Architectural Support for Containment-based Security

Zhang, Hansen; Ghosh, Subhradip; Fix, Jordan; Apostolakis, Sotiris; Beard, Stephen R.; Nagendra, Nayana Prasad; Oh, Taewook; August, David I.

doi:10.1145/3297858.3304020

Cited by 7 publications

(6 citation statements)

References 98 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The implementation of memristor devices remains under research and development, considering various materials and arrangements like titanium dioxide [111], spintronics [112], or carbon nanotubes [113], with most approaches remaining compatible with CMOS fabrication. Memristive systems in the broader sense, like resistive random-access memories (ReRAMs) or even phase-change memories (PCMs), 3 are progressing towards commercial application [118,119]. Aside from memory, memristors are also interesting for in-memory computing, neuromorphic computing, and reconfigurable logic [115,120,121].…”

Section: Memristorsmentioning

confidence: 99%

“…Within the realm of cybersecurity in general, hardware security in particular is concerned about achieving security and trust directly within the underlying electronics. Therefore, hardware security seeks to build up, e.g., so-called root of trust (RoT) schemes for isolation and attestation of computation [2][3][4], or other hardware primitives and protection schemes.…”

Section: Introductionmentioning

confidence: 99%

“…Such "breadand-butter" attacks are conducted mainly at the software level. Cryptography represents the most commonly applied protection scheme, while many hardware security features have been proposed and implemented as well, e.g., RoT architectures [2][3][4] or hardware crypto modules [6] and true random number generators (TRNGs) to support the latter. However, if not designed and implemented carefully, such security features become prone to hardware-centric attacks, e.g., see [7][8][9][10][11]; such attacks are discussed below.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Hardware Security For and Beyond CMOS Technology

Knechtel¹

2020

Proceedings of the 2020 International Symposium on Physical Design

View full text Add to dashboard Cite

As with most aspects of electronic systems and integrated circuits, hardware security has traditionally evolved around the dominant CMOS technology. However, with the rise of various emerging technologies, whose main purpose is to overcome the fundamental limitations for scaling and power consumption of CMOS technology, unique opportunities arise also to advance the notion of hardware security. In this paper, I first provide an overview on hardware security in general. Next, I review selected emerging technologies, namely (i) spintronics, (ii) memristors, (iii) carbon nanotubes and related transistors, (iv) nanowires and related transistors, and (v) 3D and 2.5D integration. I then discuss their application to advance hardware security and also outline related challenges. CCS CONCEPTS• Security and privacy → Security in hardware; • Hardware → Emerging technologies.

show abstract

Section: Memristorsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Hardware Security For and Beyond CMOS Technology

Knechtel¹

2020

Proceedings of the 2020 International Symposium on Physical Design

View full text Add to dashboard Cite

show abstract

“…Even the safe enclaves offered by TEE frameworks can be vulnerable to sidechannel leaks such as due to speculative execution [32]. Measures to ensure fault resiliency is another important aspect in this context: e.g., DIVA [33], Sentry [34].…”

Section: Core Micro-architectural Securitymentioning

confidence: 99%

“…While Keystone strives to be less dependent on hardware modifications (improving from Sanctum), approaches like TIMBER-V use tagged memory ideas to implement flexible isolation and involve significant hardware changes 4 . Different in approach and scope from the above containment strategies, TrustGuard [34] presents a hardware based containment strategy to 'quarantine' any faulty or malicious behavior of untrusted components using a gatekeeping hardware module they call a 'Sentry'. Also receiving attention, and something with a significant impact on the threat surface of a system, are CPU micro-architectural countermeasures: e.g., InvisiSpec [58] (making speculation associated leakage unobservable), [32] (securing enclaves executing on a speculative CPU, same as the one used in Section 5.4).…”

Section: Related Workmentioning

confidence: 99%

Towards Designing a Secure RISC-V System-on-Chip: ITUS

et al. 2020

View full text Add to dashboard Cite

A rising tide of exploits, in the recent years, following a steady discovery of the many vulnerabilities pervasive in modern computing systems has led to a growing number of studies in designing systems-on-chip (SoCs) with security as a first-class consideration. Following the momentum behind RISC-V based systems in the public domain, much of this effort targets RISC-V based SoCs; most ideas, however, are independent of this choice. In this manuscript we present a consolidation of our early efforts along these lines in designing a secure SoC around RISC-V, named ITUS. In particular, we discuss a set of primitive building blocks of a secure SoC and present some of the implemented security subsystems using these building blocks-such as secure boot, memory protection, PUF-based key management, a countermeasure methodology for RISC-V micro-architectural side-channel leakage, and an integration of the open keystone-enclaves for TEE. The current ITUS SoC prototype, integrating the discussed security subsystems, was built on top of the lowRISC project, however, these are portable to any other SoCThe authors acknowledge the support from the Singapore National Research Foundation ("SOCure" grant NRF2018NCR-NCR002-0001 -www.green-ic.org/socure) and BICSAF grant.

show abstract