Ιδρυματικό Αποθετήριο
Πολυτεχνείο Κρήτης
EN  |  EL

Αναζήτηση

Πλοήγηση

Ο Χώρος μου

Security in MPSoCs: a NoC firewall and an evaluation framework

Grammatikakis Miltos D., Papadimitriou Kyprianos, Petrakis Polydoros , Papagrigoriou Antonis, Kornaros Georgios, Christoforakis Ioannis, Tomoutzoglou Othon, Tsamis George , Coppola Marcello

Απλή Εγγραφή


URIhttp://purl.tuc.gr/dl/dias/BDE2D864-BC91-4C2C-92EA-00EB363ABAAE-
Αναγνωριστικόhttp://users.isc.tuc.gr/~kpapadimitriou/publications/2015tcad-SecMPSoCsNoCfwEvalFram.pdf-
Γλώσσαen-
ΤίτλοςSecurity in MPSoCs: a NoC firewall and an evaluation frameworken
Δημιουργός Grammatikakis Miltos D.en
ΔημιουργόςPapadimitriou Kyprianosen
ΔημιουργόςΠαπαδημητριου Κυπριανοςel
ΔημιουργόςPetrakis Polydoros en
ΔημιουργόςPapagrigoriou Antonisen
ΔημιουργόςKornaros Georgiosen
ΔημιουργόςΚορναρος Γεωργιοςel
ΔημιουργόςChristoforakis Ioannisen
ΔημιουργόςTomoutzoglou Othonen
ΔημιουργόςTsamis George en
ΔημιουργόςCoppola Marcelloen
ΕκδότηςInstitute of Electrical and Electronics Engineersen
ΠερίληψηIn multiprocessor system-on-chip (MPSoC), a CPU can access physical resources, such as on-chip memory or I/O devices. Along with normal requests, malevolent ones, generated by malicious processes running in one or more CPUs, could occur. A protection mechanism is therefore required to prevent injection of malicious instructions or data across the system. We propose a self-contained Network-on-Chip (NoC) firewall at the network interface (NI) layer which, by checking the physical address against a set of rules, rejects untrusted CPU requests to the onchip memory, thus protecting all legitimate processes running in a multicore SoC. To sustain high performance, we implement the firewall in hardware, with rule-checking performed at segmentlevel based on deny rules. Furthermore, to evaluate its impact, we develop a novel framework on top of gem5 simulation environment, coupling ARM technology and an instance of a commercial point-to-point interconnect from STMicroelectronics (STNoC). Simulation tests include scenarios in which legitimate and malicious processes, running in different CPUs, request access to shared memory. Our results indicate that a firewall implementation at the NI can have a positive effect on network performance by reducing both end-to-end network delay and power consumption. We also show that our coarse-grain firewall can prevent saturation of the on-chip network and performs better than fine-grain alternatives that perform rule checking at page-level. Simulation results are accompanied with field measurements performed on a Zedboard platform running Linux, whereas the NoC Firewall is implemented as a reconfigurable, memory-mapped device on top of AMBA AXI4 interconnect fabric.en
ΤύποςPeer-Reviewed Journal Publicationen
ΤύποςΔημοσίευση σε Περιοδικό με Κριτέςel
Άδεια Χρήσηςhttp://creativecommons.org/licenses/by/4.0/en
Ημερομηνία2015-11-12-
Ημερομηνία Δημοσίευσης2015-
Θεματική ΚατηγορίαComputer privacyen
Θεματική ΚατηγορίαComputer system securityen
Θεματική ΚατηγορίαComputer systems--Security measuresen
Θεματική ΚατηγορίαComputers--Security measuresen
Θεματική ΚατηγορίαElectronic digital computers--Security measuresen
Θεματική ΚατηγορίαSecurity of computer systemsen
Θεματική Κατηγορίαcomputer securityen
Θεματική Κατηγορίαcomputer privacyen
Θεματική Κατηγορίαcomputer system securityen
Θεματική Κατηγορίαcomputer systems security measuresen
Θεματική Κατηγορίαcomputers security measuresen
Θεματική Κατηγορίαelectronic digital computers security measuresen
Θεματική Κατηγορίαsecurity of computer systemsen
Βιβλιογραφική ΑναφοράM.D. Grammatikakis, K. Papadimitriou, P. Petrakis, A. Papagrigoriou, G. Kornaros, I. Christoforakis O. Tomoutzoglou, G. Tsamis and M. Coppola, "Security in MPSoCs: A NoC Firewall and an Evaluation Framework", IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems (TCAD), special issue on Hardware Security and Trust, vol. 34, no. 8, pp. 1344-1357, Aug. 2015. en

Υπηρεσίες

Στατιστικά