Introduction

Title: How to quickly deploy a SoC on FPGA to evaluate security solutions for communicating embedded systems.

Abstract: The evaluation of security countermeasures is essential. Experimentation on real use cases and reproducibility are also important. In the field of embedded systems security we often face a technological barrier and we have to master a multitude of software and hardware tools. Moreover, our contributions often target a specific point and therefore we are not necessarily experts of all the components of a system on chip (SoC). The technical task then usually takes a lot of time when creating an experimental test bench. We propose in this practical work to discover some tools allowing to deploy a SoC (with associated software) and to evaluate it on a FPGA board.

Quick start guide

This chapter explains how to launch the virtual environmment. If you want to start to build your environment from scratch you can read the Virtual environment chapter.

Prerequisites

We prepared a virtual environnement for the hands-on session. So if you want to use it in order to not build your environment from scratch you need the following software (Tested on Debian stable but it should work on other OS):

  • Virtualbox

We also provide a Vagrant box so if you want to use our Vagrant box you need:

  • Vagrant

  • Virtualbox

With the Virtualbox VM

Warning

The virtual machine is available online!

Download it (size 2.5 Go) by following this link: https://filesender.renater.fr/?s=download&token=39f9a08f-8fb1-42b6-b349-d4e493a41c36

You can check that the download was ok:

$ sha256sum --check mic-sec-2022-litex.ova.sha256sum

Then you need Virtualbox

$ vboxmanage -v
6.1.32_Debianr149290

To get started, you can start Virtualbox and add the virtual machine.

$ vboxmanage import mic-sec-2022-litex.ova

Then start the virtual machine in Virtualbox. To access the VM you can use the Virtualbox GUI:

  • login: vagrant

  • pwd: vagrant

In the virtual environment if you want to change the key map:

$ sudo loadkeys fr

If you want to access the network you should do in the VBOX GUI for your VM

$ sudo ip link set enp0s3
$ sudo dhclient enp0s3

If you want to access the network from the VM with SSH you have to allows ssh with password first. So in the VBOX GUI edit the sshd_config file and allows the password authentication with PasswordAuthentication yes

$ sudo vim /etc/ssh/sshd_config
$ sudo systemctl restart sshd.service

Finally from your machine try to connect to the VM with SSH:

$ ssh -p 2200 vagrant@localhost

With the Vagrant box

Warning

The Vagrant box will be available online soon!

Download it (size 2.5 Go) by following this link: https://filesender.renater.fr/?s=download&token=39f9a08f-8fb1-42b6-b349-d4e493a41c36

You can check that the download was ok:

$ sha256sum --check mic-sec-2022-litex.ova.sha256sum

Then you need Vagrant

$ vagrant -v
Vagrant 2.2.14
$ vboxmanage -v
6.1.32_Debianr149290

With a terminal move to the directory

$ vagrant init mic-sec-2022 file://path/to/the/file
$ Vagrant up
$ Vagrant ssh

From the repository and Vagrant

Warning

This section is for advanced user! It is not needed for the hands-on session if you already have the Vagrant box file or The Vbox VM file.

Clone the Git repository

$ git clone https://git.renater.fr/anonscm/git/mic-sec-2022/mic-sec-2022.git
$ cd mic-sec-2022
$ git submodule init
$ git submodule update

Launch the Virtual machine

$ cd venv/vagrant-venv
$ vagrant up
$ vagrant ssh

To finalize the installation please look at the Virtual environment chapter.