bedded systems, it is imperative to consider their security. While much of the research in this field is oriented toward the protection of the intellectual property contained in the FPGA’s configuration, the protection of the design’s integrity from malicious attack against the con-figuration is critical to the operation of the system. Methods for attacking the configuration are semi-invasive attacks, such as fault injection, and data tampering of incoming partial bitstreams. This thesis introduces methods for securing the integrity of an FPGA’s configuration. The design and implementation is discussed for a system that consists of three parts. The first subsystem monitors the running configuration. The second subsystem authenticates partial bistreams that may be used for repairing the configuration from malicious alterations during run-time. The third subsystem indicates if the system itself succumbs to a malicious attack. The system is implemented on-chip, allowing the FPGA to effectively secure itself from attack. Acknowledgements The work presented in this thesis would not have been possible if it were not for the help, sup-

Contents lists available at ScienceDirect