Automatic ILP-based Firewall Insertion for Secure Application-Specific Networks-on-Chip

Hu, Yong; Muller-Gritschneder, Daniel; Sepulveda, Martha Johanna; Gogniat, Guy; Schlichtmann, Ulf

doi:10.1109/ina-ocmc.2015.9

Cited by 22 publications

(10 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Hu et al [95] placed a firewall in an application-specific NoC. Unlike general purpose NoCs, the topology is modified in specific-purpose NoC to yield the best performance results.…”

Section: [93]-mentioning

confidence: 99%

“…Firewall Location Firewall Type Fiorin et al [93] Initiator / Target Static Grammatikatis et al [91] Initiator Static Hu et al [95] Between Routers Static Achballah et al [94] Between Routers Static Kinsy et al [40] Target Static Fiorin et al [92] Initiator / Target Dynamic Cioranesco et al [90] Target Dynamic Fernandes et al [96] Initiator / Target Dynamic of tasks requiring secure communication. SZs are, in fact, network-level facilities to ease intra-group secure communications at the system/application level.…”

Section: Referencementioning

confidence: 99%

See 1 more Smart Citation

A Survey on the Security of Wired, Wireless, and 3D Network-on-Chips

et al. 2021

View full text Add to dashboard Cite

Network-on-Chips (NoCs) have been widely used as a scalable communication solution in the design of multiprocessor system-on-chips (MPSoCs). NoCs manage communications between on-chip Intellectual Property (IP) cores and allow processing cores to achieve higher performance by outsourcing their communication tasks. NoC paradigm is based on the idea of resource sharing where hardware resources, including buffers, communication links, routers, etc., are shared between all IPs of the MPSoC. In fact, the data being routed by each NoC router might not be related to the router's local core. Such a utilization-centric design approach can raise security issues in MPSoCs-based designs, e.g., integrity and confidentiality of the data being routed in an NoC might be compromised by unauthorized accesses/modifications of intermediate routers. Many papers in the literature have discovered and addressed security holes of NoCs, aiming at improving the security of the NoC paradigm. However, to the best of our knowledge, there is no solid survey study on the security vulnerabilities and countermeasures for NoCs. This paper will review security threats and countermeasures proposed so far for wired NoCs, wireless NoCs, and 3D NoCs. The paper aims at giving the readers an insight into the attacks and weaknesses/strengths of countermeasures.

show abstract

“…Hu et al [95] placed a firewall in an application-specific NoC. Unlike general purpose NoCs, the topology is modified in specific-purpose NoC to yield the best performance results.…”

Section: [93]-mentioning

confidence: 99%

Section: Referencementioning

confidence: 99%

A Survey on the Security of Wired, Wireless, and 3D Network-on-Chips

et al. 2021

View full text Add to dashboard Cite

show abstract

“…In order to protect these MP-SoCs enhanced firewall management is required. The work of [24,27] proposed the integration of static and multi-level firewalls. Despite the good results for mixed-critical applications, the dynamic nature of some of these applications is not yet supported.…”

Section: Related Workmentioning

confidence: 99%

Towards memory integrity and authenticity of multi-processors system-on-chip using physical unclonable functions

Sepúlveda

Wilgerodt

Pehl

2019

It - Information Technology

View full text Add to dashboard Cite

A persistent problem for modern Multi-Processors System-on-Chip (MPSoCs) is their vulnerability to code injection attacks. By tampering the memory content, attackers are able to extract secrets from the MPSoC and to modify or deny the MPSoC’s operation. This work proposes SEPUFSoC (Secure PUF-based SoC), a novel flexible, secure, and fast architecture able to be integrated into any MPSoC. SEPUFSoC prevents execution of unauthorized code as well as data manipulation by ensuring memory integrity and authentication. SEPUFSoC achieves: i) efficiency, through the integration of a fast and lightweight hash function for Message Authentication Code (MAC) generation and integrity verification of the memory lines at runtime; and ii) lightweight security, through the use of a Physical Unclonable Function (PUF) to securely generate and store the cryptographic keys that are used for the application authentication. We discuss the security and performance of SEPUFSoC for single core and multi-core systems. Results show that the SEPUFSoC is a secure, fast, and low overhead solution for MPSoCs. We discuss the SEPUFSoC security and cost, which strongly depends on the PUF and hash selection. In the future, new technologies may allow the exploration of different PUFs.

show abstract

“…Grammatikakis et al [27] have proposed a self-contained NoC firewall within the network interface by validating the memory requests against the predefined set of rules. Hu et al [28] have also presented a similar solution by incorporating access rules verification and authentication mechanism for certain regions of the memory units. In our previous work [29], we have presented an identity and address verification-based security module for multi-core systems in order to detect security attacks and stop illegal accesses to the memory.…”

Section: Related Workmentioning

confidence: 99%

“…In contrast, our proposed security solution does not require modifications in the processor or memory architecture, operates independently without any help from software side and bears minimal performance overhead for NoC-based systems [31]. Security mechanisms for NoC-based multi-core systems (such as [22,24,[27][28][29] have only been designed specifically for shared-memory architectures and provide protection to memory units only whereas our proposed solution can be used to isolate any processing block ranging from memory controllers to other I/O peripherals. Similarly, the hardware-based security solutions, as discussed by Yan et al [11], are based on disabling some unreliable processing cores when sensitive applications are running.…”

Section: Related Workmentioning

confidence: 99%

Hardware-Assisted Secure Communication in Embedded and Multi-Core Computing Systems

2018

View full text Add to dashboard Cite

With the sharp rise of functionalities and connectivities in multi-core embedded systems, these systems have become notably vulnerable to security attacks. Conventional software security mechanisms fail to deliver full safety and also affect the system performance significantly. In this paper, a hardware-based security procedure is proposed to handle critical information in real-time through comprehensive separation without needing any help from the software. To evaluate the proposed system, an authentication system based on an image procession solution has been implemented on a reconfigurable device. In addition, the proposed security mechanism is evaluated for the Networks-on-chips, where minimal area, power consumption and performance overheads are achieved.

show abstract

Automatic ILP-based Firewall Insertion for Secure Application-Specific Networks-on-Chip

Cited by 22 publications

References 8 publications

A Survey on the Security of Wired, Wireless, and 3D Network-on-Chips

A Survey on the Security of Wired, Wireless, and 3D Network-on-Chips

Towards memory integrity and authenticity of multi-processors system-on-chip using physical unclonable functions

Hardware-Assisted Secure Communication in Embedded and Multi-Core Computing Systems

Contact Info

Product

Resources

About