Side-channel attack resilience through route randomisation in secure real-time Networks-on-Chip

Indrusiak, Leandro Soares; Harbin, James; Sepulveda, Martha Johanna

doi:10.1109/recosoc.2017.8016142

Cited by 19 publications

(10 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this paper, we concentrate on a threat model based on packet timing. This paper extends our earlier conference paper work upon security through routing randomisation in NoCs [9]. In summary, the contributions of our total work upon this idea are:…”

Section: Introductionsupporting

confidence: 54%

“…IoT context due to the interaction between secure and malicious downloaded code communicating over a shared NoC. A novel case study involving an autonomous vehicle is added in this paper, over that presented in [9].…”

Section: Introductionmentioning

confidence: 99%

“…• Present an experiment performed on a NoC hardware platform in order to motivate route randomisation as a viable approach for improving security -the current publication adds this upon the earlier work in [9] • Define a schedulability analysis for determining the worst-case end-toend latency in the case of randomised routing…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Side-channel protected MPSoC through secure real-time networks-on-chip

Indrusiak

Harbin

Reinbrecht

et al. 2019

Microprocessors and Microsystems

Self Cite

View full text Add to dashboard Cite

The integration of Multi-Processors System-on-Chip (MPSoCs) into the Internet-of-Things (IoT) context brings new opportunities, but also represent risks. Tight real-time constraints and security requirements should be considered simultaneously when designing MPSoCs. Network-on-Chip (NoCs) are specially critical when meeting these two conflicting characteristics. For instance the NoC design has a huge influence in the security of the system. A vital threat to system security are so-called side-channel attacks based on the NoC communication observations. To this end, we propose a NoC security mechanism suitable for hard real-time systems, in which schedulability is a vital design requirement. We present three contributions. First, we show the impact of the NoC routing in the security of the system. Second, we propose a packet route randomisation mechanism to increase NoC resilience against side-channel attacks. Third, using an evolutionary optimisation approach, we effectively apply route randomisation while controlling its impact on hard real-time performance guarantees. Extensive experimental evidence based on analytical and simulation models supports our findings.

show abstract

Section: Introductionsupporting

confidence: 54%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Side-channel protected MPSoC through secure real-time networks-on-chip

Indrusiak

Harbin

Reinbrecht

et al. 2019

Microprocessors and Microsystems

Self Cite

View full text Add to dashboard Cite

show abstract

“…These countermeasures can profoundly enhance data confidentiality, while they might not be able to address DoS attacks such as packet misrouting, packet dropping, and packet tampering. Routers are literally the first line of defense, so researchers have also used routers to integrate their security solutions [32], [35], [36], [51], [52]. Suppose a packet injected by a malicious task is heading towards a secured zone of the network to carry out an attack, e.g., timing attack, spoofing attack, etc.…”

Section: Wired Nocs Countermeasuresmentioning

confidence: 99%

A Survey on the Security of Wired, Wireless, and 3D Network-on-Chips

et al. 2021

View full text Add to dashboard Cite

Network-on-Chips (NoCs) have been widely used as a scalable communication solution in the design of multiprocessor system-on-chips (MPSoCs). NoCs manage communications between on-chip Intellectual Property (IP) cores and allow processing cores to achieve higher performance by outsourcing their communication tasks. NoC paradigm is based on the idea of resource sharing where hardware resources, including buffers, communication links, routers, etc., are shared between all IPs of the MPSoC. In fact, the data being routed by each NoC router might not be related to the router's local core. Such a utilization-centric design approach can raise security issues in MPSoCs-based designs, e.g., integrity and confidentiality of the data being routed in an NoC might be compromised by unauthorized accesses/modifications of intermediate routers. Many papers in the literature have discovered and addressed security holes of NoCs, aiming at improving the security of the NoC paradigm. However, to the best of our knowledge, there is no solid survey study on the security vulnerabilities and countermeasures for NoCs. This paper will review security threats and countermeasures proposed so far for wired NoCs, wireless NoCs, and 3D NoCs. The paper aims at giving the readers an insight into the attacks and weaknesses/strengths of countermeasures.

show abstract

“…DoS attacks on a many-core chip can target different components of the chip, including the memory system [15], and the network-on-chip (NoC) [16], [17]. With the help of hardware Trojans (HTs) [3], [4], [13], DoS attacks can be classified as 1) flooding attack [18], [19], where a large volume of useless packets floods a victim node and saturates it; 2) packet drop attack, where some packets are dropped or directed to some malicious nodes so that the victim node can never receive a single packet designated to it [20]; 3) privilege escalation attack [21], where an average user process is granted the privileges of a supervisor so that it can steal passwords; and 4) routing loop attack [2], where packets that pass the malicious node will be routed back to the source node, effectively blocking the source core from communicating with any other cores.…”

Section: B Dos Attackmentioning

confidence: 99%

On a New Hardware Trojan Attack on Power Budgeting of Many Core Systems

Zhao

Wang

Jiang

et al. 2018

2018 31st IEEE International System-on-Chip Conference (SOCC)

View full text Add to dashboard Cite

In this paper, we study stealthy false-data attacks that exploit the vulnerabilities of power budgeting scheme in NoC, which can cause catastrophic denial of service (DoS) effects. Essentially, when a power budget request packet is routed through a Trojan-infected network-on-chip node's router, the power budget request can be unknowingly modified. The global manager then tends to make really bad power budget allocation decisions with all the tampered power requests it received. That is, legitimate applications will be victimized with lower power budgets than what they initially asked for, and thus, could suffer serious performance degradation; malicious applications, on the other hand, may be entitled to high power budgets and thus see performance boost that they do not deserve. Our study has shown that this new type of DoS attack can be initiated and sustained by a simple hardware Trojan (HT) circuit that is extremely hard to be detected. The effects of this new DoS attack are simulated using a network model, and all the major parameters and factors that impact the attack effects are identified and quantified.

show abstract

Side-channel attack resilience through route randomisation in secure real-time Networks-on-Chip

Cited by 19 publications

References 32 publications

Side-channel protected MPSoC through secure real-time networks-on-chip

Side-channel protected MPSoC through secure real-time networks-on-chip

A Survey on the Security of Wired, Wireless, and 3D Network-on-Chips

On a New Hardware Trojan Attack on Power Budgeting of Many Core Systems

Contact Info

Product

Resources

About