| 引用本文: |
-
曹飞,李清宝,陈志锋,宋站威,姚伟平,焦卫华.FPGA安全威胁与对策研究综述[J].信息安全学报,已采用 [点击复制]
- caofei,liqingbao,chenzhifeng,songzhanwei,yaoweiping,jiaoweihua.A Survey of FPGA Security Threats and Countermeasure[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 现场可编程逻辑门阵列(Field Programmable Gate Array, FPGA)是一类支持动态编程与重构的集成电路,凭借灵活性与高性能优势,在人工智能、工业控制、卫星通信等关键领域系统平台大量部署。然而,FPGA 的广泛应用也使其硬件安全问题日益凸显,已成为学术界与工业界的核心关注方向,其安全隐患不仅威胁个人隐私与数据安全,更对国家经济命脉、关键基础设施乃至国防安全构成严峻挑战。本文围绕 FPGA 安全问题展开系统性综述,首先梳理 FPGA 的核心组成与工作机理,为后续分析漏洞成因与脆弱性根源奠定基础;随后从器件与设计两个核心层面提出了FPGA 安全威胁模型。鉴于器件层面的安全威胁与专用集成电路(Application Specific Integrated Circuit ,ASIC)存在共性,且相关研究已较为成熟,本文重点聚焦设计层面的安全风险,按FPGA“设计—供应—应用—终止”全生命周期阶段,深入剖析硬件木马植入、比特流逆向分析、侧信道攻击、运行时恶意重构等典型攻击技术的原理与危害。在防御对策方面,本文从供应链安全与设计保护、比特流安全防护、访问控制与监测、物理安全防护四个维度,总结当前主流防护技术,并分析各技术的适用场景与局限性;最后,结合FPGA设计安全的防护体系构建、异构集成安全协同等前沿挑战,展望 FPGA 安全领域的未来研究方向与发展趋势。 |
| 关键词: 现场可编程逻辑门阵列 集成电路安全 硬件木马 比特流逆向 安全防护 |
| DOI: |
| 投稿时间:2025-12-16修订日期:2026-04-28 |
| 基金项目:国家重点研发计划(No. 2021YFB3101800) |
|
| A Survey of FPGA Security Threats and Countermeasure |
|
caofei1, liqingbao1, chenzhifeng1, songzhanwei2, yaoweiping1, jiaoweihua1
|
| (1.Information Engineering University;2.Institute of Information Engineering, Chinese Academy of Sciences) |
| Abstract: |
| Field-Programmable Gate Arrays (FPGAs) are a class of integrated circuits that support dynamic programming and recon-figuration. Owing to their flexibility and high performance, FPGAs have been extensively deployed in system platforms across critical domains such as artificial intelligence, industrial control and satellite communications. However, their wide-spread adoption has brought hardware security issues to the forefront, making them a central concern in both academia and industry. These security risks not only threaten individual privacy and data security but also pose serious challenges to national economic stability, critical infrastructure, and even defense security. This paper provides a systematic survey of FPGA security issues. It begins by outlining the core components and operational principles of FPGAs, establishing a foundation for analyzing the root causes of vulnerabilities. Subsequently, security threat models are proposed from two key perspectives: the device level and the design level. Given that device-level security threats share similarities with those of Application-Specific Integrated Circuits (ASICs) and have been relatively well-studied, this survey focuses primarily on design-level risks. Following the full lifecycle stages of "design – supply – application – decommissioning," the paper thoroughly examines typical attack techniques—including hardware Trojan implantation, bitstream reverse engineering, side-channel attacks, and runtime malicious reconfiguration—analyzing their principles and impacts. On the defense front, the study summarizes current mainstream protection technologies from four dimensions: supply chain security and design protection, bitstream security, access control and monitoring, and physical security, while also discussing their applicable scenarios and limitations. Finally, considering emerging challenges such as secure collaboration in heterogeneous integration and Security Protection System for FPGA Design, the paper outlines future research directions and development trends in the field of FPGA security. |
| Key words: Field-Programmable Gate Arrays integrated circuit security hardware Trojan bitstream reverse engineering security protection |
