Hardware Area Research Articles

Scalable Nonlinear Sequence Generation using Composite Mersenne Product Registers

We introduce a novel composition method that combines linear feedback registers into larger nonlinear structures and generalizes earlier methods such as cascade connections. We prove a Chaining Period Theorem which provides the cycle structure of these register constructions. We then use this Chaining Period Theorem and a new construction we call a Product Register (PR) to introduce a flexible and scalable register family with desirable properties, which we term Composite Mersenne Product Registers (CMPRs). We provide an algorithm to estimate the linear complexity of a chosen CMPR and investigate the statistical properties and security of a CMPR-based pseudorandom generator. Finally, we propose a family of CMPR-based stream ciphers and provide comparisons with the TRIVIUM stream cipher in terms of hardware area and security.

Hardware Area Efficient and Real-Time FPGA Implementation of PHMMRGB.

For encryption applications on embedded systems, operating in real-time while using minimal system resources is essential. It is expected that efficient and rapid encryption of high-resolution images is to be accomplished with limited hardware resources. Therefore, to ensure the desired efficiency of encryption of high-resolution images, the system must possess a digital architecture capable of achieving high speeds with minimal hardware resources. This study considered the limitations of a hardware architecture for an image encryption algorithm based on the Profile Hidden Markov Model called PHMMRGB. The proposed architecture is relatively simple in comparison to its alternatives. The hardware architecture, designed with the objective of using minimal resources, has been implemented on an FPGA. Based on the results of the proposed architecture, it is believed that the implementation of the specified method on an FPGA would yield high efficiency. Experiments conducted using large-sized satellite images confirmed this expectation.

Extending Randomness-Free First-Order Masking Schemes and Applications to Masking-Friendly S-boxes

Masking has emerged as a widely adopted countermeasure against side-channel attacks. However, the implementation of masking schemes faces several challenges, including hardware area, latency and the overhead associated with fresh randomness generation. To eliminate the implementation cost caused by fresh randomness, Shahmirzadi et al. introduced a methodology for constructing 2-share first-order masking schemes without randomness at CHES 2021. In this work, we extend Shahmirzadi et al.’s method to find masked implementations for more S-boxes and further reduce the hardware overhead. We propose the concept of a non-linear compression layer, a comprehensive share assignment strategy based on a linear compression layer, and corresponding optimization techniques. Based on these techniques, we construct the first randomness-free first-order masking schemes for the PRINCE S-box and its inverse, reduce the hardware overhead of masking schemes for multiple S-boxes, and design new masking-friendly S-boxes. Particularly for the SKINNY S-box, the reduction is 21% and 15% in area and power consumption, respectively. To validate the security of masked implementations, we not only employ the automated tools SILVER and PROLEAD but also conduct FPGA-based experiments.

Novel Integer Division for Embedded Systems: Generic Algorithm Optimal for Large Divisors

The integer Constant Division (ICD) is the type of integer division in which the divisor is known in advance, enabling pre-computing operations to be included. Therefore, it can be more efficient regarding computing resources and time. However, most ICD techniques are restricted by a few values or narrow boundaries for the divisor. On the other hand, the main approaches of the division algorithms, where the divisor is variable, are digit-by-digit and convergence methods. The first techniques are simple and have less sophisticated conversion logic for the quotient but also have the problem of taking significantly long latency. On the contrary, the convergence techniques rely on multiplication rather than subtraction. They estimate the quotient of division providing the quotient with minimal latency at the expense of precision. This article suggests a precise, generic, and novel integer division algorithm based on sequential recursion with fewer iterations. The suggested methodology relies on extracting the division results for non-powers-of-two divisors from those for the closest power-of-two divisors, which are obtained simply using the right bit shifting. To the authors’ best knowledge of the state-of-the-art, the number of iterations in the recurrent variable division is half the divisor bit size, and the Sweeney, Robertson, and Tocher (SRT) division, which is named after its developers, involves <i>log</i><sub>2</sub>(n) iterations. The suggested algorithm has an [(m/(n-1))-1] number of recursive iterations, where m and n are the number of bits of the dividend and the divisor, respectively. The design is simulated in the Vivado tool for validation and implemented with a Zynq UltraScale FPGA. The technique performance depends on the number of nested divisions and the size of a LUT. The two factors change according to the value of the divisor. Nevertheless, the size of the LUT is proportional to the range and the number of bits of the divisor. Furthermore, the equation that controls the number of nested blocks is illustrated in the manuscript. The proposed technique applies to both constant and variable divisors with a compact hardware area in the case of constant division. The hardware implementation of constant division has unlimited values for dividends and divisors with a compact hardware area in the case of large divisors. However, using the design in the hardware implementation of variable division is up to 64-bit dividend and 12-bit divisor. The result analysis demonstrates that this algorithm is more efficient for constant division for large numbers.

