Results 1 -
8 of
8
Dynamic NoC-Based architecture for MPSoC security implementation
- In Proc. 24th symposium on integrated circuits and systems. SBCCI
, 2011
"... MPSoCs have been proposed as a promising architecture choice to overcome the challenging embedded electronics requirements, characterized by tights development times and fast evolution of applications. The MPSoC flexibility, also represents a system vulnerability. As security requirements vary drama ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
MPSoCs have been proposed as a promising architecture choice to overcome the challenging embedded electronics requirements, characterized by tights development times and fast evolution of applications. The MPSoC flexibility, also represents a system vulnerability. As security requirements vary dramatically for different applications, the challenge is to provide MPSoC security that allows a trustworthy system that meets all the security requirements of such applications. NoC has become an attractive alternative to support the MPSoC communication requirements. Our work proposes the implementation of dynamic security architecture to overcome present MPSoC vulnerabilities. We integrate agile and dynamic security firewalls into the NoC in order to detect attacks based on different security rules. We evaluate the effectiveness of our approach over several MPSoCs scenarios and estimate their impact on the overall performance. We show that our architecture can perform a fast detection of a wide range of attacks and a fast configuration of the different security policies for several MPSoC applications.
DOI: 10.1109/FPL.2012.6339233 LIGHTWEIGHT RECONFIGURATION SECURITY SERVICES FOR AXI-BASED MPSOCS
, 2012
"... Nowadays, security is a key constraint in MPSoC development as many critical and secret information can be stored and manipulated within these systems. Addressing the protection issue in an efficient way is challenging as information can leak from many points. However one strategic component of a bu ..."
Abstract
- Add to MetaCart
(Show Context)
Nowadays, security is a key constraint in MPSoC development as many critical and secret information can be stored and manipulated within these systems. Addressing the protection issue in an efficient way is challenging as information can leak from many points. However one strategic component of a bus-based MPSoC is the communication architecture as all information that an attacker could try to extract or modify would be visible on the bus. Thus monitoring and controlling communications allows an efficient protection of the whole system. Attacks can be detected and discarded before system corruption. In this work, we propose a lightweight solution to dynamically update hardware firewall enhancements which secure data exchanges in a busbased MPSoC. It provides a standalone security solution for AXI-based embedded systems where no user intervention is required for security mechanisms update. An FPGA implementation demonstrates an area overhead of around 11 % for the adaptive version of the hardware firewall compared to the static one. 1.
unknown title
, 2012
"... boot-to-runtime protection flow for an embedded Linux-based system ..."
(Show Context)
Security enhancements for FPGA-based MPSoCs:
"... Abstract—Nowadays, embedded systems become more and more complex: the hardware/software codesign approach is a method to create such systems in a single chip which can be based on reconfigurable technologies such as FPGAs (Field-Programmable Gate Arrays). In such systems, data exchanges are a key po ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract—Nowadays, embedded systems become more and more complex: the hardware/software codesign approach is a method to create such systems in a single chip which can be based on reconfigurable technologies such as FPGAs (Field-Programmable Gate Arrays). In such systems, data exchanges are a key point as they convey critical and confi-dential information and data are transmitted between several hardware modules and software layers. In case of an FPGA development life cycle, OS (Operating System) / data updates as runtime communications can be done through an insecure link: attackers can use this medium to make the system misbehave (malicious injection) or retrieve bitstream-related information (eavesdropping). Recent works propose solutions to securely boot a bitstream and the associated OS while runtime transactions are not protected. This work proposes a full boot-to-runtime protection flow of an embedded Linux kernel during boot and confidential-ity/integrity protection of the external memory containing the kernel and the main application code/data. This work shows that such a solution with hardware components induces an area occupancy of 10 % of a xc6vlx240t Virtex-6 FPGA while having an improved throughput for Linux booting and low-latency security for runtime protection. I.
LIGHTWEIGHT RECONFIGURATION SECURITY SERVICES FOR AXI-BASED MPSOCS
"... Nowadays, security is a key constraint in MPSoC develop-ment as many critical and secret information can be stored and manipulated within these systems. Addressing the pro-tection issue in an efficient way is challenging as information can leak from many points. However one strategic compo-nent of a ..."
Abstract
- Add to MetaCart
(Show Context)
Nowadays, security is a key constraint in MPSoC develop-ment as many critical and secret information can be stored and manipulated within these systems. Addressing the pro-tection issue in an efficient way is challenging as information can leak from many points. However one strategic compo-nent of a bus-based MPSoC is the communication architec-ture as all information that an attacker could try to extract or modify would be visible on the bus. Thus monitoring and controlling communications allows an efficient protec-tion of the whole system. Attacks can be detected and dis-carded before system corruption. In this work, we propose a lightweight solution to dynamically update hardware fire-wall enhancements which secure data exchanges in a bus-based MPSoC. It provides a standalone security solution for AXI-based embedded systems where no user intervention is required for security mechanisms update. An FPGA imple-mentation demonstrates an area overhead of around 11 % for the adaptive version of the hardware firewall compared to the static one. 1.
