ENERGY-EFFICIENT AND SECURE RECONFIGURABLE COMPUTING ARCHITECTURE By ROBERT KARAM A DISSERTATION PRESENTED TO THE GRADUATE SCHOOL OF THE UNIVERSITY OF FLORIDA IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF DOCTOR OF PHILOSOPHY UNIVERSITY OF FLORIDA 2017 © 2017 Robert Karam To my parents, Hani and Diana, my sister, Christina, and my wife and best friend, Ran ACKNOWLEDGMENTS I would like to express the deepest appreciation for my advisor and committee chair, Dr. Swarup Bhunia. Without his advice, expertise, and understanding, this work would not be where it is today. I would like to acknowledge my committee members, Dr. Mark Tehranipoor, Dr. Greg Stitt, and Dr. Kevin Butler, for their expertise, comments, and suggestions during this process. I would like to recognize the Department of Electrical and Computer Engineering at the University of Florida, and the students and staff of the Florida Institute of Cyber Security (FICS) lab, many of whom are close friends and collaborators. I would also like to thank friends and family, who have always been there for me, ready to help with anything, to celebrate the wins, and offer support when things were not so great. Finally, a very special and personal thank you to my wife and best friend, Ran. Despite all the things that have changed these past few years, your support and motivation have never wavered. 4 TABLE OF CONTENTS page ACKNOWLEDGMENTS .................................. 4 LIST OF TABLES ..................................... 6 LIST OF FIGURES ..................................... 7 ABSTRACT ......................................... 8 CHAPTER 1 INTRODUCTION ................................... 10 2 BACKGROUND AND MOTIVATION ........................ 13 2.1 Efficient Reconfigurable Computing ...................... 13 2.1.1 Hardware Architecture ......................... 14 2.1.2 MAHA Software Architecture ...................... 16 2.1.3 Comparison to FPGA .......................... 16 2.2 Security Concerns for Reconfigurable Architectures ............ 17 3 FPGA BITSTREAM SECURITY FOR MODERN DEVICES ........... 20 3.1 Background ................................... 20 3.2 FPGA Bitstream Security Issues ....................... 24 3.3 FPGA Dark Silicon ............................... 25 3.4 Bitstream Protection Methodology ...................... 28 3.4.1 Design Obfuscation ........................... 29 3.4.2 Key Generation ............................. 30 3.4.3 Initial Design Mapping ......................... 30 3.4.4 Security-Aware Mapping ........................ 32 3.4.5 Communication Protocol and Usage Model ............. 34 3.5 Overhead and Security Analysis ....................... 35 3.5.1 Experimental Setup ........................... 35 3.5.2 Overhead Analysis ........................... 36 3.5.3 Security Analysis ............................ 39 3.5.3.1 Brute force attack ...................... 39 3.5.3.2 Known design and bitstream tampering attacks ...... 40 3.6 Summary .................................... 41 4 SECURITY FOR NEXT-GENERATION FPGA DEVICES ............. 43 4.1 Background ................................... 43 4.2 FPGA Hardware Security ........................... 46 4.2.1 Mutable FPGA Architecture ...................... 47 4.2.1.1 Physical layer ........................ 48 5 4.2.1.2 Logical layer ......................... 49 4.2.2 Secure FPGA Mapper ......................... 50 4.2.3 Correctness of Mapped Design .................... 52 4.3 Results ..................................... 53 4.3.1 Security Analysis ............................ 53 4.3.1.1 Brute force attacks ...................... 53 4.3.1.2 Known design attack and bitstream tampering ...... 54 4.3.1.3 Side channel attack (SCA) ................. 54 4.3.1.4 Destructive reverse engineering (DRE) .......... 55 4.3.2 Secure Mapping Results ........................ 55 4.4 Cost Analysis Based on a Case Study .................... 56 4.5 Summary .................................... 57 5 ARCHITECTURAL DIVERSITY FOR MICROPROCESSOR SECURITY .... 59 5.1 Background ................................... 59 5.2 Motivation for IoT Device Security ...................... 63 5.2.1 Related Work .............................. 63 5.2.2 Attack Vectors in IoT .......................... 65 5.2.2.1 Firmware reverse engineering ............... 65 5.2.2.2 Targeted malicious modification .............. 66 5.2.2.3 Malware propagation .................... 66 5.3 Security through Diversity ........................... 67 5.3.1 Keyed Permutation Networks ..................... 67 5.3.2 Mixed-Granular Permutations ..................... 68 5.3.2.1 Instruction encoding ..................... 69 5.3.2.2 Dependent instruction reordering .............. 71 5.3.3 Wireless Reconfiguration ........................ 