PhD graduated
Team : SYEL
Departure date : 01/10/2024

Supervision : Andrea PINNA

Co-supervision : PILLEMENT SĂ©bastien

Automatic Interpretation of Bitstream and Malicious Circuit Detection by Artificial Intelligence for FPGA Security

FPGAs (Field-Programmable Gate Arrays) have considerably expanded their use in a wide range of applications (aerospace, security, defence, telecommunications, etc.). Thanks to their increased logic capacity and performance, they are now being integrated into computing systems such as data centers, to accelerate computationally intensive applications. However, the security implications of their integration, and of resource sharing between multiple users, are numerous and challenging. Side channels, fault injection and covert channel attacks can be designed and implemented by malicious users. Most attacks are achieved by implementing circuits based on ring oscillators (ROs). These oscillators are undetectable by conventional analysis tools such as design rule checking. Furthermore, current design tools do not offer Bitstream analysis modules to detect these attacks before they are loaded into the FPGA. To overcome these attacks, the state of the art proposes, on the one hand, reverse engineering, which has the limitation of revealing the user's intellectual property; and on the other hand, the classification of malicious Bitstreams using machine learning methods. The latter's limitations include the impossibility of extracting RO patterns, as well as finding their location in the Bitstream.
This thesis focuses on the detection of ROs from a Bitstream without first reverse engineering it. The aim of the study is to represent the patterns of ring oscillators, enabling them to be recognized and located in a Bitstream. To this end, two main methods are proposed:

  • Semantic interpretation and modeling of the Bitstream in the form of an image are proposed, followed by the detection of ROs based on the template matching method;
  • A neural network-based detection where a labeled database for the detection of ROs is proposed. Followed by a binary classification of malicious patterns characterizing these oscillators using two inference models based on a multilayer perceptron (MLP) architecture.
Evaluation using VTR (Verilog-To-Routing) and OpenFPGA design tools, and targeting the Stratix-IV-like FPGA, demonstrates the effectiveness of the proposed security solutions.

Defence : 01/10/2024

Jury members :

Loïc Lagadec, ENSTA-Bretagne [Rapporteur]
Virginie Fresse, Université Jean-Monnet Saint-Étienne [Rapporteur]
Fan Yang, Université de Bourgogne
Kevin Martin, Université de Bretagne Sud
Elena-Ioana Vatajelu, Université de Grenoble-Alpes
Andrea Pinna, Sorbonne Université
Sébastien Pillement, Nantes Université

Departure date : 01/10/2024

2022-2024 Publications

Mentions légales
Site map