7/31/2019 Cryptoarchi 2012 SEPULVEDA
1/41
NoC-BASED DYNAMIC SECURITYIMPLEMENTATION FOR
MULTI-APPLICATION SoC
Johanna Seplveda Flrez ([email protected])
Guy Gogniat ([email protected])
Ricardo Pires ([email protected])
Marius Strum ([email protected])
Lab-STICCUNIVERSIT DE BRETAGNE SUD
UNIVERSITY OF SO PAULO2012
7/31/2019 Cryptoarchi 2012 SEPULVEDA
2/41
1. INTRODUCTION.
Problem.
MPSoCs (Multiprocessor System-on-Chip)
NoC (Network-on-chip).
2. RELATED WORK.
3. OUR APPROACH.
1. Architecture.
2. Functionality.
4. EXPERIMENTAL WORK.
5. RESULTS.
6. CONCLUSIONS AND FUTURE WORKS.
Summary
7/31/2019 Cryptoarchi 2012 SEPULVEDA
3/41
Introduction
Media players
Game console
Electronic banking
Automotive electronics
Electronic money
Cellphones
Aviation
SECURITY: Critical requirement at the electronics systems design.
7/31/2019 Cryptoarchi 2012 SEPULVEDA
4/41
Introduction
Digital rights management
SoC
Secure personal data
Secure execution of downloaded SW
Fraudulent transactions avoidance
Content security
Non-repudiation
Intellectual property protection
System-on-Chip (SoC) : Integrated Computing System.
SoCscan be attacked!!
7/31/2019 Cryptoarchi 2012 SEPULVEDA
5/41
Cost effective: * General purpose SoC.
* Integrate different applications on the
same chip.
Applications: Communication requirements, security policy
and design constraints (Dynamic security policy).
Introduction
MULTI-APPLICATION SYSTEM
7/31/2019 Cryptoarchi 2012 SEPULVEDA
6/41
Communication Structure
uP
MPSoC
Software attacks!
Problem
Security incidents: 80% via software.
uP
uP
uP
7/31/2019 Cryptoarchi 2012 SEPULVEDA
7/41
Communication Structure
uP
MPSoC
uP
uP
uP
Problem
Explore the SoCvulnerabilities.
7/31/2019 Cryptoarchi 2012 SEPULVEDA
8/41
Communication Structure
uP
MPSoC
uP
uP
uP
Infection: Takes advantage of the trusty components rights!!
Problem
7/31/2019 Cryptoarchi 2012 SEPULVEDA
9/41
All software attacks begin with an abnormal communication.
7/31/2019 Cryptoarchi 2012 SEPULVEDA
10/41
Communication structure
M1
M3
M2
S1
S3
S2
COMMUNICATIONSTRUCTURE
Monitor information exchange.
Detect attacks.
Diagnosis Trigger recovery mechanisms.
7/31/2019 Cryptoarchi 2012 SEPULVEDA
11/41
NoC (Network-on-Chip)
M S M
S M M
S M S
Router
Links
Topology: Simple orhierarchical
7/31/2019 Cryptoarchi 2012 SEPULVEDA
12/41
Network protocol
Router
Transmission
Packets building
M/S
M/S
Reception
Synchronization
Separation of routing information
NoC (Network-on-Chip)
7/31/2019 Cryptoarchi 2012 SEPULVEDA
13/41
Communication
Security (S)
QoSS
+Quality (QoS)
7/31/2019 Cryptoarchi 2012 SEPULVEDA
14/41
7/31/2019 Cryptoarchi 2012 SEPULVEDA
15/41
NoC security Basic concepts
Rights
Security policy: Rules the relationship between the application and theresources (static/dynamic).
Safe system: Behaves as expected and the vulnerabilities are
minimized. Vulnerability: Weakness that may be explored in order to attack a
system.
Attack:Any unauthorized attempt to access or use the resources.
Application Resources
7/31/2019 Cryptoarchi 2012 SEPULVEDA
16/41
1. CONFIDENTIALITY: Secrecy of information.
2. INTEGRITY: Correctness of the information.
3. AUTHENTICATION:Source integrity.
4. ACESS CONTROL:Authorized use of the resources.
5. AVAILABILITY: Resources can be used.
6. NO REPUDIATION: Evidence of communication.
SECURITY SERVICES
Protect the system resources and mitigate the attacks.
