Towards resilient multicore architectures for real-time controls

The DOD community is interested in multicore system-on-a-chip architectures to host Multi-Level Secure (MLS) command and control systems. These systems must be secure and resilient, not unlike hardened real-time control systems used in critical infrastructures. In this paper we discuss how Smart Grid features will fundamentally change our power grid and communication infrastructures, and suggest that resilient multicore systems-on-a-chip may offer a solution to the increased complexity of our critical infrastructure control systems, if those architectures can be suitably hardened. We showcase two vulnerabilities in the Cell Broadband Engine and show how those vulnerabilities can be mitigated using changes to the Linux kernel. Similar problems can been found in the Intel Nehalem architecture and the Freescale P4080 architecture. We conclude that multicore architectures are only suitable for MLS and resilient real-time controls if, and only if, designers pay close attention to mitigating the inherent firmware and software vulnerabilities.

[1]  Nadine Hanebutte,et al.  The MILS Architecture for a Secure Global Information Grid , 2005 .

[2]  Matthew Scarpino,et al.  Programming the Cell Processor: For Games, Graphics, and Computation , 2008 .

[3]  P. J. Byers Definition of requirements for a safety critical communications system , 1992, ICSE 1992.

[4]  Jim Alves-Foss,et al.  The MILS architecture for high-assurance embedded systems , 2006, Int. J. Embed. Syst..

[5]  Chen Tianzhou,et al.  Design and Analyze the Communication in the Multi-Core Soc Driven by Petri Net , 2007, Third International Conference on Autonomic and Autonomous Systems (ICAS'07).

[6]  Dong Seong Kim,et al.  Resilience in computer systems and networks , 2009, 2009 IEEE/ACM International Conference on Computer-Aided Design - Digest of Technical Papers.

[7]  David Elliott Bell Concerning 'modeling' of computer security , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.