A Formal Model for the Automatic Configuration of Access Protection Units in MPSoC-Based Embedded Systems

Abstract: Heterogeneous system-on-chip platforms with multiple processing cores are becoming increasingly common in safetyand security-critical embedded systems. To facilitate a logical isolation of physically connected on-chip components, internal communication links of such platforms are often equipped with dedicated access protection units. When performed manually, however, the configuration of these units can be both time-consuming and error-prone. To resolve this issue, we present a formal model and a corresponding… Show more

“…The design methodology presented in [7], which forms the foundation of this work, is based on a model that captures the relevant aspects of a system under consideration in a formal manner. We refer to it as the original model and will give a short description of its structure in this section.…”

“…The original design methodology from [7] is based on the idea that features receive inputs from other features and deliver outputs that are in turn consumed by other features from the model instance. It does not allow designers to distinguish individual inputs and outputs of a specific feature.…”

“…A design methodology that is able to facilitate such an approach was presented in [7]. It is targeted at networks of MPSoCs in which communication links-primarily the on-chip interconnects-are equipped with hardware entities to enforce a certain access policy during runtime.…”

“…We propose a design methodology that is based on the concept of multilevel security and integrate it into the design methodology from [7] in such a way that an explicit list of accepted information flows does no longer need to be provided as an input. Instead, the list is implicitly derived from security level annotations applied to certain design entities.…”

“…This work is organized as follows: Section II gives an overview of the proposed concept, while Section III summarizes the original design methodology from [7]. We present a suitable model extension in Section IV, describe its implementation and validation in Section V, and close this paper with a discussion of related work in Section VI.…”

Employing the Concept of Multilevel Security to Generate Access Protection Configurations for Automotive On-Board Networks

“…The design methodology presented in [7], which forms the foundation of this work, is based on a model that captures the relevant aspects of a system under consideration in a formal manner. We refer to it as the original model and will give a short description of its structure in this section.…”

“…The original design methodology from [7] is based on the idea that features receive inputs from other features and deliver outputs that are in turn consumed by other features from the model instance. It does not allow designers to distinguish individual inputs and outputs of a specific feature.…”

“…A design methodology that is able to facilitate such an approach was presented in [7]. It is targeted at networks of MPSoCs in which communication links-primarily the on-chip interconnects-are equipped with hardware entities to enforce a certain access policy during runtime.…”

“…We propose a design methodology that is based on the concept of multilevel security and integrate it into the design methodology from [7] in such a way that an explicit list of accepted information flows does no longer need to be provided as an input. Instead, the list is implicitly derived from security level annotations applied to certain design entities.…”

“…This work is organized as follows: Section II gives an overview of the proposed concept, while Section III summarizes the original design methodology from [7]. We present a suitable model extension in Section IV, describe its implementation and validation in Section V, and close this paper with a discussion of related work in Section VI.…”

Employing the Concept of Multilevel Security to Generate Access Protection Configurations for Automotive On-Board Networks

Classification and Mapping of Model Elements for Designing Runtime Reconfigurable Systems

Mitigating Masking in Automotive Communication Systems: Modeling and Hardware Generation