Embedded FPGA: Increasing Security In Next-Gen Networks

Why hardwired physical security is a necessity for devices on the edge.


The pull of data toward real-time applications on the network’s edge makes the outflow of processing from the cloud inevitable. Programmable logic provides the ability to make computing much more data-centric. While traditional processors demand data to be fed to their pipelines through a complex hierarchy of memory caches, programmable logic makes it possible to construct data pipelines. Data can flow seamlessly from node to node with a combination of custom logic circuits and DSP engines manipulating the data elements as they pass through. Each element is processed and then forwarded to the next node. As needs change, the programmable fabric can be rewired with a new configuration, providing better support for data-centric applications.

All great, but standalone FPGAs generally incur a power and performance penalty as data is moved frequently on and off chip to more specialized ASICs. Enter embedded FPGA (eFPGA) technology, providing a way to satisfy the constraints of energy efficiency, performance and size by integrating the programmable fabric inside the ASIC.

With eFPGA technology, hardware acceleration functions can be brought on chip. When implemented in an off-chip, standalone FPGA, these same functions may not meet performance and power requirements. A good example of these functions is the reconfigurable processor arrays for convolution kernels or max-pooling calculations needed for machine-learning applications. By hosting these functions in an embedded programmable fabric inside the ASIC, higher levels of performance can be achieved, all while reducing system cost and power consumption.

Yet another advantage of eFPGA technology for a cloudlet or edge-computing environment ––containers and virtualization provide effective support for secure operation in the core cloud because these systems can take advantage of good physical security. Devices on the edge of the network need greater levels of hardware protection because it is easier for attackers to break into the enclosure and tamper with systems sitting in roadside cabinets or service rooms. As edge-computing systems have less support from administrators, physical security is key.

Integrating security functions into the hardwired logic that surrounds eFPGA cores makes it possible to support encrypted uploads of virtual circuits into the fabric and continually monitor them for potential breaches. Hardwired logic can ensure separation of programmable functions that may be uploaded by different users and prevent them from eavesdropping on each other.

Having both security and programmable logic integrated on-chip makes it difficult if not impossible for an attacker with physical access to the system to eavesdrop on communications. With integrated CPUs, the compute functionality of entire services can be isolated to the eFPGA, limiting the amount of information sent off chip. Communications with other services can be performed using strong encryption facilities baked into the hardwired logic for eFPGAs to support a strong security architecture suitable for the needs of edge computing.

Programmable logic has a 35-year history of enhancing functionality and adding value to electronic systems. In its latest incarnation, eFPGAs offer a mix of hardware flexibility, security and performance for hardwired custom circuits. And these benefits are only the beginning.

Leave a Reply