1 ECE 545 Digital System Design with VHDL Fall 2017 Kris Gaj Office hours: Thursday, 3:15-4:15 PM, Tuesday, 6:00-7:00 PM, and by appointment Research and teaching interests: • reconfigurable computing • hardware/software codesign • computer arithmetic • cryptography Contact: The Engineering Building, room 3225 [email protected]Course Web Page Google “Kris Gaj” ® ECE 545 Digital System Design with VHDL ECE 545 Part of: MS in Electrical Engineering MS in Computer Engineering Digital Systems Design Digital Signal Processing Fundamental course for the specialization areas: Elective Elective course in the remaining specialization areas One of five core courses (must be passed with B or better) ECE 545 Part of: PhD in Electrical and Computer Engineering Knowledge tested at the Technical Qualifying Exam (TQE) Topic 2: Digital Design and Computer Organization I am interested in… I want to specialize primarily in… VLSI Digital Systems Design ASICs & FPGAs VHDL/Verilog CAD Tools Reconfigurable Computing Microelectronics VLSI Fabrication Nanoelectronics CAD tools & Design Automation Hardware Description Languages FPGAs & Reconfigurable computing Computer Arithmetic Front-end ASIC Design (algorithmic downto gate level) Back-end ASIC Design (circuit and mask layout levels) Analog & Digital Circuit Design VLSI Fabrication Microelectronics Nanoelectronics Semiconductor Devices MS CpE Digital Systems Design MS EE Microelectronics/ Nanoelectronics Recommended program & specialization
22
Embed
Digital System Design with VHDL - George Mason Universityece.gmu.edu/coursewebpages/ECE/ECE545/F17/viewgraphs/ECE545_lecture_0... · Analog & Digital Circuit Design VLSI Fabrication
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
1
ECE 545
Digital System Design with VHDL
Fall 2017
Kris Gaj
Office hours: Thursday, 3:15-4:15 PM,Tuesday, 6:00-7:00 PM,and by appointment
Research and teaching interests:• reconfigurable computing• hardware/software codesign• computer arithmetic• cryptography
• All homework assignments should be done individually
• Using any code not developed by a given student, or using any external help needs to be acknowledged
• Students are encouraged to help and support each other in all problems related to the- installation & operation of the CAD tools- understanding of homework tasks
4
Midterm exam 1ü 2 hours 40 minutes
ü in class
ü design-oriented
ü open-books, cheat sheet
ü practice exams available on the web
Last week of October
Tentative date:
Final examü 2 hours 45 minutes
ü in class
ü design-oriented
ü open-books, cheat sheet
ü practice exams available on the web
Thursday, December 14, 4:30-7:15pm
Date:
21
Textbooks
Required TextbookPong P. Chu, RTL Hardware Design Using VHDL,Wiley-Interscience, 2006.
Supplementary Textbook – Basics Refresher
Stephen Brown and Zvonko Vranesic,Fundamentals of Digital Logic with VHDL Design, McGraw-Hill, 3rd Edition, 2008.
Supplementary Textbook – AdvancedRicardo Jasinski, Effective Coding with VHDL: Principles and Best Practice, The MIT Press; 1st Edition, 2016.
5
Supplementary Textbook – AdvancedHubert Kaeslin, Digital Integrated Circuit Design: From VLSI Architectures to CMOS Fabrication, Cambridge University Press; 1st Edition, 2008.
• designs must be sentfor expensive and timeconsuming fabricationin semiconductor foundry
• bought off the shelfand reconfigured bydesigners themselves
Two competing implementation approaches
ASICApplication Specific
Integrated Circuit
FPGAField Programmable
Gate Array
• designed all the wayfrom behavioral descriptionto physical layout
• no physical layout design;design ends witha bitstream usedto configure a device
FPGAs vs. ASICs
ASICs FPGAs
High performanceOff-the-shelf
Short time to the market
Low development costs
Reconfigurability
Low power
Low cost (but only in high volumes)
36ECE 448 – FPGA and ASIC Design with VHDL
Major FPGA VendorsSRAM-based FPGAs• Xilinx, Inc.• Altera Corp.
(subsidiary of Intel since 2015)• Lattice Semiconductor• Atmel• Achronix• Tabula (went out of business in 2015)Flash & antifuse FPGAs• Microsemi SoC Products Group (formerly Actel Corp.)• Quick Logic Corp.
