Mekatronik Sistemlerde Klonlamaya}{karşı Elektronik Çözümler
Mekatronik Sistemlerde Klonlamaya}{karşı Elektronik Çözümler
Dosyalar
Tarih
2014-08-06
Yazarlar
Abtioğlu, Emrah
Süreli Yayın başlığı
Süreli Yayın ISSN
Cilt Başlığı
Yayınevi
Fen Bilimleri Enstitüsü
Institute of Science and Technology
Institute of Science and Technology
Özet
Sahtecilik ve taklitçilik faaliyetlerinin kapsamı ve boyutu dünya genelinde gün geçtikçe artış göstermektedir. Otomotiv, elektronik ve tekstil pazarları başta olmak üzere, bu faaliyetler neredeyse tüm pazarlarda karşımıza çıkmaktadır. Fikri mülkiyet haklarını doğrudan etkileyen bu durum, yeni ürün ortaya çıkaran ve ar-ge faaliyetlerine yatırım yapan şirketlerin pazar paylarının azalmasına sebebiyet vererek, bu şirketlerin kazançlarını etkilemektedir. Sahtecilik ve taklitçilik faaliyetlerinin ekonomik boyutunun yanında, bu ürünlerin standartların altında üretilmesi, beraberinde sağlık ve güvenlik risklerini de ortaya çıkarmaktadır. Sağlık ve ekonomi açısından bu faaliyetlerden dolayı oluşan kayıplar küçümsenemeyecek kadar fazladır. Teknolojinin ilerlemesi ile sahte ve taklit ürünlerin orjinal ürünlerden gözle ayırt edilmesi neredeyse imkansız hale gelmiştir. Üreticiler bu noktada ürünlerinde kimlik doğrulama teknolojileri kullanarak, ürünlerini korumaya çalışmaktadırlar. Bu yöntemin uygulanamadığı ürünlerde ise, şirketler ürün tedarik zincirlerini sıkı bir kontrol altına alıp, tasarımlarının veya kullandıkları malzemelerin üçüncü şahısların eline geçmesini engellemeye çalışmaktadırlar. Sahtecilik ve taklitçiliğin tehdit oluşturduğu alanlardan biride robot endüstrisidir. Hızla gelişen robot endüstrisinde üretim, yoğun bir mühendislik ve tasarım sürecinin sonucunda gerçekleştirilebilmektedir. Robotların sahip oldukları hız ve güçlerini dikkate aldığımızda, herhangi bir parçasının standartlarının altında bir klonu ile değiştirilmesi, hem insan sağlığı ve güvenliği hemde robotun güvenliği açısından ciddi ve tehlikeli sonuçlara neden olabilir. Robotların güvenliğini arttırmak adına, robotları kişiselleştirmek ve onlara klonlanamayan kimlikler verilmesi ile bu problemin önüne geçebilir. Fiziksel olarak klonlanamayan fonksiyonlar, klonlanamayan kimliği üretmek için ideal bir yöntem olarak son yıllarda tercih edilmeye başlanmıştır. Karakteristik özelliklerinin modellenmesi zor olan bir fiziksel sistem tarafından kolay bir şekilde hesaplanan bu fonksiyonlar belli bir sayıdaki giriş setini, fiziksel sistemin iç yapısına bağlı olarak rastgele ve eşsiz bir çıkış setine dönüştürürler. Bu özellikleri sayesinde iki farklı yapı üzerinde oluşturulan aynı yapıdaki fiziksel olarak klonlanamayan fonksiyonlar birbirinden farklı sonuçlar üretirler. Fiziksel olarak klonlanamayan fonksiyonların devre üzerinde gerçeklenmesi, şifreleme anahtarının taşınması problemini de ortadan kaldırılmış olur. Literatürde bulunan fiziksel olarak klonlanamayan fonksiyon çeşitlerinden, halka osilatör tabanlı fiziksel olarak klonlanamayan fonksiyon, şifreleme algoritmasının anahtar verisini üretmek için kullanılmıştır. Çevreden kaynaklı oluşabilecek sıcaklık farkı ve gerilim dalgalanması gibi gürültülerden dolayı fiziksel olarak klonlanamayan fonksiyonların sonuçları sürekli olarak değişim gösterebilir. Bu etkilerden kurtulmak adına etiketleme adı verilen bir yöntem kullanılmıştır. Etiketleme yöntemi ile üretilen kimlik doğrulama verisinin üretimi kararlı bir yapıya ulaşmıştır. Esnek tasarım imkanı sunan sahada programlanabilir kapı dizileri bu çalışmadaki tasarım ortamı olarak belirlenmiştir. Sahip oldukları özelliklerden biri olan kısmi yeniden yapılandırma, bu çalışmada gerçeklenmek istenen güvenlik sisteminin otomatik olarak çalıştırılabilmesi için kullanılmıştır. Şifreleme algoritması olarak Gelişmiş Şifreleme Standardı tercih edilmiştir. Galois Sayaç Kipi, paralelleştirmeye uygun olması ve kimlik doğrulama algoritması olarak da işlev görmesi nedeniyle, bu algoritmanın çalışma kipi olarak kullanılmıştır.
