Shielding Heterogeneous MPSoCs From Untrustworthy 3PIPs Through Security- Driven Task Scheduling

Multiprocessor system-on-chip (MPSoC) platforms face some of the most demanding security concerns, as they process, store, and communicate sensitive information using third-party intellectual property (3PIP) cores. The complexity of MPSoC makes it expensive and time consuming to fully analyze and test during the design stage. This has given rise to the trend of outsourcing design and fabrication of 3PIP components, that may not be trustworthy. To protect MPSoCs against malicious modifications, we impose a set of security-driven diversity constraints into the task scheduling step of the MPSoC design process, enabling the system to detect the presence of malicious modifications or to mute their effects during application execution. We pose the security-constrained MPSoC task scheduling as a multidimensional optimization problem, and propose a set of heuristics to ensure that the introduced security constraints can be fulfilled with a minimum impact on the other design goals such as performance and hardware. Experimental results show that without any extra cores, security constraints can be fulfilled within four vendors and 81% overhead in schedule length.

[1]  Farinaz Koushanfar,et al.  A Unified Framework for Multimodal Submodular Integrated Circuits Trojan Detection , 2011, IEEE Transactions on Information Forensics and Security.

[2]  Jeyavijayan Rajendran,et al.  Shielding heterogeneous MPSoCs from untrustworthy 3PIPs through security-driven task scheduling , 2013, 2013 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS).

[3]  Michael S. Hsiao,et al.  A Novel Sustained Vector Technique for the Detection of Hardware Trojans , 2009, 2009 22nd International Conference on VLSI Design.

[4]  Nikil D. Dutt,et al.  PoliMakE: a policy making engine for secure embedded software execution on chip-multiprocessors , 2010, WESS '10.

[5]  Ahmed Amine Jerraya,et al.  Scheduler implementation in MP SoC design , 2005, Proceedings of the ASP-DAC 2005. Asia and South Pacific Design Automation Conference, 2005..

[6]  Ishfaq Ahmad,et al.  Dynamic Critical-Path Scheduling: An Effective Technique for Allocating Task Graphs to Multiprocessors , 1996, IEEE Trans. Parallel Distributed Syst..

[7]  Edward A. Lee,et al.  A Compile-Time Scheduling Heuristic for Interconnection-Constrained Heterogeneous Processor Architectures , 1993, IEEE Trans. Parallel Distributed Syst..

[8]  Yiorgos Makris,et al.  Proof-Carrying Hardware Intellectual Property: A Pathway to Trusted Module Acquisition , 2012, IEEE Transactions on Information Forensics and Security.

[9]  Wayne H. Wolf,et al.  TGFF: task graphs for free , 1998, Proceedings of the Sixth International Workshop on Hardware/Software Codesign. (CODES/CASHE'98).

[10]  David A. Wagner,et al.  Defeating UCI: Building Stealthy and Malicious Hardware , 2011, 2011 IEEE Symposium on Security and Privacy.

[11]  Anoop Gupta,et al.  Parallel computer architecture - a hardware / software approach , 1998 .

[12]  Daniel Brélaz,et al.  New methods to color the vertices of a graph , 1979, CACM.

[13]  Simha Sethumadhavan,et al.  Silencing Hardware Backdoors , 2011, 2011 IEEE Symposium on Security and Privacy.

[14]  Timo Hämäläinen,et al.  Hybrid Algorithm for Mapping Static Task Graphs on Multiprocessor SoCs , 2005, 2005 International Symposium on System-on-Chip.

[15]  Y.-K. Kwok,et al.  Static scheduling algorithms for allocating directed task graphs to multiprocessors , 1999, CSUR.

[16]  Koonchan Kim A METHOD FOR COMPUTING UPPER BOUNDS ON THE SIZE OF A MAXIMUM CLIQUE , 2003 .

[17]  Chen Liu,et al.  Exploiting heterogeneity in MPSoCs to prevent potential trojan propagation across malicious IPs , 2014, GLSVLSI '14.

[18]  Mark Mohammad Tehranipoor,et al.  Protection Against Hardware Trojan Attacks: Towards a Comprehensive Solution , 2013, IEEE Design & Test.

[19]  Miodrag Potkonjak,et al.  Hardware Trojan horse detection using gate-level characterization , 2009, 2009 46th ACM/IEEE Design Automation Conference.

[20]  Nikil D. Dutt,et al.  TrustGeM: Dynamic trusted environment generation for chip-multiprocessors , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[21]  Mark R. Beaumont,et al.  SAFER PATH: Security architecture using fragmented execution and replication for protection against trojaned hardware , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[22]  Mark Mohammad Tehranipoor,et al.  Case study: Detecting hardware Trojans in third-party digital IP cores , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[23]  Berk Sunar,et al.  Trojan Detection using IC Fingerprinting , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[24]  Simha Sethumadhavan,et al.  Tamper Evident Microprocessors , 2010, 2010 IEEE Symposium on Security and Privacy.

[25]  Mark Mohammad Tehranipoor,et al.  Trustworthy Hardware: Identifying and Classifying Hardware Trojans , 2010, Computer.

[26]  R. F. Freund,et al.  Dynamic matching and scheduling of a class of independent tasks onto heterogeneous computing systems , 1999, Proceedings. Eighth Heterogeneous Computing Workshop (HCW'99).

[27]  Mark Mohammad Tehranipoor,et al.  Detecting malicious inclusions in secure hardware: Challenges and solutions , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[28]  Sarita V. Adve,et al.  Architectures for online error detection and recovery in multicore processors , 2011, 2011 Design, Automation & Test in Europe.

[29]  Mark Mohammad Tehranipoor,et al.  Trustworthy Hardware: Trojan Detection and Design-for-Trust Challenges , 2011, Computer.

[30]  Wayne H. Wolf The future of multiprocessor systems-on-chips , 2004, Proceedings. 41st Design Automation Conference, 2004..

[31]  Simha Sethumadhavan,et al.  FANCI: identification of stealthy malicious logic using boolean functional analysis , 2013, CCS.

[32]  H. T. Kung,et al.  DISTROY: Detecting Integrated Circuit Trojans with Compressive Measurements , 2011, HotSec.

[33]  Yiorgos Makris,et al.  Hardware Trojan detection using path delay fingerprint , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[34]  Jun Gu,et al.  FAST: a low-complexity algorithm for efficient scheduling of DAGs on parallel processors , 1996, Proceedings of the 1996 ICPP Workshop on Challenges for Parallel Processing.

[35]  Sri Parameswaran,et al.  SHIELD: A software hardware design methodology for security and reliability of MPSoCs , 2008, 2008 45th ACM/IEEE Design Automation Conference.

[36]  H. Rice Classes of recursively enumerable sets and their decision problems , 1953 .

[37]  Kaushik Roy,et al.  Multiple-parameter side-channel analysis: A non-invasive hardware Trojan detection approach , 2010, 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[38]  Sri Parameswaran,et al.  Architectural Frameworks for Security and Reliability of MPSoCs , 2011, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[39]  Mihalis Psarakis,et al.  Accelerating microprocessor silicon validation by exposing ISA diversity , 2011, 2011 44th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).