Multilayer Camouflaged Secure Boot for SoCs

Reconfigurable logic enables architectural updates for embedded devices by providing the ability to reprogram partial or entire device. However, this flexibility can be leveraged by the adversary to compromise the device boot process by modifying the bitstream or the boot process with physical or remote access of device placed in a remote field. We propose a novel multilayer secure boot mechanism for SoCs with a two-stage secure boot process. First stage uses device bound unique response as a key to decrypt application logic. The security function is extended at runtime by integrating intermittent architecture and application locking mechanism to reveal correct functionality.