Worlwide fraud and counterfeiting activities and the size of their scope is increasing day by day. These activities are encountered in almost all markets especially in automotive, electronics and textile markets. Due to direct effects on intellectual property rights, this situation causes a reduction of market shares of companies which produce new products and invest in R\&D activities. Besides the economic dimension of fraud and counterfeiting activities, these products that are produced with low standards pose health and safety risks. Health and economic losses resulting from these activities can not be underestimated. With the advancement of technology, it has become almost impossible to distinguish counterfeit and fake products from the original products . Manufacturers are trying to protect their products by using authentication technologies . Companies that have products which are not suitable for authentication, apply strict controls on their supply chains and design processes. Counterfeiting and fraud activities are also a threat for the robotics industry. Intensive engineering and design process results in rapid evolution in the robotics industry. Considering the speed and power of robots, the parts that are replaced with a substandard clone can cause serious and dangerous consequences for both human safety and safety of the robot . In the name of improving the safety of the robot, personalizing robots and giving them unclonable identities may prevent such activities and threats. In recent years, physical unclonable functions have been preferred to produce unclonable identities. Physical unclonable functions depend on static environment parameters and the internal structure of the physical systems. Thanks to these features, two different physical functions that are formed according to same structure produce different results. Due to being almost impossible to be cloned practically, the implementation of physical unclonable functions eliminates the storage problem of encryption key in cryptographic systems. Several physical unclonable function circuit types exists in literature. SRAM, butterfly and ring oscillator based physical unclonable functions are well known. Ring oscillator based physical unclonable function is used in this work. Due to its easy implementation on FPGA chip, it has been chosen to be used in this work. Ring oscillator based physical unclonable function circuit has two ring oscillators. One bit output is produced according to the sign of the diffrence of the frequencies of these ring oscillators. Ring oscillator pairs must have mathematically identical path delays so that frequency difference depends on characteristics of FPGA chip. Since physical unclonable functions are produced based on nonlinear characteristics of materials, they are mostly affected by changes in temperature, voltage fluctuations and radiation. Due to this nonlinear characteristic, physical unclonable functions are not deterministic, and it is not possible to produce same outcome for every trial. In order to eliminate this problem error correction codes are being used. Error correction codes gather statistical data about physical unclonable functions, and then produces outcomes according data that they have gathered. In this work an error correction method called labeling has been used. Labeling method gathers statistical data about physical unclonable functions under different conditions, and produces a label for each ring oscillator pair. Outcome of ring oscillator based physical function is calculated by using obtained label and measured difference of frequency. One important feauture of labeling method is that it does not reveal any information about physical unclonable function. Field programmable gate array (FPGA) offers a flexible design environment. FPGAs have the second best performance after ASIC designs, but in recent years performance gap between FPGA and ASIC has been shrinking due to developments in IC technology. In this study, FPGA has been chosen as design environment. Xilinx ML505 evaluation platform has been used. It has Xilinx Virtex-5 XC5VLX50T FPGA chip on it. One of the most important features of FPGA is partial reconfiguration. Partial reconfugiration allows to make changes on a partial area while FPGA still operates. In partial reconfiguration designs, resources are used in a time-multiplexed manner. This time-multiplexed manner reduces power consumption and area usage. In this study, partial reconfiguration is used to load ciphered bitstream from a non-volatile memory into FPGA. Partial reconfiguration has been used to automate authentication process. Each time FPGA is powered up, first design that is loaded into FPGA starts authentication process. During this authentication process, ciphered partial bitsream is deciphered. If