Institutional Repository
Technical University of Crete
EN  |  EL

Search

Browse

My Space

Security in MPSoCs: a NoC firewall and an evaluation framework

Grammatikakis Miltos D., Papadimitriou Kyprianos, Petrakis Polydoros , Papagrigoriou Antonis, Kornaros Georgios, Christoforakis Ioannis, Tomoutzoglou Othon, Tsamis George , Coppola Marcello

Simple record


URIhttp://purl.tuc.gr/dl/dias/BDE2D864-BC91-4C2C-92EA-00EB363ABAAE-
Identifierhttp://users.isc.tuc.gr/~kpapadimitriou/publications/2015tcad-SecMPSoCsNoCfwEvalFram.pdf-
Languageen-
TitleSecurity in MPSoCs: a NoC firewall and an evaluation frameworken
Creator Grammatikakis Miltos D.en
CreatorPapadimitriou Kyprianosen
CreatorΠαπαδημητριου Κυπριανοςel
CreatorPetrakis Polydoros en
CreatorPapagrigoriou Antonisen
CreatorKornaros Georgiosen
CreatorΚορναρος Γεωργιοςel
CreatorChristoforakis Ioannisen
CreatorTomoutzoglou Othonen
CreatorTsamis George en
CreatorCoppola Marcelloen
PublisherInstitute of Electrical and Electronics Engineersen
Content SummaryIn multiprocessor system-on-chip (MPSoC), a CPU can access physical resources, such as on-chip memory or I/O devices. Along with normal requests, malevolent ones, generated by malicious processes running in one or more CPUs, could occur. A protection mechanism is therefore required to prevent injection of malicious instructions or data across the system. We propose a self-contained Network-on-Chip (NoC) firewall at the network interface (NI) layer which, by checking the physical address against a set of rules, rejects untrusted CPU requests to the onchip memory, thus protecting all legitimate processes running in a multicore SoC. To sustain high performance, we implement the firewall in hardware, with rule-checking performed at segmentlevel based on deny rules. Furthermore, to evaluate its impact, we develop a novel framework on top of gem5 simulation environment, coupling ARM technology and an instance of a commercial point-to-point interconnect from STMicroelectronics (STNoC). Simulation tests include scenarios in which legitimate and malicious processes, running in different CPUs, request access to shared memory. Our results indicate that a firewall implementation at the NI can have a positive effect on network performance by reducing both end-to-end network delay and power consumption. We also show that our coarse-grain firewall can prevent saturation of the on-chip network and performs better than fine-grain alternatives that perform rule checking at page-level. Simulation results are accompanied with field measurements performed on a Zedboard platform running Linux, whereas the NoC Firewall is implemented as a reconfigurable, memory-mapped device on top of AMBA AXI4 interconnect fabric.en
Type of ItemPeer-Reviewed Journal Publicationen
Type of ItemΔημοσίευση σε Περιοδικό με Κριτέςel
Licensehttp://creativecommons.org/licenses/by/4.0/en
Date of Item2015-11-12-
Date of Publication2015-
SubjectComputer privacyen
SubjectComputer system securityen
SubjectComputer systems--Security measuresen
SubjectComputers--Security measuresen
SubjectElectronic digital computers--Security measuresen
SubjectSecurity of computer systemsen
Subjectcomputer securityen
Subjectcomputer privacyen
Subjectcomputer system securityen
Subjectcomputer systems security measuresen
Subjectcomputers security measuresen
Subjectelectronic digital computers security measuresen
Subjectsecurity of computer systemsen
Bibliographic CitationM.D. Grammatikakis, K. Papadimitriou, P. Petrakis, A. Papagrigoriou, G. Kornaros, I. Christoforakis O. Tomoutzoglou, G. Tsamis and M. Coppola, "Security in MPSoCs: A NoC Firewall and an Evaluation Framework", IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems (TCAD), special issue on Hardware Security and Trust, vol. 34, no. 8, pp. 1344-1357, Aug. 2015. en

Services

Statistics