“An open source USB bootloader for FPGAs”
Nice article by Sysdream on using PCIleech to attack Windows DMA.
PCILeech FPGA contains software and HDL code for FPGA based devices that may be used together with the PCILeech Direct Memory Access (DMA) Attack Toolkit. Using FPGA based devices have many advantages over using the USB3380 hardware that have traditionally been supported by PCILeech. FPGA based hardware provides full access to 64-bit memory space without having to rely on a kernel module running on the target system. FPGA based devices are also more stable compared to the USB3380. FPGA based devices may also send raw PCIe Transaction Layer Packets TLPs – allowing for more specialized research.
Dynamic FPGA Detection and Protection of Hardware Trojan: A Comparative Analysis
Amr Alanwar, Mona A. Aboelnaga, Yousra Alkabani, M. Watheq El-Kharashi, Hassan Bedour
(Submitted on 3 Nov 2017)
Hardware Trojan detection and protection is becoming more crucial as more untrusted third parties manufacture many parts of critical systems nowadays. The most common way to detect hardware Trojans is comparing the untrusted design with a golden (trusted) one. However, third-party intellectual properties (IPs) are black boxes with no golden IPs to trust. So, previous attempts to detect hardware Trojans will not work with third-party IPs. In this work, we present novel methods for Trojan protection and detection on field programmable gate arrays (FPGAs) without the need for golden chips. Presented methods work at runtime instead of test time. We provide a wide spectrum of Trojan detection and protection methods. While the simplest methods have low overhead and provide limited protection mechanisms, more sophisticated and costly techniques are introduced that can detect hardware Trojans and even clean up the system from infected IPs. Moreover, we study the cost of using the FPGA partial reconfiguration feature to get rid of infected IPs. In addition, we discuss the possibility to construct IP core certificate authority that maintains a centralized database of unsafe vendors and IPs. We show the practicality of the introduced schemes by implementing the different methodologies on FPGAs. Results show that simple methods present negligible overheads and as we try to increase security the delay and power overheads increase.
Follow Arrigo on Twitter, for many more posts to related academic documents, a great resource.
PCILeech FPGA contains software and HDL code for FPGA based devices that may be used together with the PCILeech Direct Memory Access (DMA) Attack Toolkit. Using FPGA based devices have many advantages over using the USB3380 hardware that have traditionally been supported by PCILeech. FPGA based hardware provides full access to 64-bit memory space without having to rely on a kernel module running on the target system. FPGA based devices are also more stable compared to the USB3380. FPGA based devices may also send raw PCIe Transaction Layer Packets TLPs – allowing for more specialized research. For information about PCILeech itself please check out the PCILeech project.
Andrew Back announced the CfP for “Open Source Hardware Camp 2017”, taking place in September in the U.K. Note also ChipHack and ORConf! I wish O’Reilly’s Maker Faire would merge with this group, so that these OSH camps were worldwide, not just in the UK…
This year Open Source Hardware Camp will take place over the weekend of Saturday 2nd & Sunday 3rd September, hosted as part of the Wuthering Bytes festival in Hebden Bridge, which in 2017 will take place over the course of 10 days (again!). We will be returning to the Birchcliffe Centre in Hebden Bridge, which benefits from the convenience of adjoining, budget accommodation. Proposals for talks and workshops for OSHCamp 2017 are invited! That the deadline for submitting titles and abstracts is Monday 1st May. There is no theme and topics may include, for example: Open source hardware projects, Open development practices and principles, Novel/interesting/fun projects built using open source hardware, Tools (hardware and software), Skills and techniques, e.g. PCB fab, DIY SMT assembly, Relevant technologies, e.g. SPI/I2C bus programming, …something else relevant to the community. Other events running as part of Wuthering Bytes 2017 and which may be of interest:
* Fri 1st: Wuthering Bytes Festival Day, http://wutheringbytes.com/
* Wed 6th & Thurs 7th: Chip Hack, http://chiphack.org/
* Thurs 7th PM & Fri 8th AM: EDSAC Challenge
* Fri 8th AM – Sunday 10th PM: GNU ORConf, http://orconf.org/
“Project IceStorm aims at reverse engineering and documenting the bitstream format of Lattice iCE40 FPGAs and providing simple tools for analyzing and creating bitstream files. The IceStorm flow (Yosys, Arachne-pnr, and IceStorm) is a fully open source Verilog-to-Bitstream flow for iCE40 FPGAs. “
A new USB-firmware-based open hardware product is being funded on CrowdSupply: Numato Lab’s Opsis, an FPGA-based HDMI2USB video capture device:
The Opsis was designed to run the HDMI2USB firmware developed by the TimVideos.us project. This firmware makes it easy to build automated conference/event recording systems. The HDMI2USB.tv firmware emulates a standard UVC webcam, allowing any video software, such as Skype, Google Hangouts, or WebRTC, to then send it to an online audience.