deciphered partial bitstream succesfully passes authentication, this deciphered partial bitstream is loaded into pre-defined partially reconfigurable partition. Partial bitstream which is stored in non-volatile memory needs to be ciphered to prevent cloning. In this work, Advanced Encryption Standard which is a specification for the encryption of electronic data is used as crypto algorithm. FPGA configuration process is very sensitive to bit errors in bitstreams, one bit error can cause a faulty reconfiguration, and even further FPGA can be damaged. Therefore, a checksum algorithm which checks correctness of bitstreams has to be used. Considering this problem Advanced Encryption Standard is used with Galois Counter Mode of operation. Galois Counter Mode has authentication feature which also performs the checksum task. Galois Counter Mode is highly parallelable mode of operation. Therefore, it is very suitable for hardware implementations on FPGA fabric. Due to the fact that Galois Counter Mode provides both message confidentiality and authenticity, it has been used in this study. A BPI PROM on Xilinx ML 505 board is used as non-volatile memory. Two bitsreams are stored in this BPI PROM. First bitstream is loaded into FPGA each time it is powered up. This bitstream performs authentication and partial reconfiguration processes. Second bitstream contains cipehered partial bitstream. Partial bitstream is ciphered with 128-bit key which is obtained from ring oscillator based physical unclonable function circuit. Partial reconfiguration process is triggered by a push-button on ML505 evaluation platform. When it is pressed, first design which is loaded into FPGA starts to read ciphered partial bitstream from BPI PROM. This ciphered partial bitstream is deciphered with 128-bit key which is produced by ring oscillator based physical unclonable function circuit which is implemented in first bitstream. After decipher process, if deciphered partial bit stream succesfully passes authentication process, partial reconfiguration process takes place. To pass authentication process, both keys that are used to cipher partial bitstream and produced from physical unclonable function circuit have to be exactly same.
Worlwide fraud and counterfeiting activities and the size of their scope is increasing day by day. These activities are encountered in almost all markets especially in automotive, electronics and textile markets. Due to direct effects on intellectual property rights, this situation causes a reduction of market shares of companies which produce new products and invest in R\&D activities. Besides the economic dimension of fraud and counterfeiting activities, these products that are produced with low standards pose health and safety risks. Health and economic losses resulting from these activities can not be underestimated. With the advancement of technology, it has become almost impossible to distinguish counterfeit and fake products from the original products . Manufacturers are trying to protect their products by using authentication technologies . Companies that have products which are not suitable for authentication, apply strict controls on their supply chains and design processes. Counterfeiting and fraud activities are also a threat for the robotics industry. Intensive engineering and design process results in rapid evolution in the robotics industry. Considering the speed and power of robots, the parts that are replaced with a substandard clone can cause serious and dangerous consequences for both human safety and safety of the robot . In the name of improving the safety of the robot, personalizing robots and giving them unclonable identities may prevent such activities and threats. In recent years, physical unclonable functions have been preferred to produce unclonable identities. Physical unclonable functions depend on static environment parameters and the internal structure of the physical systems. Thanks to these features, two different physical functions that are formed according to same structure produce different results. Due to being almost impossible to be cloned practically, the implementation of physical unclonable functions eliminates the storage problem of encryption key in cryptographic systems. Several physical unclonable function circuit types exists in literature. SRAM, butterfly and ring oscillator based physical unclonable functions are well known. Ring oscillator based physical unclonable function is used in this work. Due to its easy implementation on FPGA chip, it has been chosen to be used in this work. Ring oscillator based physical unclonable function circuit has two ring oscillators. One bit output is produced according to the sign of the diffrence of the frequencies of these ring oscillators. Ring oscillator pairs