Machine learning algorithm partially reconfigured on FPGA for an image edge detection system

Unmanned aerial vehicles (UAVs) have been widely used in military, medical, wireless communications, aerial surveillance, etc. One key topic involving UAVs is pose estimation in autonomous navigation. A standard procedure for this process is to combine inertial navigation system sensor information with the global navigation satellite system (GNSS) signal. However, some factors can interfere with the GNSS signal, such as ionospheric scintillation, jamming, or spoofing. One alternative method to avoid using the GNSS signal is to apply an image processing approach by matching UAV images with georeferenced images. But a high effort is required for image edge extraction. In this paper, a support vector regression (SVR) model is proposed to reduce this computational load and processing time. The dynamic partial reconfiguration (DPR) of part of the SVR datapath is implemented to accelerate the process, reduce the area, and analyze its granularity by increasing the grain size of the reconfigurable region. Results show that the implementation in hardware is 68 times faster than that in software. This architecture with DPR also facilitates the low power consumption of 4 ​mW, leading to a reduction of 57% than that without DPR. This is also the lowest power consumption in current machine learning hardware implementations. Besides, the circuitry area is 41 times smaller. SVR with Gaussian kernel shows a success rate of 99.18% and minimum square error of 0.0146 for testing with the planning trajectory. This system is useful for adaptive applications where the user/designer can modify/reconfigure the hardware layout during its application, thus contributing to lower power consumption, smaller hardware area, and shorter execution time.

Optimizing FPGA implementation of high-precision chaotic systems for improved performance.

Developing chaotic systems-on-a-chip is gaining much attention due to its great potential in securing communication, encrypting data, generating random numbers, and more. The digital implementation of chaotic systems strives to achieve high performance in terms of time, speed, complexity, and precision. In this paper, the focus is on developing high-speed Field Programmable Gate Array (FPGA) cores for chaotic systems, exemplified by the Lorenz system. The developed cores correspond to numerical integration techniques that can extend to the equations of the sixth order and at high precision. The investigation comprises a thorough analysis and evaluation of the developed cores according to the algorithm complexity and the achieved precision, hardware area, throughput, power consumption, and maximum operational frequency. Validations are done through simulations and careful comparisons with outstanding closely related work from the recent literature. The results affirm the successful creation of highly efficient sixth-order Lorenz discretizations, achieving a high throughput of 3.39 Gbps with a precision of 16 bits. Additionally, an outstanding throughput of 21.17 Gbps was achieved for the first-order implementation coupled with a high precision of 64 bits. These outcomes set our work as a benchmark for high-performance characteristics, surpassing similar investigations reported in the literature.

An efficient versatile video coding motion estimation hardware

Versatile Video Coding (VVC) is the latest video coding standard. It provides higher compression efficiency than the previous video coding standards at the cost of significant increase in computational complexity. Motion estimation (ME) is the most time consuming and memory intensive module in VVC encoder. Therefore, in this paper, we propose an efficient VVC ME hardware. It is the first VVC ME hardware in the literature. It has real time performance with small hardware area. This efficiency is achieved by using a 64 × 64 systolic processing element array to support maximum coding tree unit (CTU) size of 128 × 128 and by using a novel memory-based sum of absolute differences (SAD) adder tree to calculate SADs of 128 × 128 CTUs. The proposed VVC ME hardware reduces memory accesses significantly by using an efficient data reuse method. It can process up to 30 4 K (3840 × 2160) video frames per second.

