Side-channel protected MPSoC through secure real-time networks-on-chip

Abstract The integration of Multi-Processors System-on-Chip (MPSoCs) into the Internet-of-Things (IoT) context brings new opportunities, but also represent risks. Tight real-time constraints and security requirements should be considered simultaneously when designing MPSoCs. Network-on-Chip (NoCs) are specially critical when meeting these two conflicting characteristics. For instance the NoC design has a huge influence in the security of the system. A vital threat to system security are so-called side-channel attacks based on the NoC communication observations. To this end, we propose a NoC security mechanism suitable for hard real-time systems, in which schedulability is a vital design requirement. We present three contributions. First, we show the impact of the NoC routing in the security of the system. Second, we propose a packet route randomisation mechanism to increase NoC resilience against side-channel attacks. Third, using an evolutionary optimisation approach, we effectively apply route randomisation while controlling its impact on hard real-time performance guarantees. Extensive experimental evidence based on analytical and simulation models supports our findings.

[1]  Cezar Reinbrecht,et al.  Earthquake — A NoC-based optimized differential cache-collision attack for MPSoCs , 2018, 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[2]  Gianluca Palermo,et al.  Secure Memory Accesses on Networks-on-Chip , 2008, IEEE Transactions on Computers.

[3]  Ying Gao,et al.  Networks on Chip with Provable Security Properties , 2014, IEEE Micro.

[4]  Axel Jantsch,et al.  Mathematical formalisms for performance evaluation of networks-on-chip , 2013, CSUR.

[5]  Leandro Soares Indrusiak,et al.  Real-time low-power task mapping in Networks-on-Chip , 2013, 2013 IEEE Computer Society Annual Symposium on VLSI (ISVLSI).

[6]  Kees G. W. Goossens,et al.  Cost-performance trade-offs in networks on chip: a simulation-based approach , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[7]  Gianluca Palermo,et al.  Low Power Networks-on-Chip , 2010 .

[8]  Martha Johanna Sepúlveda,et al.  QoSS Hierarchical NoC-Based Architecture for MPSoC Dynamic Protection , 2012, Int. J. Reconfigurable Comput..

[9]  Leandro Soares Indrusiak,et al.  End-to-end schedulability tests for multiprocessor embedded systems based on networks-on-chip with priority-preemptive arbitration , 2014, J. Syst. Archit..

[10]  Levente Buttyán,et al.  Embedded systems security: Threats, vulnerabilities, and attack taxonomy , 2015, 2015 13th Annual Conference on Privacy, Security and Trust (PST).

[11]  Lionel M. Ni,et al.  The turn model for adaptive routing , 1992, ISCA '92.

[12]  Stefan M. Petters,et al.  Are virtual channels the bottleneck of priority-aware wormhole-switched NoC-based many-cores? , 2013, RTNS '13.

[13]  Martha Johanna Sepúlveda,et al.  NoC-Based Protection for SoC Time-Driven Attacks , 2015, IEEE Embedded Systems Letters.

[14]  Martha Johanna Sepúlveda,et al.  Reconfigurable security architecture for disrupted protection zones in NoC-based MPSoCs , 2015, 2015 10th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC).

[15]  Maciej Nikodem,et al.  Temperature-based covert channel in FPGA systems , 2011, 6th International Workshop on Reconfigurable Communication-Centric Systems-on-Chip (ReCoSoC).

[16]  Lui Sha,et al.  TaskShuffler: A Schedule Randomization Protocol for Obfuscation against Timing Inference Attacks in Real-Time Systems , 2016, 2016 IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS).

[17]  Stefan M. Petters,et al.  NoC contention analysis using a branch-and-prune algorithm , 2014, ACM Trans. Embed. Comput. Syst..

[18]  Martha Johanna Sepúlveda,et al.  Elastic security zones for NoC-based 3D-MPSoCs , 2014, 2014 21st IEEE International Conference on Electronics, Circuits and Systems (ICECS).

[19]  Antonio Lima,et al.  Towards Safe and Secure Autonomous and Cooperative Vehicle Ecosystems , 2016, CPS-SPC '16.

[20]  G. Edward Suh,et al.  Efficient Timing Channel Protection for On-Chip Networks , 2012, 2012 IEEE/ACM Sixth International Symposium on Networks-on-Chip.

[21]  Junghee Lee,et al.  PhaseNoC: Versatile Network Traffic Isolation Through TDM-Scheduled Virtual Channels , 2016, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[22]  Nikil Dutt,et al.  On-Chip Communication Architectures: System on Chip Interconnect , 2008 .

[23]  Zheng Shi,et al.  Real-Time Communication Analysis for On-Chip Networks with Wormhole Switching , 2008 .

[24]  Leandro Soares Indrusiak,et al.  Fast Simulation of Networks-on-Chip with Priority-Preemptive Arbitration , 2015, ACM Trans. Design Autom. Electr. Syst..

[25]  Sanghamitra Roy,et al.  Fort-NoCs: Mitigating the threat of a compromised NoC , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[26]  Fernando Gehm Moraes,et al.  HERMES: an infrastructure for low area overhead packet-switching networks on chip , 2004, Integr..

[27]  Leandro Soares Indrusiak,et al.  Comparative performance evaluation of latency and link dynamic power consumption modelling algorithms in wormhole switching networks on chip , 2016, J. Syst. Archit..

[28]  Z. Navabi,et al.  Evaluation of pseudo adaptive XY routing using an object oriented model for NOC , 2005, 2005 International Conference on Microelectronics.

[29]  Slobodan Lukovic,et al.  Enhancing network-on-chip components to support security of processing elements , 2010, WESS '10.

[30]  Leandro Soares Indrusiak,et al.  Side-channel attack resilience through route randomisation in secure real-time Networks-on-Chip , 2016, 2017 12th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC).

[31]  Mathias Soeken,et al.  Dynamic NoC buffer allocation for MPSoC timing side channel attack protection , 2016, 2016 IEEE 7th Latin American Symposium on Circuits & Systems (LASCAS).

[32]  Guy Gogniat,et al.  NOC-centric Security of Reconfigurable SoC , 2007, First International Symposium on Networks-on-Chip (NOCS'07).

[33]  Martha Johanna Sepúlveda,et al.  Exploiting Bus Communication to Improve Cache Attacks on Systems-on-Chips , 2017, 2017 IEEE Computer Society Annual Symposium on VLSI (ISVLSI).

[34]  Cezar Reinbrecht,et al.  Gossip NoC -- Avoiding Timing Side-Channel Attacks through Traffic Management , 2016, 2016 IEEE Computer Society Annual Symposium on VLSI (ISVLSI).

[35]  Martin Schoeberl,et al.  A Time-Triggered Network-on-Chip , 2007, 2007 International Conference on Field Programmable Logic and Applications.

[36]  Martha Johanna Sepúlveda,et al.  Protection of heterogeneous architectures on FPGAs: An approach based on hardware firewalls , 2016, Microprocess. Microsystems.

[37]  Axel Jantsch,et al.  Methods for fault tolerance in networks-on-chip , 2013, CSUR.

[38]  Alan Burns,et al.  Schedulability Analysis for Real Time On-Chip Communication with Wormhole Switching , 2010, Int. J. Embed. Real Time Commun. Syst..