Reconfigurable Computing: Architectures, Tools and Applications

Volume 5453 of the series Lecture Notes in Computer Science pp 50-61

A Protocol for Secure Remote Updates of FPGA Configurations

  • Saar DrimerAffiliated withComputer Laboratory, University of Cambridge
  • , Markus G. KuhnAffiliated withComputer Laboratory, University of Cambridge

* Final gross prices may vary according to local VAT.

Get Access


We present a security protocol for the remote update of volatile FPGA configurations stored in non-volatile memory. Our approach can be implemented on existing FPGAs, as it sits entirely in user logic. Our protocol provides for remote attestation of the running configuration and the status of the upload process. It authenticates the uploading party both before initiating the upload and before completing it, to both limit a denial-of-service attack and protect the integrity of the bitstream. Encryption protects bitstream confidentiality in transit; we either decrypt it before non-volatile storage, or pass on ciphertext if the configuration logic can decrypt it. We discuss how tamper-proofing the connection between the FPGA and the non-volatile memory, as well as space for multiple bitstreams in the latter, can improve resilience against downgrading and denial-of-service attacks.