Zascholkin K. Steganography-oriented models, methods and means for the integrity and authenticity monitoring of the FPGA-based components of computer systems

The dissertation is devoted to the solution of the actual scientific and applied problem, which deals with increasing the reliability of integrity and authenticity monitoring of FPGA-based components of computer systems by developing the models, methods and means founded on steganography-oriented storing, access and processing of monitoring data. In the dissertation, the steganography-oriented models for principal constituents, which provide the integrity and authenticity monitoring for program code of FPGA-based components are proposed, namely: a model of a steganographic medium for extra data bits in the environment of FPGA-based components program code; a model of an embedding path of extra data in the program code space of FPGA LUT-units; a model of a steganographic LUT-container and the one of a steganographic key for stego-container of such type. The mentioned models are characterized by their taking into consideration the following: dual program code representation of elementary FPGA parts; the nature of links between FPGA units, and the restrictions, which are imposed by FPGA structure on the usage of LUT-units as elementary target parts of embedding; FPGA program code structure; the peculiarities of FPGA operation modes. The presence of dual program code representation of elementary FPGA parts has allowed to reveal the functional redundancy of this representation and used it (redundancy) for the hidden extra data embedding into FPGA-based components program code. On the foundation of the mentioned models a steganography-oriented method of the monitoring digital watermark embedding into the space of FPGA-based components program code has been developed. The developed method is characterized by the usage of natural functional redundancy of the FPGA chip program code and allows to hide the presence of monitoring data and the fact of integrity/authenticity monitoring execution in regard to the corresponding FPGA-based components. These features of the method make its results more strong to the traditional stegoanalysis. The steganography-oriented method of FPGA-based components integrity monitoring, which stores the monitoring data by embedding them into the components program code in the form of digital watermark, was developed. This permits increasing the monitoring reliability due to hiding both the monitoring data and the fact of monitoring execution under the conditions of probable attacks on monitoring data. The estimation method of monitoring reliability of information objects integrity of the FPGA program code under the conditions of combined usage of traditional and steganographic approaches to the monitoring data storing, has been developed. The research of this method and estimation of steganographic constituent contribution in providing the monitoring system reliability under the conditions of attacks on the monitoring data have been carried out. A model of FPGA-based components integrity life cycle is proposed. On the basis of this model a method of computational complexity decrease of the stage of FPGA-based components validation before integrity monitoring starting has been developed. The method is founded on the analysis of LUT units activeness at their outputs and address inputs. This permits simplifying the stage of FPGA-based components validation due to the preliminary estimation of the LUT units dynamics activeness at the specific operation modes in the specific scenarios of integrity violation. On the foundation of the obtained theoretical principles a set of software and hardware modules, which in total provide the processes of integrity and authenticity monitoring of the computer system FPGA-based components in accordance with the proposed steganography-oriented approach has been developed. The usage of the developed software and hardware set as well as the proposed models and methods under the conditions of attacks on the monitoring data has allowed to increase the reliability of the mentioned types of monitoring as compared to the one (reliability), which is provided by the well-known means of monitoring. Wherein the developed means permit increasing the monitoring reliability not only due to the introduction of the extra protection stages of monitoring data but also by creating the new qualities which are substantial for the processes of integrity and authenticity monitoring of FPGA program code, namely: hiding the presence of monitoring data and the fact of monitoring procedure execution with respect to the given FPGA-based component; the formation of integrated whole of FPGA program code object and monitoring data; the absence of monitoring data effect on both the operation and characteristics of FPGA-based component and a size of its program code