Hierarchical NoC-based security for MP-SoC dynamic protection
"... Abstract — MPSoCs are able to support multiple applications on the same chip. This flexibility offered by the MPSoC also represents a vulnerability, turning the MPSoC security specially challenging. The goal of the designers is to provide MPSoC protection that meets the performance and security requ ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract — MPSoCs are able to support multiple applications on the same chip. This flexibility offered by the MPSoC also represents a vulnerability, turning the MPSoC security specially challenging. The goal of the designers is to provide MPSoC protection that meets the performance and security requirements of all the applications. The Network-on-chip (NoC) interconnection structure can be used to efficiently overcome the present MPSoC vulnerabilities. In this paper, we present the implementation of a hierarchical security NoC-based architecture to detect and prevent a wide range of MPSoC attacks. We integrate agile and dynamic security firewalls into the NoC in order to detect attacks based on different security rules. It uses the QoSS (Quality of Security Service) concept. It takes into account the tradeoff between security and performance. We evaluate the effectiveness of our approach over several MPSoCs attack scenarios and estimate their impact on the overall performance. We show that our architecture can perform a fast detection of a wide range of attacks and a fast configuration of the different security policies for several MPSoC applications. Keywords-security; network-on-chip; Multi-Processor SoC; QoSS (Quality-of-Security-Service)
978-1-4799-1132-5/13/$31.00 ©2013 IEEE Security-Enhanced 3D Communication Structure for Dynamic 3D-MPSoCs Protection
"... (3D-MPSoCs) hold promises to allow the development of compact and efficient devices. By means of such technology, multiple applications are supported on the same chip, which can be mapped dynamically during the execution time. This flexibility offered by the 3D technology, also represents vulnerabil ..."
Abstract
- Add to MetaCart
(Show Context)
(3D-MPSoCs) hold promises to allow the development of compact and efficient devices. By means of such technology, multiple applications are supported on the same chip, which can be mapped dynamically during the execution time. This flexibility offered by the 3D technology, also represents vulnerability, turning the 3D-MPSoC security into a challenging task. 3D communication structures (3D-HoCs), which combine buses and network-on-chip can be used to efficiently overcome the present 3D-MPSoC vulnerabilities. 3D-HoCs can be used to implement different security services, monitor the data exchange and isolate dangerous IPs. In this paper, we implement Quality of Security Service (QoSS) in 3D-HoC to efficiently detect and prevent attacks by means of agile and dynamic security firewalls. Such a method takes advantage of the 3D-HoC wide system visibility and critical role in enabling system operation. We evaluate the effectiveness of our approach over several 3D-MPSoCs attack scenarios and estimate their impact on the overall performance. Results show that our architecture can perform a fast detection of a wide range of attacks and a fast configuration of the different security policies. Keywords—3D-MPSoC, Network-on-chip, bus; quality-of-service; security; performance. I.
Research Article QoSS Hierarchical NoC-Based Architecture for MPSoC Dynamic Protection
"... License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. As electronic systems are pervading our lives, MPSoC (multiprocessor system-on-chip) security is becoming an important requirement. MPSoCs are able to support multiple ..."
Abstract
- Add to MetaCart
(Show Context)
License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. As electronic systems are pervading our lives, MPSoC (multiprocessor system-on-chip) security is becoming an important requirement. MPSoCs are able to support multiple applications on the same chip. The challenge is to provide MPSoC security that makes possible a trustworthy system that meets the performance and security requirements of all the applications. The network-on-chip (NoC) can be used to efficiently incorporate security. Our work proposes the implementation of QoSS (quality of security service) to overcome present MPSoC vulnerabilities. QoSS is a novel concept for data protection that introduces security as a dimension of QoS. QoSS takes advantage of the NoC wide system visibility and critical role in enabling system operation, exploiting the NoC components to detect and prevent a wide range of attacks. In this paper, we present the implementation of a layered dynamic security NoC architecture that integrates agile and dynamic security firewalls in order to detect attacks based on different security rules. We evaluate the effectiveness of our approach over several MPSoCs scenarios and estimate their impact on the overall performance. We show that our architecture can perform a fast detection of a wide range of attacks and a fast configuration of different security policies for several MPSoC applications. 1.