Human somatosensory systems based on sensor-memory-integrated technology.

As a representative artificial neural network (ANN) for incorporating sensing functions and memory functions into one system to achieve highly miniaturized and highly integrated devices or systems, artificial sensory systems (ASSs) can have a far-reaching influence on precise instrumentation, sensing, and automation engineering. Artificial sensory systems have enjoyed considerable progress in recent years, from low degree integrations to highly advanced sophisticated integrations, from single-modal perceptions to multimode-fused perceptions. However, there are issues around the large hardware area, power consumption, and communication bandwidth needed during the processes where multimodal sensing signals are converted into a digital mode before they can be processed by a digital processor. Therefore, deepening the research into sensory integration is of great importance. In this review, we briefly introduce fundamental knowledge about the memristor mechanism, describe some representative human somatosensory systems, and elucidate the relationship between the properties of memristor devices and the structure. The electronic character of the sensors, future prospects, and key challenges surrounding sensor-memory integrated technologies are also discussed.

Power Efficient Implementation of ECC Using LCSLA Based Dual Field Vedic Multiplier

The Elliptic Curve Cryptographic (ECC) technique is employed for security standards such as Security Key Management (SKM), digital signature, data authentication and so on. The ECC technique is capable of sequential and parallel mode processes through a unified design. It is used for both equally binary fields and prime fields of cryptosystems. The DMM structure has been developed using CSA. This adder requires a greater amount of Full Adder circuits, which occupy more area. To overcome this problem, this paper discusses four different methods, such as DMM-Optimized Carry Look Ahead Adder, DMM-Optimized Carry Bypass Adder, DMM-Look up Table Carry Select Adder, and Dual Field Vedic Multiplier – LCSLA, which is used to increase the performance of the ECC. The parameters like power utilization, time delay information, and hardware area overhead are analyzed and compared with existing methods. Among those four methods, the DVM-LCSLA method gave better results in FPGA and ASIC performances.

Low area and high throughput hardware implementations for the LILLIPUT cipher

SummaryThe widespread use of Internet of Things devices has increased the demand for lower cost and more efficient lightweight ciphers. However, there is a difficult trade‐off between cost and efficiency for lightweight block ciphers. The optimizations of area and throughput are important for some constrained environments. This paper proposes two novel hardware architectures for the LILLIPUT cipher. In the novel low area structure, a new permutation layer is provided for LILLIPUT. The relationship between encryption algorithm and key scheduling algorithm is utilized to achieve optimal sharing among components, which significantly reduces hardware area. The experimental results show that the number of XOR gates and S‐boxes required for low area optimization is reduced by 52 and 8, respectively. The total area is reduced by about 18%. For high throughput structure, this paper provides 2‐round, 5‐round, and 15‐round loop unrolling designs for LILLIPUT to improve throughput. The experimental results show that the throughput of the 5‐round loop unrolling structure reaches a good level, which is relatively the most cost‐effective. In practical application, ciphers can be unrolled implementations according to the needs of devices to improve the execution speed, which can greatly reduce the execution time and complexity of the algorithm.

MAFIA: Protecting the Microarchitecture of Embedded Systems Against Fault Injection Attacks

Fault injection attacks represent an effective threat to embedded systems. Recently, Laurent et al. have reported that fault injection attacks can leverage faults inside the microarchitecture. However, state-of-the-art counter-measures, hardwareonly or with hardware support, do not consider the integrity of microarchitecture control signals that are the target of these faults. We present MAFIA, a microarchitecture protection against fault injection attacks. MAFIA ensures integrity of pipeline control signals through a signature-based mechanism, and ensures fine-grained control-flow integrity with a complete indirect branch support and code authenticity. We analyse the security properties of two different implementations with different security/ overhead trade-offs: one with a CBC-MAC/Prince signature function, and another one with a CRC32. We present our implementation of MAFIA in a RISC-V processor, supported by a dedicated compiler toolchain based on LLVM/Clang. We report a hardware area overhead of 23.8% and 6.5% for the CBC-MAC/Prince and CRC32 respectively. The average code size and execution time overheads are 29.4% and 18.4% respectively for the CRC32 implementation and are 50% and 39% for the CBC-MAC/Prince.

