Lightweight reconfiguration security services for AXI-based MPSoCs

Nowadays, security is a key constraint in MPSoC development as many critical and secret information can be stored and manipulated within these systems. Addressing the protection issue in an efficient way is challenging as information can leak from many points. However one strategic component of a bus-based MPSoC is the communication architecture as all information that an attacker could try to extract or modify would be visible on the bus. Thus monitoring and controlling communications allows an efficient protection of the whole system. Attacks can be detected and discarded before system corruption. In this work, we propose a lightweight solution to dynamically update hardware firewall enhancements which secure data exchanges in a bus-based MPSoC. It provides a standalone security solution for AXI-based embedded systems where no user intervention is required for security mechanisms update. An FPGA implementation demonstrates an area overhead of around 11% for the adaptive version of the hardware firewall compared to the static one.

[1]  Rajeev Barua,et al.  Proceedings of the 2010 international conference on Compilers, architectures and synthesis for embedded systems , 2010 .

[2]  Gianluca Palermo,et al.  A data protection unit for NoC-based architectures , 2007, 2007 5th IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS).

[3]  Jérémie Crenne,et al.  Bus-based MPSoC Security through Communication Protection: A Latency-efficient Alternative , 2012, 2012 IEEE 20th International Symposium on Field-Programmable Custom Computing Machines.

[4]  Srivaths Ravi,et al.  SECA: security-enhanced communication architecture , 2005, CASES '05.

[5]  Gianluca Palermo,et al.  Implementation of a reconfigurable data protection module for NoC-based MPSoCs , 2008, 2008 IEEE International Symposium on Parallel and Distributed Processing.

[6]  Srivaths Ravi,et al.  Security in embedded systems: Design challenges , 2004, TECS.

[7]  Guy Gogniat,et al.  NOC-centric Security of Reconfigurable SoC , 2007, First International Symposium on Networks-on-Chip (NOCS'07).

[8]  Gianluca Palermo,et al.  A monitoring system for NoCs , 2010, NoCArc '10.

[9]  Jérémie Crenne,et al.  Distributed Security for Communications and Memories in a Multiprocessor Architecture , 2011, 2011 IEEE International Symposium on Parallel and Distributed Processing Workshops and Phd Forum.