Secure and Flexible Trace-Based Debugging of Systems-on-Chip

This work tackles the conflict between enforcing security of a system-on-chip (SoC) and providing observability during trace-based debugging. On one hand, security objectives require that assets remain confidential at different stages of the SoC life cycle. On the other hand, the trace-based debug infrastructure exposes values of internal signals that can leak the assets to untrusted third parties. We propose a secure trace-based debug infrastructure to resolve this conflict. The secure infrastructure tags each asset to identify its owner (to whom it can be exposed during debug) and nonintrusively enforces the confidentiality of the assets during runtime debug. We implement a prototype of the enhanced infrastructure on an FPGA to validate its functional correctness. ASIC estimations show that our approach incurs practical area and power costs.

[1]  Mark Mohammad Tehranipoor,et al.  A low-cost solution for protecting IPs against scan-based side-channel attacks , 2006, 24th IEEE VLSI Test Symposium.

[2]  Ramesh Karri,et al.  Attacks and Defenses for JTAG , 2010, IEEE Design & Test of Computers.

[3]  Ramesh Karri,et al.  Scan based side channel attack on dedicated hardware implementations of Data Encryption Standard , 2004, 2004 International Conferce on Test.

[4]  Srivaths Ravi,et al.  SECA: security-enhanced communication architecture , 2005, CASES '05.

[5]  Swarup Bhunia,et al.  Correctness and security at odds: Post-silicon validation of modern SoC designs , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[6]  Jennifer Dworak,et al.  Don't forget to lock your SIB: hiding instruments using P1687 , 2013, 2013 IEEE International Test Conference (ITC).

[7]  Spyros Tragoudas,et al.  Enhanced Secure Architecture for Joint Action Test Group Systems , 2013, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[8]  Qiang Xu,et al.  Trace signal selection for visibility enhancement in post-silicon validation , 2009, 2009 Design, Automation & Test in Europe Conference & Exhibition.

[9]  Chien-Mo James Li,et al.  A Secure Test Wrapper Design Against Internal and Boundary Scan Attacks for Embedded Cores , 2012, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[10]  Trevor Mudge,et al.  MiBench: A free, commercially representative embedded benchmark suite , 2001 .

[11]  Paul D. Franzon,et al.  FreePDK: An Open-Source Variation-Aware Design Kit , 2007, 2007 IEEE International Conference on Microelectronic Systems Education (MSE'07).

[12]  Simha Sethumadhavan,et al.  WHISK: An uncore architecture for Dynamic Information Flow Tracking in heterogeneous embedded SoCs , 2013, 2013 International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS).

[13]  Ahmad-Reza Sadeghi,et al.  PUF-based secure test wrapper design for cryptographic SoC testing , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[14]  Rob Johnson,et al.  Implementing a key recovery attack on the High-Bandwidth Digital Content Protection Protocol , 2011, 2011 IEEE Consumer Communications and Networking Conference (CCNC).

[15]  Jean-Pierre Seifert,et al.  A trusted mobile phone reference architecturevia secure kernel , 2007, STC '07.

[16]  Aurélien Francillon,et al.  Half-blind attacks: mask ROM bootloaders are dangerous , 2009 .

[17]  Kees Goossens,et al.  Debugging Systems-on-Chip: Communication-centric and Abstraction-based Techniques , 2014 .

[18]  Karthikeyan Sankaralingam,et al.  Power struggles: Revisiting the RISC vs. CISC debate on contemporary ARM and x86 architectures , 2013, 2013 IEEE 19th International Symposium on High Performance Computer Architecture (HPCA).

[19]  Jung Ho Ahn,et al.  McPAT: An integrated power, area, and timing modeling framework for multicore and manycore architectures , 2009, 2009 42nd Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

[20]  Ingrid Verbauwhede,et al.  Exploiting Hardware Performance Counters , 2008, 2008 5th Workshop on Fault Diagnosis and Tolerance in Cryptography.

[21]  Norman P. Jouppi,et al.  Architecting Efficient Interconnects for Large Caches with CACTI 6.0 , 2008, IEEE Micro.

[22]  Sanu Mathew,et al.  2.4GHz 7mW all-digital PVT-variation tolerant True Random Number Generator in 45nm CMOS , 2010, 2010 Symposium on VLSI Circuits.

[23]  William A. Orme Debug and Trace for Multicore SoCs How to build an efficient and effective debug and trace system for complex , multicore SoCs , 2008 .

[24]  Sridhar Rajagopal,et al.  Secure, intuitive and low-cost device authentication for Smart Grid networks , 2011, 2011 IEEE Consumer Communications and Networking Conference (CCNC).

[25]  David Witt OMAP4430 architecture and development , 2009, 2009 IEEE Hot Chips 21 Symposium (HCS).

[26]  Cong Xu,et al.  NVSim: A Circuit-Level Performance, Energy, and Area Model for Emerging Nonvolatile Memory , 2012, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[27]  Hai Zhou,et al.  Parallel CAD: Algorithm Design and Programming Special Section Call for Papers TODAES: ACM Transactions on Design Automation of Electronic Systems , 2010 .