SpikeSim: An End-to-End Compute-in-Memory Hardware Evaluation Tool for Benchmarking Spiking Neural Networks

Spiking Neural Networks (SNNs) are an active research domain towards energy efficient machine intelligence. Compared to conventional artificial neural networks (ANNs), SNNs use temporal spike data and bio-plausible neuronal activation functions such as Leaky-Integrate Fire/Integrate Fire (LIF/IF) for data processing. However, SNNs incur significant dot-product operations causing high memory and computation overhead in standard von-Neumann computing platforms. To this end, In-Memory Computing (IMC) architectures have been proposed to alleviate the “memory-wall bottleneck" prevalent in von-Neumann architectures. Although recent works have proposed IMC-based SNN hardware accelerators, the following key implementation aspects have been overlooked 1) the adverse effects of crossbar non-ideality on SNN performance due to repeated analog dot-product operations over multiple time-steps 2) hardware overheads of essential SNN-specific components such as the LIF/IF and data communication modules. To this end, we propose SpikeSim, a tool that can perform realistic performance, energy, latency and area evaluation of IMC-mapped SNNs. SpikeSim consists of a practical monolithic IMC architecture called SpikeFlow for mapping SNNs. Additionally, the non-ideality computation engine (NICE) and energy-latency-area (ELA) engine performs hardware-realistic evaluation of SpikeFlow-mapped SNNs. Based on 65nm CMOS implementation and experiments on CIFAR10, CIFAR100 and TinyImagenet datasets, we find that the LIF/IF neuronal module has significant area contribution (>11% of the total hardware area). To this end, we propose SNN topological modifications that leads to 1.24× and 10× reduction in the neuronal module’s area and the overall energy-delay-product value, respectively. Furthermore, in this work, we perform a holistic comparison between IMC implemented ANN and SNNs and conclude that lower number of time-steps are the key to achieve higher throughput and energy-efficiency for SNNs compared to 4-bit ANNs. The code repository for the SpikeSim tool is available at https://github.com/Intelligent-Computing-Lab-Yale/Quanitzation-aware-SNN-training-and-hardware-evaluation-for-IMC-Architectures

Experimental EMFI detection on a RISC-V core using the Trace Verifier solution

Physical attacks are powerful threats that can cause changes in the execution behavior of a program. Control-Flow Integrity (CFI) is used to check the program’s flow execution, ensuring that it remains unaltered by these attacks. The RISC-V Trace Encoder (TE) provides valuable information about the user program’s execution path, and is used as part of a CFI solution. An enhanced version of the TE specifications permits detecting intricate fault models such as the corruption of any discontinuity instruction, using an additional Trace Verifier (TV) hardware module. In this paper, we present a buffer overflow software attack simulation and experimental ElectroMagnetic Fault Injection (EMFI) attacks conducted on an Field Programmable Gate Array (FPGA) board that implements a RISC-V core linked to the enhanced TE and TV modules. Unlike existing CFI solutions, our proposed approach does not require modifications to the RISC-V compiler, user application code or the RISC-V core. The average overhead of our solution in terms of hardware area, memory and power consumption are equal to 13.6%, 3.5% and 9% respectively.