must have mathematically identical path delays so that frequency difference depends on characteristics of FPGA chip. Since physical unclonable functions are produced based on nonlinear characteristics of materials, they are mostly affected by changes in temperature, voltage fluctuations and radiation. Due to this nonlinear characteristic, physical unclonable functions are not deterministic, and it is not possible to produce same outcome for every trial. In order to eliminate this problem error correction codes are being used. Error correction codes gather statistical data about physical unclonable functions, and then produces outcomes according data that they have gathered. In this work an error correction method called labeling has been used. Labeling method gathers statistical data about physical unclonable functions under different conditions, and produces a label for each ring oscillator pair. Outcome of ring oscillator based physical function is calculated by using obtained label and measured difference of frequency. One important feauture of labeling method is that it does not reveal any information about physical unclonable function. Field programmable gate array (FPGA) offers a flexible design environment. FPGAs have the second best performance after ASIC designs, but in recent years performance gap between FPGA and ASIC has been shrinking due to developments in IC technology. In this study, FPGA has been chosen as design environment. Xilinx ML505 evaluation platform has been used. It has Xilinx Virtex-5 XC5VLX50T FPGA chip on it. One of the most important features of FPGA is partial reconfiguration. Partial reconfugiration allows to make changes on a partial area while FPGA still operates. In partial reconfiguration designs, resources are used in a time-multiplexed manner. This time-multiplexed manner reduces power consumption and area usage. In this study, partial reconfiguration is used to load ciphered bitstream from a non-volatile memory into FPGA. Partial reconfiguration has been used to automate authentication process. Each time FPGA is powered up, first design that is loaded into FPGA starts authentication process. During this authentication process, ciphered partial bitsream is deciphered. If deciphered partial bitstream succesfully passes authentication, this deciphered partial bitstream is loaded into pre-defined partially reconfigurable partition. Partial bitstream which is stored in non-volatile memory needs to be ciphered to prevent cloning. In this work, Advanced Encryption Standard which is a specification for the encryption of electronic data is used as crypto algorithm. FPGA configuration process is very sensitive to bit errors in bitstreams, one bit error can cause a faulty reconfiguration, and even further FPGA can be damaged. Therefore, a checksum algorithm which checks correctness of bitstreams has to be used. Considering this problem Advanced Encryption Standard is used with Galois Counter Mode of operation. Galois Counter Mode has authentication feature which also performs the checksum task. Galois Counter Mode is highly parallelable mode of operation. Therefore, it is very suitable for hardware implementations on FPGA fabric. Due to the fact that Galois Counter Mode provides both message confidentiality and authenticity, it has been used in this study. A BPI PROM on Xilinx ML 505 board is used as non-volatile memory. Two bitsreams are stored in this BPI PROM. First bitstream is loaded into FPGA each time it is powered up. This bitstream performs authentication and partial reconfiguration processes. Second bitstream contains cipehered partial bitstream. Partial bitstream is ciphered with 128-bit key which is obtained from ring oscillator based physical unclonable function circuit. Partial reconfiguration process is triggered by a push-button on ML505 evaluation platform. When it is pressed, first design which is loaded into FPGA starts to read ciphered partial bitstream from BPI PROM. This ciphered partial bitstream is deciphered with 128-bit key which is produced by ring oscillator based physical unclonable function circuit which is implemented in first bitstream. After decipher process, if deciphered partial bit stream succesfully passes authentication process, partial reconfiguration process takes place. To pass authentication process, both keys that are used to cipher partial bitstream and produced from physical unclonable function circuit have to be exactly same.
Açıklama
Tez (Yüksek Lisans) -- İstanbul Teknik Üniversitesi, Fen Bilimleri Enstitüsü, 2014
Thesis (M.Sc.) -- İstanbul Technical University, Institute of Science and Technology, 2014
Thesis (M.Sc.) -- İstanbul Technical University, Institute of Science and Technology, 2014
Anahtar kelimeler
Mekatronik,
Klonlama,
Güvenlik,
Mechatronic,
Cloning,
Security