This paper describes the role of security policies for FPGAs. The FPGA development specifics and a short overview of threats against systems security are presented. We propose a security policy consisting of three parts, first: addressing the general security demands, second: the communication between FPGA and the peripheral devices, and third: the behaviour inside the FPGA. The different methods to enforce the security policy manually or automatically are discussed with a focus on dynamic policy enforcement at compile- and runtime. Finally we propose an architecture for policy enforcement in FPGAs.
展开▼