FPGA Implementation of a Novel Multifunction Modulo (2n ± 1) Multiplier Using Radix-4 Booth Encoding Scheme

The residue number system is widely used in applications such as communication systems, cryptography, digital filters, digital signal processors, fault-tolerant detection, and so on. This paper proposes a multifunction modulo (2n ± 1) multiplier based on the radix-4 Booth encoding scheme that can operate both modulo (2n − 1) and modulo (2n + 1) multipliers using the same hardware structure with only one control signal. A novel modulo (2n ± 1) multiplier based on radix-4 Booth encoding is proposed that can achieve superior performance, with low power, fast operation, high area efficiency, and low area-delay product (ADP) and power-delay product (PDP) compared with similar modified Booth-encoding methods. In addition, by integrating the separate modulo functions of the modulo (2n − 1) multiplier and modulo (2n + 1) multiplier into a single multifunction modulo (2n ± 1) multiplier, the proposed method can save up to 52.59% (n = 16) of hardware area, up to 5.45% (n = 32) of delay time, up to 49.05% (n = 16) of dynamic power, up to 50.92% (n = 32) of ADP, and up to 50.02% (n = 32) of PDP compared with the original separate circuits merged together. Furthermore, the operation ranges of the multiplicand and multiplier of the proposed modulo (2n + 1) multiplier and modulo (2n − 1) multiplier are {0, 2n + 1} and {0, 2n}, respectively, which are wider than for other reported hardware structures. The hardware area, power consumption, and delay time are simulated and verified using Verilog HDL and Xilinx FPGA (Field Programmable Gate Array) Vivado tools. The Xilinx Artix-7 XC7A35T-CSG324-1 FPGA chipset is adopted in the proposed work.

Research and Hardware Implementation of a Reduced-Latency Quadruple-Precision Floating-Point Arctangent Algorithm

In the field of digital signal processing, such as in navigation and radar, a significant number of high-precision arctangent function calculations are required. Lookup tables, polynomial approximation, and single/double-precision floating-point Coordinate Rotation Digital Computer (CORDIC) algorithms are insufficient to meet the demands of practical applications, where both high precision and low latency are essential. In this paper, based on the concept of trading area for speed, a four-step parallel branch iteration CORDIC algorithm is proposed. Using this improved algorithm, a 128-bit quad-precision floating-point arctangent function is designed, and the hardware circuit implementation of the arctangent algorithm is realized. The results demonstrate that the improved algorithm can achieve 128-bit floating-point arctangent calculations in just 32 cycles, with a maximum error not exceeding 2×10−34 rad. It possesses exceptionally high computational accuracy and efficiency. Furthermore, the hardware area of the arithmetic unit is approximately 0.6317 mm2, and the power consumption is about 40.6483 mW under the TSMC 65 nm process at a working frequency of 500 MHz. This design can be well suited for dedicated CORDIC processor chip applications. The research presented in this paper holds significant value for high-precision and rapid arctangent function calculations in radar, navigation, meteorology, and other fields.

Toward Software-like Debugging for FPGAs via Checkpointing and Transaction-based Co-Simulation

Checkpoint-based debugging flows have recently been developed that allow the user to move the design state back and forth between an FPGA and a simulator. They provide a softwarelike debugging experience by combining the speed of hardware execution and the full visibility of simulation. However, they assume the entire system state can be moved to a simulator, limiting them to self-contained systems. In this article, we present StateLink, a transaction-based co-simulation framework that allows part of the system (the task) to run in a simulator and still interact with other system components that reside in hardware. StateLink allows tasks to remain connected to and active in the overall hardware system after their state is moved to a simulator. This extends the functionality of checkpoint-based debugging frameworks to designs with external I/Os and significantly speeds up the simulation of tasks that are part of a large system. StateLink typically adds no timing overhead and a modest hardware area overhead. The total area overhead of using the proposed flow on a Memcached system is only 13%. This flow allows the user to benefit from both the hardware speedup of ∼1M× and the StateLink speedup of up to 44× versus full system simulation.

Accelerating Image Processing Using Reduced Precision Calculation Convolution Engines

In this paper a method of accelerating image processing using convolution engines with reduced precision calculation is presented. The convolution engines are designed to be used with the Pulpissimo platform with RISC-V System-on-Chip. The aim is to move the calculation to the edge. The proposed linear convolution engines operate on 8-bit data set and the logarithmic convolution engine operates on 4-bit reduced precision data. The data reduction is done by using a logarithmic number space. Diminishing the size of the data to be processed reduces the amount of required memory, requirement for memory bandwidth, required computation, and required hardware area while simultaneously increasing the performance. This performance could benefit modern AI and image processing applications, especially in mobile and other battery-operated devices. The results show that the computation in the linear convolution engine is 91 times faster and computation in the logarithmic convolution engine is 122 times faster than in the RISC-V core with plain RISC-V instructions.

