Paper title Implementing Memory Protection Primitives on Reconfigurable Hardware Summary of the paper With increasing use of FPGAs in various domains and with even more increasing concern about security in military-related usage of FPGAs, protection primitives for reconfigurable hardware is taking a priority. The paper tries to evaluate some proposed protection primitives and aid design realistic security policy enforcements by implementing multiple cores on a single FPGA. Strengths of the paper The problem is very well motivated and the paper tries to evaluate a very important and challenging security problem in the reconfigurable hardware domain. The experimental methodology is good and stresses on real implementation. A comprehensive view of the related work helps put things in perspective. Weakness The paper is well written in certain sections, but when it comes to section 3, the flow breaks. While figure 1 and 4 are referenced in the text, I had no text explaining what figure 2 and 3 do. I felt a disconnect inbetween sections 2 and 3. I understand the motivation, I understand the problems that exist in this domain of reconfigurable computing, but the authors haven't made clear in the paper, what part of the problem set are they solving in this paper. However, that said, since I know a little more about this project than is in the paper, I could understand the intention, though I would like to read a little more about the specific problem that is being solved. One thing that I felt is lacking in this paper is a section which justifies the choice for the system architecture and evaluation parameters (performance, latency, power, time, or efficiency of security policy enforcements?). A clear definition of what the paper intends to evaluate is missing. Writing quality I would rate the writing quality of the paper a 3 out of 5. (I would have liked to see it more cohesive, with all figures and approaches explained with may be a paragraph or two more) Some Comments/Questions 1. I do not understand what it means when the authors say in Section 3.1 - "... we have designed software to communicate over TCP with the processor.." - What is the data flow path in this context? 2. In section 3.2 - what is "low latency and overhead"? Do you have any performance numbers? Some benchmark evaluations? May be this is not necessary for this course
project, but I think it would make the reader a little more comfortable if you atleast spoke about the bigger picture. 3. Future work in section 3.3 seemed a little vague to me, "...ensuring that the reference monitor and security policy perform as intended...". It may be better to define what these intensions are. 4. Why is Figure 2 and Figure 3 in the paper? May be your forgot to write about them? 5. This is a minor point - Security policy section-4 may be better understood by writing something about the rules and using a smaller example to illustrate, rather than letting the reader guess what it means from a huge set of rules. 6. Overall, it is a great project, and I think it is just a matter of explaining some key ideas to smoothen the flow of the paper, making the intention of the paper very clear in the beginning and letting the reader know what are the components involved in this project, and specifying a set of evaluation parameters (which may or may not be evaluated in this course project).
protection primitives and aid design realistic security policy enforcements by implementing multiple ... specific problem that is being solved. One thing that I felt is ...
reference monitor (RM) enforces a policy that specifies legal memory accesses [1]. When a core ... CPU and an AES encryption core can share a block of BRAM.
The extremely high cost of custom ASIC fabrication makes FPGAs an ... using the latest deep sub-micron process technology, while many ASIC ... Modern FPGAs use bit- ..... Napa, CA, April 1999. ... 003, Naval Postgraduate School, 2004.
Our testing platform will help us to .... GAs are a natural platform for performing many crypto- .... Proceedings of the Design Automation Conference (DAC), 2001.
sound reconfigurable system security remains an unsolved challenge. An FPGA ... of possible covert channels in stateful policies by statically analyzing the policy enforced by the ...... ranges, similar to a content addressable memory (CAM).
the political domain: "To have once been a victim gives you the right to complain, to .... tions elicited here, it is to call for a renewal of the phenomenological.
What is collective memory? The attempt to respond to this question, which has been subject to lively debate over the course of the past decades, faces very ...
We investigate how contracts can be used to regulate the interaction between processes. To do that, we study a variant of the concurrent constraints calculus presented in [1] , featuring primitives for multi- party synchronization via contracts. We p
for a service Xâ) to the behaviour promised by a service (e.g. âI will provide you with a service Yâ), and vice versa. The crucial ... and â£â 乡(D)ÃD is a relation satisfying: (i) C ⣠c whenever c âC; (ii) C ⣠c whenever for all c â
Abstract. In my project, circuit design of an arithmetic module applied to cryptography i.e. Modulo Multiplicative. Inverse used in Montgomery algorithm is presented and results are simulated using Xilinx. This algorithm is useful in doing encryption
