protection primitives and aid design realistic security policy enforcements by implementing multiple ... specific proble
Paper title Implementing Memory Protection Primitives on Reconfigurable Hardware Summary of the paper With increasing use of FPGAs in various domains and with even more increasing concern about security in military-related usage of FPGAs, protection primitives for reconfigurable hardware is taking a priority. The paper tries to evaluate some proposed protection primitives and aid design realistic security policy enforcements by implementing multiple cores on a single FPGA. Strengths of the paper The problem is very well motivated and the paper tries to evaluate a very important and challenging security problem in the reconfigurable hardware domain. The experimental methodology is good and stresses on real implementation. A comprehensive view of the related work helps put things in perspective. Weakness The paper is well written in certain sections, but when it comes to section 3, the flow breaks. While figure 1 and 4 are referenced in the text, I had no text explaining what figure 2 and 3 do. I felt a disconnect inbetween sections 2 and 3. I understand the motivation, I understand the problems that exist in this domain of reconfigurable computing, but the authors haven't made clear in the paper, what part of the problem set are they solving in this paper. However, that said, since I know a little more about this project than is in the paper, I could understand the intention, though I would like to read a little more about the specific problem that is being solved. One thing that I felt is lacking in this paper is a section which justifies the choice for the system architecture and evaluation parameters (performance, latency, power, time, or efficiency of security policy enforcements?). A clear definition of what the paper intends to evaluate is missing. Writing quality I would rate the writing quality of the paper a 3 out of 5. (I would have liked to see it more cohesive, with all figures and approaches explained with may be a paragraph or two more) Some Comments/Questions 1. I do not understand what it means when the authors say in Section 3.1 - "... we have designed software to communicate over TCP with the processor.." - What is the data flow path in this context? 2. In section 3.2 - what is "low latency and overhead"? Do you have any performance numbers? Some benchmark evaluations? May be this is not necessary for this course
project, but I think it would make the reader a little more comfortable if you atleast spoke about the bigger picture. 3. Future work in section 3.3 seemed a little vague to me, "...ensuring that the reference monitor and security policy perform as intended...". It may be better to define what these intensions are. 4. Why is Figure 2 and Figure 3 in the paper? May be your forgot to write about them? 5. This is a minor point - Security policy section-4 may be better understood by writing something about the rules and using a smaller example to illustrate, rather than letting the reader guess what it means from a huge set of rules. 6. Overall, it is a great project, and I think it is just a matter of explaining some key ideas to smoothen the flow of the paper, making the intention of the paper very clear in the beginning and letting the reader know what are the components involved in this project, and specifying a set of evaluation parameters (which may or may not be evaluated in this course project).
