Аннотация:
The operation of programmable computer systems is determined by
their program code. Possibilities of maliciously changing program code potentially pose a security risk. Therefore, monitoring the program code integrity is
one of the main components of security for programmable systems. This paper
is devoted to program code integrity monitoring of computer systems built on
the FPGA chips. Integrity monitoring methods are considered, within which
monitoring data are embedded into the program code in the form of a digital
watermark. Such digital watermark does not affect the operation of the FPGA
and does not change the characteristics of the system. The advantages of this
approach are that the fact of the presence of monitoring data in the program
code and the fact of performing integrity monitoring is hidden from an outside
observer. The paper notes the problem of the need to recovery the initial state of
program code when performing integrity monitoring. To perform this procedure, the digital watermark must contain the data necessary for recovery. The
effective volume of a digital watermark depends on the size and structure of the
FPGA program code, as well as on the limitations defined by the watermark
embedding key (stego key). Most of this volume is occupied by the data necessary to recovery the initial state. Under these conditions, there is often a shortage of the effective volume of a digital watermark for storing monitoring data.
The paper proposes a solution to this problem due to a new approach to the
formation of a stego key for embedding a digital watermark in the FPGA program
code. An experimental assessment of the approach proposed in the paper is performed. The advantages of the proposed approach are shown in comparison with the
existing methods of embedding the digital watermark in the FPGA program code.