FPGA Design process (1)Design and implement a simple unit permitting to speed up encryption with RC5-similar cipher with fixed key set on 8031 microcontroller. Unlike in the experiment 5, this time your unit has to be able to perform an encryption algorithm by itself, executing 32 rounds…..
clock, reset, encr_decr: in std_logic;data_input: in std_logic_vector(31 downto 0);data_output: out std_logic_vector(31 downto 0);out_full: in std_logic;key_input: in std_logic_vector(31 downto 0);key_read: out std_logic;
randomly where the tool should place logic cells• Does adequate job for FPGAs below 1 million GEs
Vivado:• Modern multidimensional analytic placement algorithm• Deterministically finds a solution that primarily minimizes:
timing, congestion, and wire length• Better results, fewer iterations• Efficient up to 100 million GEs
Vivado’s Multidimensional Optimization
Source: Xcell, no. 79, 2012
Hierachical Chip Planning& Advantages of Standards
• ability to partition the design for processing by synthesis, implementation and verification
• divide-and-conquer team approach to big projects• design preservation feature enabling repeatable timing results• access to state of the art third-party EDA tools for tasks such as
• capable of analyzing design logic and removing unnecessary switching activity
• advanced clock gating techniques• up to 30% reduction in dynamic power• power estimates at every stage of the design flow
12
Flow Automation, Not Flow Dictation
• GUI-based push-button flow• GUI-based step-by-step analysis at each design stage• Command line• Batch
High-Level Synthesis
• extensive evaluation of commercial tools forElectronic System Level (ESL) design (including study by research firm BDTI)
• 2010 acquisition of AutoESL Design Technologies, Inc. (25 employees) with flagship product AutoPilot
• Autopilot further developed and fully incorporated into Vivado Design Suite as Vivado HLS
• Design and verification orders of magnitude faster than at the RTL level
• Results dependent on the application domain
High Level LanguageC, C++, System C
Hardware Description LanguageVHDL or Verilog
VivadoHLS
Vivado HLS
High-Level Synthesis
HDLCode
Physical ImplementationFPGATools
Netlist
PostPlace&Route
Results
Functional Verification
Timing Verification
ReferenceImplementationinC
TestVectors
Manual Modifications(pragmas, tweaks)
HLS-readyCcode
HLS-Based Development and Benchmarking Flow
Vivado HLS Additional Simulation Tool
ModelSim-Intel FPGA Starter Edition
ModelSim:• Industry standard for simulation• Significantly faster than Vivado Simulator• Windows, Linux OS• Mixed-language support: VHDL, Verilog, System Verilog• Recommended for advanced users and more complex designs• To be used primarily as a standalone tool for functional simulation
(configuration for the timing simulation more time-consuming)
Features of the Starter Edition:• Free, no license required• 10,000 executable line limit
13
Lab Access Rules and Behavior Code
Please refer to
ECE Labs website
and in particular to
Access rules & behavior code
74
Project
Project
üCryptography Projects - proposed by the Instructor
ü Projects in your domain of expertise, e.g.,DSP, Applied and Engineering Physics, Remote Sensing & Image Processing, Big Data, Bioengineering, etc.
üyou will be responsible for defining and specifying a topic & scope of these projects by yourselves
ü an additional advisor, such as your MS/PhD Thesis advisoror manager at work highly recommended
Cryptography Project
ürelated to the research project conducted byCryptographic Engineering Research Group (CERG)at GMU
ü supporting NIST (National Institute of Standardsand Technology) in the evaluation of candidatesfor new cryptographic standards
• Avoid back-door theories• Speed-up the acceptance of the standard• Stimulate non-classified research on methods of
designing a specific cryptographic transformation• Focus the effort of a relatively small cryptographic
community
80
Features Required from Today’s Ciphers
FUNCTIONALITY• easy key distribution• digital signatures
STRENGTHPERFORMANCE• software• hardware
81
Secret-key (Symmetric) Ciphers
key of Alice and Bob - KAB key of Alice and Bob - KAB
Alice Bob
Network
Encryption Decryption
Most Popular Standards: AES, Triple DES82
Features of Secret-Key Ciphers
FUNCTIONALITY• easy key distribution• digital signatures
STRENGTHPERFORMANCE• software• hardware
Best attack:Exhaustive-key search2k trials for a k-bit key
Primary Application: Bulk data encryption
83
Public-key (Asymmetric) CiphersPublic key of Bob - KB Private key of Bob - kB
Alice Bob
Network
Encryption Decryption
Most Popular Standards: RSA, Elliptic Curve Cryptography (ECC)84
Digital Signature Schemes
Message
Hash function
Public keycipher
Alice Signature
Alice’s private key
Bob
Hash function
Alice’s public key
Hash value 1
Hash value 2
Hash value
Public key cipher
yes no
Message Signature
15
85
Features of Public-Key Ciphers
FUNCTIONALITY• easy key distribution• digital signatures
STRENGTHPERFORMANCE• software• hardware
Best attack:Solving the underlying math problem, such asfactoring of largeintegers:Given N=P�Q,find P and Q.
