Abstract Secure Reconfigurable Computing Prepared by David W. Jensen, Ph.D. Rockwell Collins Incorporated Advanced Technology Center 400 Collins Road N. E. Cedar Rapids, Iowa 52498-3161 Phone: 319-295-9676 email: dwjensen@collins.rockwell.com Published June 10, 1999 Abstract Three technologies must be advanced to enable the migration of reconfigurable computing from research to security and safety critical applications. Those technologies are rapid dynamic reconfiguration, multiple user support, and secure application separation. All three technologies are necessary to meet the requirements of future avionics, security, and defense applications. In this paper, we present a reconfigurable computing architecture that is explicitly secure for multiple user environments and supports varying degrees of criticality and privilege. At the core of our secure reconfigurable architecture is a real-time Multiple Virtual Machine (MVM) model in a direct execution JVM microprocessor [AW97]. Our architecture provides hardware-enforced guarantees of resource separation. We have extended this separation to support reconfigurable logic devices. Implementations of our architecture can be verified to be safe and secure [ JMR98]. We outline these verification techniques, which are similar to those currently employed in modern safety-critical development environments [DAG98, SPM96]. We also detail our approach to use those techniques to formally validate that our architecture enforces separation. An architecture should be developed with open system standards to exploit future technological advances. For that reason, we employ Java (superscript: TM) as a cornerstone of our design. In our vision, the same Java(superscript: TM) classfiles can be used on a computer system with or without reconfigurable computing capabilities. We use the Java (superscript: TM) software method invocation interface to execute hardware algorithms on the reconfigurable computing elements. We present these concepts and preliminary results from our system simulations [SAS98]. ABSTRACT BIBLIOGRAPHY [AW97] Alexander Wolfe, "First Java-Specific MPU Rolls", Electronic Engineering Times, page 1, September 22, 1997. [DAG98] David A. Greve, "Symbolic Simulation of the JEM1 Microprocessor", Springer-Verlag Lecture Notes in Computer Science, Formal Methods in Computer-Aided Design -- FMCAD, 1998. [JMR98] John M. Rushby, "Partitioning in Avionics Architectures: Requirements, Mechanisms, and Assurance," Unpublished draft report, Computer Science Laboratory, SRI International, Menlo Park, CA, October 1998, available at http://www.csl.sri.com/~rushby/partitioning.html" [SAS98] Scott A. Schoenig and David W. Jensen, "Conversion of Java (superscript: TM) Bytecodes to Hardware Schematics," a Rockwell Collins White Paper, October 30, 1998. [SPM96] Steven P. Miller, David A. Greve, Matthew M. Wilding, and Mandayam Srivas, "Formal Verification of the AAMP-FV Microcode", NASA technical report, 1996. David W. Jensen, Ph.D. Rockwell Collins Avionics & Communications Phone: 319-295-9676 400 Collins Road NE ; Cedar Rapids, IA 52498-3161 Fax: 319-295-2005 dwjensen@collins.rockwell.com