Institutional Repository
Technical University of Crete
Technical University of Crete
EN
|
EL
| URI | http://purl.tuc.gr/dl/dias/BDE2D864-BC91-4C2C-92EA-00EB363ABAAE | - |
| Identifier | http://users.isc.tuc.gr/~kpapadimitriou/publications/2015tcad-SecMPSoCsNoCfwEvalFram.pdf | - |
| Language | en | - |
| Title | Security in MPSoCs: a NoC firewall and an evaluation framework | en |
| Creator | Grammatikakis Miltos D. | en |
| Creator | Papadimitriou Kyprianos | en |
| Creator | Παπαδημητριου Κυπριανος | el |
| Creator | Petrakis Polydoros | en |
| Creator | Papagrigoriou Antonis | en |
| Creator | Kornaros Georgios | en |
| Creator | Κορναρος Γεωργιος | el |
| Creator | Christoforakis Ioannis | en |
| Creator | Tomoutzoglou Othon | en |
| Creator | Tsamis George | en |
| Creator | Coppola Marcello | en |
| Publisher | Institute of Electrical and Electronics Engineers | en |
| Content Summary | In multiprocessor system-on-chip (MPSoC), a CPU can access physical resources, such as on-chip memory or I/O devices. Along with normal requests, malevolent ones, generated by malicious processes running in one or more CPUs, could occur. A protection mechanism is therefore required to prevent injection of malicious instructions or data across the system. We propose a self-contained Network-on-Chip (NoC) firewall at the network interface (NI) layer which, by checking the physical address against a set of rules, rejects untrusted CPU requests to the onchip memory, thus protecting all legitimate processes running in a multicore SoC. To sustain high performance, we implement the firewall in hardware, with rule-checking performed at segmentlevel based on deny rules. Furthermore, to evaluate its impact, we develop a novel framework on top of gem5 simulation environment, coupling ARM technology and an instance of a commercial point-to-point interconnect from STMicroelectronics (STNoC). Simulation tests include scenarios in which legitimate and malicious processes, running in different CPUs, request access to shared memory. Our results indicate that a firewall implementation at the NI can have a positive effect on network performance by reducing both end-to-end network delay and power consumption. We also show that our coarse-grain firewall can prevent saturation of the on-chip network and performs better than fine-grain alternatives that perform rule checking at page-level. Simulation results are accompanied with field measurements performed on a Zedboard platform running Linux, whereas the NoC Firewall is implemented as a reconfigurable, memory-mapped device on top of AMBA AXI4 interconnect fabric. | en |
| Type of Item | Peer-Reviewed Journal Publication | en |
| Type of Item | Δημοσίευση σε Περιοδικό με Κριτές | el |
| License | http://creativecommons.org/licenses/by/4.0/ | en |
| Date of Item | 2015-11-12 | - |
| Date of Publication | 2015 | - |
| Subject | Computer privacy | en |
| Subject | Computer system security | en |
| Subject | Computer systems--Security measures | en |
| Subject | Computers--Security measures | en |
| Subject | Electronic digital computers--Security measures | en |
| Subject | Security of computer systems | en |
| Subject | computer security | en |
| Subject | computer privacy | en |
| Subject | computer system security | en |
| Subject | computer systems security measures | en |
| Subject | computers security measures | en |
| Subject | electronic digital computers security measures | en |
| Subject | security of computer systems | en |
| Bibliographic Citation | M.D. Grammatikakis, K. Papadimitriou, P. Petrakis, A. Papagrigoriou, G. Kornaros, I. Christoforakis O. Tomoutzoglou, G. Tsamis and M. Coppola, "Security in MPSoCs: A NoC Firewall and an Evaluation Framework", IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems (TCAD), special issue on Hardware Security and Trust, vol. 34, no. 8, pp. 1344-1357, Aug. 2015. | en |
Copyright © DIAS 2013
