The incredible growth of FPGA capabilities in recent years and the new included features have made them more and more attractive for numerous embedded systems. There is however an important shortcoming concerning security of data and design. Data security implies the protection of the FPGA application in the sense that the data inside the circuit and the data transferred to/from the peripheral circuits during the communication are protected. This paper suggests a new method to support the security of any FPGA platform using network processor technology. Low cost IP2022 UBICOM network processor was used as a security shield in front of any FPGA device. It was supplied with the necessary security methods such as AES ciphering engine, SHA-1, HMAC and an embedded firewall to provide confidentiality, integrity, authenticity, and packets filtering features.
This paper focuses on designing distributed wireless sensor network gateways armed with Intrusion Detection System (IDS). The main contribution of this work is the attempt to insert IDS functionality into the gateway node (UBICOM IP2022 network processor chip) itself. This was achieved by building a light weight signature based IDS based on the famous open source SNORT IDS. Regarding gateway nodes, as they have limited processing and energy constrains, the addition of further tasks (the IDS program) may affects seriously on its performance, so that, the current design takes these constrains into consideration as a priority and use a special protocol to achieve this goal. In order to optimize the performance of the gateway nodes, some of the preprocessing tasks were offloaded from the gateway nodes to a suggested classification and processing server and a new searching algorithm was suggested. Different measures were taken to validate the design procedure and a detailed simulation model was built to discover the behavior of the system in different environments.