Primary Applications: Exchange of keys for secret-key ciphersDigital signatures
Five security levels & corresponding key sizes allowed by American government
NIST SP 800-56
RSA ECCSymmetricciphersLevel
IIIIIIIVV
80
112
128
192
256
160
224
256
384
512
1024
2048
3072
8192
15360
87
Evaluation Criteria in Cryptographic Contests
Security
Software Efficiency Hardware Efficiency
Simplicity
FPGAs ASICs
Flexibility Licensing
µProcessors µControllers
88
• Focus on ranking, rather than absolute values• Only relatively large differences (>20-30%) matter• Winner in use for the next 20-30 years, implemented using
technologies not in existence today• Very wide range of possible applications, and as a result
performance and cost targets• Large number of candidates• Limited time for evaluation• Results are final
Hardware Benchmarking in Cryptographic Contests
89
AES Contest 1997-2000Final Round
Hardware results matter!
Speed in FPGAs Votes at the AES 3 conference
90
NIST SHA-3 Contest - Timeline
51candidates
Round 114 5 1
Round 3
July 2009 Dec. 2010 Oct. 2012Oct. 2008
Round 2 Round 3
16
91
Throughput vs. Area Normalized to Results for SHA-256 and Averaged over 11 FPGA Families – 256-bit variants
Early Leader
Overall Normalized Area
Overall Normalized Throughput
92
SHA-3 finalists in high-performance FPGA families
2.830.79 4.002.001.411.000.500.350.25
• standard-cell CMOS 65nm UMC ASIC process
• 256-bit variants of algorithms
• Taped-out in Oct. 2011,successfully testedin Feb. 2012
GMU/ETH Zurich ASIC
94
Correlation Between ASIC Results and FPGA Results
ASIC Stratix III FPGA
95
Correlation Between ASIC Results and FPGA Results
ASIC Stratix III FPGA
96
Goal: Portfolio of new-generation authenticated ciphers
First-round submissions: March 15, 2014
Announcement of final portfolio: 2018
Organizer: An informal committee of leading cryptographic experts
Number of candidate families:
Round 1: 57 Round 2: 29 Round 3: 15
CAESAR Competition
17
97
Message
Bob
Tag
Alice
Authenticated Ciphers
KAB KABAuthenticatedCipher
IV
CiphertextIV
TagCiphertextIV
AuthenticatedCipher
valid
KAB - Secret key of Alice and BobIV – Initialization Vector, AD – Associated Data
E – Throughput/Area for EncryptionD – Throughput/Area for DecryptionA – Throughput/Area for Authentication OnlyDefault: Throughput/Area the same for all 3 operations
101
Relative Throughput in Virtex 6Ratio of a given Cipher Throughput/Throughput of AES-GCM
Throughput of AES-GCM = 3239 Mbit/s
E – Throughput for EncryptionD – Throughput for DecryptionA – Throughput for Authentication OnlyDefault: Throughput the same for all 3 operations
ATHENa Database of Results
18
103
• Available athttp://cryptography.gmu.edu/athena
• Developed by John Pham, a Master’s-level student of Jens-Peter Kaps as a part of the SHA-3 Hardware Benchmarking project, 2010-2012,(sponsored by NIST)
• In June 2015 extended to support Authenticated Ciphers
• In July 2017 extended to support the CAESAR Use Casesand ranking of candidate variants
• More comprehensive• Allows close investigation of all designs &
comparative analysis• Geared toward more advanced users• On-line help
105
• Fall 2009: SHA-3 Contest, Round 2• Fall 2010: SHA-3 Contest, Round 2• Fall 2011: SHA-3 Contest, Round 3• Fall 2012: Pilot study on Authenticated Ciphers• Fall 2013: Pilot studies on Authenticated Ciphers, Block
Ciphers, and Stream Ciphers• Fall 2014: CAESAR Contest, Round 1• Fall 2015: CAESAR Contest, Round 2• Fall 2016: CAESAR Contest, Round 3• Fall 2017: Post-Quantum Cryptography Pilot Study