72 5.4 Results and Discussion ............................ 73 5.4.1 Overhead Analysis ........................... 73 5.4.2 Security Analysis ............................ 74 5.4.2.1 Brute force .......................... 75 5.4.2.2 Known design and side channel attacks .......... 77 5.4.3 Relationship to encryption ....................... 78 5.5 Summary .................................... 79 6 RECONFIGURABLE ACCELERATOR FOR GENERAL ANALYTICS APPLI- CATIONS ....................................... 81 6.1 Background ................................... 81 6.2 Requirements of Big Data Analytics Systems ................ 84 6.2.1 Overview of Big Data Analytics .................... 84 6.2.2 Analytics Applications ......................... 86 6.2.2.1 Operations .......................... 86 6.2.2.2 Communication ....................... 87 6.2.3 Disk-to-Accelerator Compression ................... 88 6 6.3 In-Memory Analytics Acceleration ....................... 90 6.3.1 System Organization .......................... 90 6.3.2 Accelerator Hardware Architecture .................. 91 6.3.2.1 Processing element architecture .............. 91 6.3.2.2 Interconnect architecture .................. 91 6.3.3 Application Mapping .......................... 94 6.3.4 Parallelism and Execution Models ................... 94 6.3.5 System-level Memory Management .................. 96 6.4 Methods ..................................... 97 6.4.1 Experimental Setup ........................... 97 6.4.2 Functional Verification ......................... 99 6.4.3 Analytics Kernels ............................ 100 6.4.3.1 Classification ......................... 100 6.4.3.2 Neural network ........................ 101 6.4.3.3 Clustering ........................... 101 6.4.4 Dataset Compression .......................... 102 6.5 Results ..................................... 103 6.5.1 Throughput ............................... 103 6.5.2 Energy Efficiency ............................ 106 6.6 Discussion ................................... 107 6.6.1 Performance and Parallelism ..................... 107 6.6.2 Scalability ................................ 107 6.6.3 Transfer Energy and Latency ..................... 109 6.6.4 Memory-Centric Processing ...................... 110 6.6.5 Analytics and Machine Learning .................... 110 6.7 Related Work .................................. 111 6.7.1 FPGA Analytics ............................. 111 6.7.2 GPGPU Analytics ............................ 112 6.8 Summary .................................... 112 7 RECONFIGURABLE ACCELERATOR FOR TEXT MINING APPLICATIONS . 114 7.1 Background ................................... 114 7.2 Related Work .................................. 117 7.2.1 Existing Work .............................. 118 7.2.1.1 Interfaces and retrofitting .................. 119 7.2.1.2 Distance to the data ..................... 119 7.2.1.3 Flexibility overhead ..................... 119 7.2.2 Application Survey ........................... 120 7.3 Hardware and Software Framework ..................... 121 7.3.1 Processing Elements and Functional Units .............. 121 7.3.1.1 Term frequency counting .................. 122 7.3.1.2 Classification ......................... 124 7.3.2 Interconnect Network .......................... 125 7.3.3 Control and Data Engines ....................... 125 7 7.3.4 Application Mapping .......................... 127 7.3.5 System Architecture .......................... 128 7.4 Lucene: A Case Study ............................. 128 7.4.1 Lucene Optimizations .......................... 128 7.4.2 Lucene Indexing Profile ........................ 129 7.5 Results ..................................... 131 7.5.1 Emulation Platform ........................... 131 7.5.2 Experimental Setup ........................... 132 7.5.3 Indexing Acceleration .......................... 134 7.5.3.1 Downcasting and tokenizing ................ 134 7.5.3.2 Frequency counting ..................... 135 7.5.3.3 Classification ......................... 136 7.5.4 Lucene Indexing Acceleration ..................... 136 7.5.5 Iso-Area Comparison .......................... 137 7.6 Discussion ................................... 137 7.6.1 Benchmark Performance ........................ 137 7.6.2 Memory-Centric Architecture ...................... 139 7.6.3 In-Memory Computing ......................... 139 7.6.4 Extensions to Other Languages .................... 141 7.6.5 Application Scope ............................ 142 7.7 Summary .................................... 142 8 SECURE RECONFIGURABLE COMPUTING ARCHITECTURE ........ 147 8.1 Combining Diversity Techniques for MAHA ................. 147 8.2 Implementation Details ............................. 149 8.3 Security Analysis ................................ 151 8.3.1