Ιδρυματικό Αποθετήριο
Πολυτεχνείο Κρήτης
Πολυτεχνείο Κρήτης
EN
|
EL
| URI | http://purl.tuc.gr/dl/dias/BDE2D864-BC91-4C2C-92EA-00EB363ABAAE | - |
| Αναγνωριστικό | http://users.isc.tuc.gr/~kpapadimitriou/publications/2015tcad-SecMPSoCsNoCfwEvalFram.pdf | - |
| Γλώσσα | en | - |
| Τίτλος | Security in MPSoCs: a NoC firewall and an evaluation framework | en |
| Δημιουργός | Grammatikakis Miltos D. | en |
| Δημιουργός | Papadimitriou Kyprianos | en |
| Δημιουργός | Παπαδημητριου Κυπριανος | el |
| Δημιουργός | Petrakis Polydoros | en |
| Δημιουργός | Papagrigoriou Antonis | en |
| Δημιουργός | Kornaros Georgios | en |
| Δημιουργός | Κορναρος Γεωργιος | el |
| Δημιουργός | Christoforakis Ioannis | en |
| Δημιουργός | Tomoutzoglou Othon | en |
| Δημιουργός | Tsamis George | en |
| Δημιουργός | Coppola Marcello | en |
| Εκδότης | Institute of Electrical and Electronics Engineers | en |
| Περίληψη | In multiprocessor system-on-chip (MPSoC), a CPU can access physical resources, such as on-chip memory or I/O devices. Along with normal requests, malevolent ones, generated by malicious processes running in one or more CPUs, could occur. A protection mechanism is therefore required to prevent injection of malicious instructions or data across the system. We propose a self-contained Network-on-Chip (NoC) firewall at the network interface (NI) layer which, by checking the physical address against a set of rules, rejects untrusted CPU requests to the onchip memory, thus protecting all legitimate processes running in a multicore SoC. To sustain high performance, we implement the firewall in hardware, with rule-checking performed at segmentlevel based on deny rules. Furthermore, to evaluate its impact, we develop a novel framework on top of gem5 simulation environment, coupling ARM technology and an instance of a commercial point-to-point interconnect from STMicroelectronics (STNoC). Simulation tests include scenarios in which legitimate and malicious processes, running in different CPUs, request access to shared memory. Our results indicate that a firewall implementation at the NI can have a positive effect on network performance by reducing both end-to-end network delay and power consumption. We also show that our coarse-grain firewall can prevent saturation of the on-chip network and performs better than fine-grain alternatives that perform rule checking at page-level. Simulation results are accompanied with field measurements performed on a Zedboard platform running Linux, whereas the NoC Firewall is implemented as a reconfigurable, memory-mapped device on top of AMBA AXI4 interconnect fabric. | en |
| Τύπος | Peer-Reviewed Journal Publication | en |
| Τύπος | Δημοσίευση σε Περιοδικό με Κριτές | el |
| Άδεια Χρήσης | http://creativecommons.org/licenses/by/4.0/ | en |
| Ημερομηνία | 2015-11-12 | - |
| Ημερομηνία Δημοσίευσης | 2015 | - |
| Θεματική Κατηγορία | Computer privacy | en |
| Θεματική Κατηγορία | Computer system security | en |
| Θεματική Κατηγορία | Computer systems--Security measures | en |
| Θεματική Κατηγορία | Computers--Security measures | en |
| Θεματική Κατηγορία | Electronic digital computers--Security measures | en |
| Θεματική Κατηγορία | Security of computer systems | en |
| Θεματική Κατηγορία | computer security | en |
| Θεματική Κατηγορία | computer privacy | en |
| Θεματική Κατηγορία | computer system security | en |
| Θεματική Κατηγορία | computer systems security measures | en |
| Θεματική Κατηγορία | computers security measures | en |
| Θεματική Κατηγορία | electronic digital computers security measures | en |
| Θεματική Κατηγορία | security of computer systems | en |
| Βιβλιογραφική Αναφορά | M.D. Grammatikakis, K. Papadimitriou, P. Petrakis, A. Papagrigoriou, G. Kornaros, I. Christoforakis O. Tomoutzoglou, G. Tsamis and M. Coppola, "Security in MPSoCs: A NoC Firewall and an Evaluation Framework", IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems (TCAD), special issue on Hardware Security and Trust, vol. 34, no. 8, pp. 1344-1357, Aug. 2015. | en |
Copyright © DIAS 2013