Participation of the ECE 545 students
106
Threat of Quantum Computers
• First perceived by physicists (R. Feynman,D. Deutsch) in 1980s
• First significant quantum algorithms(capable of running on quantum computers only) developed in 1990s
• First practical realization in 1998(2 qubits)
• Significant technological breakthroughsduring the last 20 years
• Quantum Artificial Intelligence lab started by Google in 2013
• IBM quantum processor (16-17 qubits)in 2017Photo: Vandersypen, PQCrypto 2017
107Source: Vandersypen, PQCrypto 2017
Major advances during the last 20 years
Timeline of Quantum Computing: https://en.wikipedia.org/wiki/Timeline_of_quantum_computing
108
Effect on Secret-Key Algorithms
1996: Grover’s Algorithm, reduces the time of the exhaustive-key searchfor secret key ciphers
from 2k to 2k/2 operations, for a k-bit key, e.g., from 2128 to 264 operations, for a 128-bit key or
from 2256 to 2128 operations, for a 256-bit key
assuming a sufficiently powerful and reliable quantum computer available
Easy Countermeasure: Double the size of a key
19
109
Effect on Public-Key Algorithms
1994: Shor’s Algorithm, breaks major public key cryptosystems based on
a sufficiently powerful and reliable quantum computer available
No known countermeasuresNew algorithms and standards required
110
Remaining Challenges in Quantum Computing
1. High sensitivity to manufacturing variationsSolution: Best industry cleanrooms, e.g., QuTech-Intel collaborationtoward quantum-dot arrays made @ Intel 300mm wafers
2. Scalable control circuits (currently bulky & expensive)Solution: Tailored cryo-CMOS digital control
3. Multitude of interconnects and external pinsSolution: Multiplexing electronics co-integrated with qubits
4. Non-standard architecture & limited programmabilitySolution: System layer approach
Likely to be overcome in the next 10-15 yearsSource: Vandersypen, PQCrypto 2017
111
System Layer Approach
Source: Vandersypen, PQCrypto 2017 112
Projected Progress
Source: Vandersypen, PQCrypto 2017
113
Can we accelerate building quantum computers?
Source: Vandersypen, PQCrypto 2017 114
Can we accelerate software development?
Source: Vandersypen, PQCrypto 2017
20
115
Public-key cryptographic algorithms for which there are no known attacks using quantum computers
Capable of • being implemented using any traditional methods,
including software and hardware• running efficiently on any modern computing platforms:
PCs, tablets, smartphones, servers with FPGA accelerators, etc.
Post-Quantum Cryptography
116
• New public-key cryptographic families: mid-1990s-present• D.J. Bernstein introduces the term post-quantum cryptography: 2003• Series of PQCrypto Conferences: 2006-present• NIST Workshop on Cybersecurity in a Post-Quantum World 2015• NIST announcement of standardization plans at PQCrypto 2016,
Fukuoka, Japan, Feb. 2016• NIST Call for Proposals and Request for Nominations for Public-Key
Post-Quantum Cryptographic Algorithms: Dec. 2016Deadline for submitting candidates: November 30, 2017
Post-Quantum Cryptography Efforts
117
• NIST Call for Proposals and Request for Nominations for Public-Key Post-Quantum Cryptographic Algorithms: Dec. 2016
Deadline for submitting candidates: November 30, 2017
Post-Quantum Cryptography NIST Project
Source: Moody, NIST 2017 118
Promising PQC Families
Family Encryption Signature Key Agreement
Hash-based XX
Code-based XX X
Lattice-based XX X
Multivariate X XX
Supersingular Elliptic CurveIsogeny
XX
XX – high-confidence candidates, X – medium-confidence candidates