Integrating Cyber Resiliency With FPGAs

Integrating Cyber Resiliency With FPGAs

As 5G and the Open Radio Access Network (ORAN) accelerate the emergence of new edge computing devices and applications, there has been no shortage of new security challenges. Firmware attacks have proliferated in recent years, increased Internet of Things (IoT) device connections are expanding the network attack surface, and legacy network risks are still being exploited. Between these threats and rising compliance standards, network architects face mounting pressure to ensure their systems are not just secure but cyber resilient.

Cyber resiliency is the ability to continuously protect systems, detect threats, and recover from firmware attacks. As the network becomes more decentralized, its attack surface becomes larger and bad actors find more ways to exploit vulnerabilities. To achieve cyber resiliency, network architects are looking at root-of-trust (RoT) foundations and automating the cycle of protection, detection, and recovery functions on RoT components.

Field programmable gate arrays (FPGAs) have proved to be particularly useful to serve as a hardware root of trust (HRoT) device, given their inherent flexibility, small form factor, and low power consumption. These characteristics make FPGAs an ideal security engine not just for telecommunication vendors, but also for a variety of industries that are rapidly moving to the edge.

As the number of 5G IoT connections continues to increase, the importance of security, power efficiency, and overall system performance cannot be overstated. FPGAs are helping ensure a cyber resilient future in a variety of applications.

Data Centers

Similar to telecommunication hardware, data centers need to have proactive measures in place to protect their data if they are to be cyber resilient. They must be able to automatically detect threats and recover, yet they face the additional pressure of maintaining enough functionality to deliver on their service-level requirements. Platform firmware resiliency (PFR) provides the “protect, detect, recover” real-time cycle to do so, and it starts with leveraging an HRoT device, such as an FPGA.

FPGAs don’t just detect whether malware is directly present or a system is actively under attack. Instead, they proactively monitor systems pre- and post-boot, which is vital because bad actors understand that this is when a system is most vulnerable. If an attack on firmware manages to be successful, flash devices on the FPGA can load a golden image of the authorized firmware, override the unauthorized version, and ensure recovery of the system.

Beyond their built-in cyber resilient features, FPGAs can also be upgraded in the field if any new security vulnerabilities are found after a design is locked, including with post-quantum cryptographic algorithms. System architects can essentially “future-proof” their new hardware designs thanks to FPGAs’ ability to be reprogrammed in-field, rather than needing devices to be brought back home for upgrades or to replace the entire system.

Automotive Designs

Although the automotive industry has made great strides to improve vehicle comfort and safety through advanced driver assist systems (ADAS), vehicle connectivity, and autonomous driving, it has also made vehicles newly susceptible to various security threats and cyberattacks. Beyond protecting their physical cars, consumers now also need to ensure that their vehicles are not being hacked or tampered with remotely.

This is where functional safety (FuSa) becomes increasingly important. FuSa ensures systems or pieces of equipment are operating correctly in response to inputs or failure; it is a crucial part of the overall safety of a system. FPGAs are often used to connect multiple displays and cameras in a vehicle and can help ensure that safety-critical information is reliably reproduced, while also notifying the driver of an error or failure.

Practices like PFR are moving into the automotive realm to bring consumers peace of mind, and FPGAs are providing HRoT capabilities to vehicles on the road. As the line between the physical highway and the digital network continues to blur, FPGAs offer an ideal platform for security.

Smart Home Control and Security

At home, smart devices, such as security cameras, smart doorbells, home assistance devices, and smart appliances, have proliferated over the years. Beyond hardware security to protect from mundane attacks, designers are looking for flexibility in sensor choices, powerful edge processors, and the ability to aggregate data from multiple sources for processing. FPGAs meet each of these requirements so smart home devices can function as smoothly — and therefore securely — as possible.

Moreover, since smart home control and security systems demand such high levels of data processing power, it’s key that they function with the lowest latencies possible to prevent security vulnerabilities.

Small in Size, Big in Impact

The applications above only scratch the surface of the impact FPGAs are having across industries. It’s remarkable to see a single technology be used in such a variety of applications, but good security is everyone’s best interest.

No matter your business, pay close attention to the cybersecurity landscape and how FPGAs are helping us all live in a more digitally secure future.