Area–Time Efficient Implementation of NIST Lightweight Hash Functions Targeting IoT Applications

To mitigate cybersecurity breaches, secure communication is crucial for the Internet of Things (IoT) environment. Data integrity is one of the most significant characteristics of security, which can be achieved by employing cryptographic hash functions. In view of the demand from IoT applications, the National Institute of Standards and Technology (NIST) initiated a standardization process for lightweight hash functions. This work presents field-programmable gate array (FPGA) implementations and carefully worked out optimizations of four Round-3 finalists in the NIST standardization process. A novel compact PHOTON-Beetle implementation is proposed wherein the underlying matrix multiplication is executed in serialized fashion to achieve a small hardware footprint. Sparkle implementations are carried out by implementing the ARX-box in serialized, parallelized, and hybrid approaches. For Ascon and Xoodyak, the proposed implementations compute certain permutation rounds in one clock cycle in order to explore the trade-off between computation time and hardware area. As a result, this work achieves the smallest hardware footprint for PHOTON-Beetle consuming an area 3.4× smaller than state-of-the-art implementations. Ascon and Xoodyak are implemented in a flexible manner that achieves throughput-to-area (TP/A) ratios 1.8× and 3.9× higher, respectively, compared to implementations found in the literature. In addition, we propose the first FPGA implementations for the Sparkle hash function. These efficient implementations provide guidelines for choosing a suitable architecture for applications in demand that can be employed in the IoT environment to achieve data integrity for various applications.

Scalable and Conflict-Free NTT Hardware Accelerator Design: Methodology, Proof, and Implementation

Number Theoretic Transform (NTT) is useful for the acceleration of polynomial multiplication, which is the main performance bottleneck in the next-generation cryptographic schemes. Different NTT based cryptographic algorithms have different security settings. The diverse application scenarios introduce different cost-performance trade-offs and hardware constraints. Motivated by the emerging demand for more versatile NTT hardware accelerators, we propose a new design methodology that can generate area-efficient and high-performance NTT accelerators for any length and modulus of NTT polynomials and single processing element (PE) or PE array with a varying number of layers. The proposed NTT accelerator architecture pivots on a conflict-free memory access pattern for adaptation to different combinations of security and PE array configuration parameters. The proposed memory access pattern is formally proved to be conflict-free for any parametric configurations. The criterion for read-after-write conflict without pipeline stall is also established. Our proposed design methodology can produce NTT accelerators with single PE or multi-layer PE array for different polynomial size and modulus, with hardware area and computational efficiency comparable to accelerators customized for a fixed set of parameters. Our proposed methodology produces parameterized accelerator with higher scalability than the existing parameterized accelerator design. On average, the accelerators generated by our proposed method are 71.4% more area-time efficient. Up to 30.7% area-time reduction over the most area-time efficient state-of-the-art scalable NTT accelerator can be achieved for the same security parameters.

A Gray-Encoded Ring Oscillator for Efficient Frequency-to-Digital Conversion in VCO-Based ADCs

The most common implementation of a VCO-based ADC consists of a ring oscillator connected to a thermometer-encoded frequency-to-digital converter. The area of the frequency-to-digital converter depends linearly on the ring oscillator number of taps. In this brief, we show a new frequency-to-digital converter which directly provides a Gray-encoded binary output from the ring oscillator signals. This implementation reduces the digital hardware area in a logarithmic factor keeping the same metastability robustness than the thermometric frequency-to-digital converter. Direct binary coding may simplify data compression and transfer in area-constrained multi-channel instrumentation systems such as neural probes. We show the basic system level structure along with a practical example with circuit simulations in 0.13 <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">$\mu {\mathrm{ m}}$ </tex-math></inline-formula> CMOS technology.