Distributed Security for Communications and Memories in a Multiprocessor Architecture

Cotret, Pascal; Crenne, Jérémie; Gogniat, Guy; Diguet, Jean-Philippe; Gaspar, Lubos; Duc, Guillaume

doi:10.1109/ipdps.2011.158

Cited by 9 publications

(13 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Other works provide solutions for the protection of embedded systems: Huffmire et al [7] introduce the approach of physi-cal isolation using moats and drawbridges; ARM proposes a commercial architecture name Trustzone [8] which is based on a normal/secure separation using a secure kernel and an access driver. This work is an in-depth description and implementation study of the solution introduced in [2]. It takes advantages of both NoC/bus-based approaches by proposing hardware security enhancements distributed on each IP with low-latency control features.…”

Section: Related Workmentioning

confidence: 99%

“…8, 16 and 32 bits) and cryptographic information (confidentiality/authentication modes, encryption key and MAC). Threat model defined in [2] is covered using these parameters. Timestamp tags are used to monitor the access time to the external memory (to detect replay attacks).…”

Section: B Security Policiesmentioning

confidence: 99%

“…Reconfigurable technologies such as FPGAs can be a good candidate to build such systems as they embed processors, memories and application-specific IPs in a single chip with moderate development costs [1]. A way to reduce the performance impact of security mechanisms is to consider hardware solutions and to develop a distributed protection [2]. One strategic point is the on-chip communication architecture as all data is exposed to its structure.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Bus-based MPSoC Security through Communication Protection: A Latency-efficient Alternative

Cotret

Crenne

Gogniat

et al. 2012

2012 IEEE 20th International Symposium on Field-Programmable Custom Computing Machines

Self Cite

View full text Add to dashboard Cite

Abstract-Security in MPSoC is gaining an increasing attention since several years. Digital convergence is one of the numerous reasons explaining such a focus on embedded systems as much sensitive and secret data are now stored, manipulated and exchanged in these systems. Most solutions are currently built at the software level; we believe hardware enhancements also play a major role in system protection. One strategic point is the communication layer as all data goes through it. Monitoring and controlling communications enable to fend off attacks before system corruption. In this work, we propose an efficient solution with several hardware enhancements to secure data exchanges in a bus-based MPSoC. Our approach relies on low complexity distributed firewalls connected to all critical IPs of the system. Designers can deploy different security policies (access right, data format, authentication, confidentiality) in order to protect the system in a flexible way. To illustrate the benefit of such a solution, implementations are discussed for different MPSoCs implemented on Xilinx Virtex-6 FPGAs. Results demonstrate a reduction up to 33% in terms of latency overhead compared to existing efforts.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: B Security Policiesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Bus-based MPSoC Security through Communication Protection: A Latency-efficient Alternative

Cotret

Crenne

Gogniat

et al. 2012

2012 IEEE 20th International Symposium on Field-Programmable Custom Computing Machines

Self Cite

View full text Add to dashboard Cite

show abstract

“…This work focuses on an FPGA implementation of a adaptive version of the work presented in [1]. It is inspired by [6] with an implementation specific to the AXI bus standard with a low area/latency trade-off.…”

Section: Related Workmentioning

confidence: 99%

“…Section 2 presents related work. Section 3 summarizes a static solution defined in [1]. Section 4 describes our contribution and Sections 5 and 6 propose several results and analysis.…”

Section: Introductionmentioning

confidence: 99%

Lightweight reconfiguration security services for AXI-based MPSoCs

Cotret

Gogniat

Diguet

et al. 2012

22nd International Conference on Field Programmable Logic and Applications (FPL)

Self Cite

View full text Add to dashboard Cite

Nowadays, security is a key constraint in MPSoC development as many critical and secret information can be stored and manipulated within these systems. Addressing the protection issue in an efficient way is challenging as information can leak from many points. However one strategic component of a bus-based MPSoC is the communication architecture as all information that an attacker could try to extract or modify would be visible on the bus. Thus monitoring and controlling communications allows an efficient protection of the whole system. Attacks can be detected and discarded before system corruption. In this work, we propose a lightweight solution to dynamically update hardware firewall enhancements which secure data exchanges in a busbased MPSoC. It provides a standalone security solution for AXI-based embedded systems where no user intervention is required for security mechanisms update. An FPGA implementation demonstrates an area overhead of around 11% for the adaptive version of the hardware firewall compared to the static one.

show abstract