A Zero Trust-Based Framework Employing Blockchain Technology and Ring Oscillator Physical Unclonable Functions for Security of Field Programmable Gate Array Supply Chain

Abstract

Read online

The field programmable gate array (FPGA) supply chain is vulnerable to security issues from untrusted participants involved, resulting in the significant research being conducted in this domain. These challenges include, but are not limited to intellectual property theft, counterfeiting, bitstream tampering, etc. Such FPGAs are not reliable and can lead to significant security threats to users. To combat the distrust in the FPGA supply chain and secure its integrity, we propose a zero trust framework to secure the FPGA supply chain by leveraging blockchain and ring oscillator physical unclonable functions (ROPUFs). The policies for architecture draw inspiration from zero trust tenets outlined by the National Institute of Standards and Technology. To evaluate the successful implementation of the proposed technique, a case study of FPGA supply chain is presented. For this case study, a typical FPGA supply chain is considered which includes all the participants. This scenario is successfully simulated on the Ganache framework provided by Truffle suite. The experiment is performed on Artix 7 Xilinx FPGAs mounted on Nexys 4 Digilent boards. Finally, each tenet of the implemented zero trust architecture is evaluated by discussing an attack scenario, thus demonstrating the efficiency of the proposed zero trust framework to mitigate potential security risks. To the best of our knowledge, the work presented in this paper is the first to include zero trust principles for protecting the FPGA supply chain using blockchain and hardware oriented security.

Keywords

• Blockchain technology
• field programmable gate arrays
• hardware security
• ring oscillator physical unclonable functions
• zero trust architecture