NoC security Basic concepts
7/31/2019 Cryptoarchi 2012 SEPULVEDA
17/41
QoSS (Quality of Security Service)
QoSS= QoS + Security Security as a QoSdimension.
Security level.
Selection:
Security requirements and resources availability.
Operation mode and security/cost trade-off.
Latency
Jitter
Throughput
Loss rate
Security
7/31/2019 Cryptoarchi 2012 SEPULVEDA
18/41
QoSS (Quality of Security Service)
Advantages:
Lower protection cost.
Enhance the efficiency of the resources utilization.
Better system control.Flexibility.
Disadvantages:
System complexity.
7/31/2019 Cryptoarchi 2012 SEPULVEDA
19/41
7/31/2019 Cryptoarchi 2012 SEPULVEDA
20/41
S
Security services: Non repudiation, confidentiality.
Componentes:
SNI:Secure network interface.SNM: Secure network manager (monitor).
SNM
NoCM SNI
SNI
[EVA05, DIG07]
Previous works - Static policy
7/31/2019 Cryptoarchi 2012 SEPULVEDA
21/41
S
Security service: Access control.
Components:
DPU:Data protection Unit (memory access).
NoCMD
PU
D
PU
[FIO07, FIO08]
Previous works - Static policy
i k i li
7/31/2019 Cryptoarchi 2012 SEPULVEDA
22/41
S
Security service: Access control, availability.
Components:
PPS:Processor protection Unit.SPU: Stack protection unit.
ITU: Instruction trace unit.
DPU:Data protection Unit (memory access).
NoCMDPU
PPS
[LUK10]
Previous works - Static policy
SPU
ITU
i k i li
7/31/2019 Cryptoarchi 2012 SEPULVEDA
23/41
Previous works - Static policy
Limitations1. Support a static security policy.
2. Support a single level of security.
3. Lack of system performance evaluation.
4. Lack of security efficacy evaluation.
Advantage
Show that NoCcan be a useful structure tohandle different security services.
P i k D i li
7/31/2019 Cryptoarchi 2012 SEPULVEDA
24/41
Security service: Access control and authentication.
Components:
Configuration controlPolicy keeper
Monitor
[SEP11]
Previous works - Dynamic policy
Large link
overhead.
Single level
(No QoSS).
7/31/2019 Cryptoarchi 2012 SEPULVEDA
25/41
7/31/2019 Cryptoarchi 2012 SEPULVEDA
26/41
To provide security for MPSoCs and guarantee thatperformance and security requirements are met.
A t l i l t ti
7/31/2019 Cryptoarchi 2012 SEPULVEDA
27/41
Access control implementation
Access control
SV TV RV
Level 0Level 1 X
Level 2 X X
Level 3 X X X
VF: Source verification.
VT: Type verification.
VP: Role verification.
FIREWALL:
Allows or blocks a transaction.
According to a security policy.
Implemented at the network interface.
At the packet arrival.
Before the packet injection to the NoC
Security levels.
Control information: source, type, role.
A th ti ti i l t ti
7/31/2019 Cryptoarchi 2012 SEPULVEDA
28/41
Authentication implementation Implementation: at the network interface.
4 security levels.
Uses the NoC characteristics.
Authentication
NR RP CC
Level 0Level 1 X
Level 2 X X
Level 3 X X X
NR: Number of routers.
RP: Routers through the path.
CC: Communication code.
FIREWALL:
O h
7/31/2019 Cryptoarchi 2012 SEPULVEDA
29/41
Our approach Layered security implementation (Hierarchic NoC).
MPSoC organized as independent clusters (IP security andcommunication characteristics): Security zones.
Distributes the security policy management (global and local)
by partitioning the NoC topology (High-NoC, Low-NoC).
O h
7/31/2019 Cryptoarchi 2012 SEPULVEDA
30/41
Our approachGlobal security:* Configuration control.
* Policy keeper.
* Monitor
Local security:
* Security mechanisms.* Local configuration control (Manager)
QoSS needs.
O h
7/31/2019 Cryptoarchi 2012 SEPULVEDA
31/41
Our approach Security policy changes:
The global configuration control (High-NoC)notify the
managerof the corresponding security zone.
The Manager of the security zone (Low-NoC) modifies thesecurity tables of the firewalls.
The reconfiguration doesnt take place until the arrival of the
packets that are inside the network and whose destination is
any of those interfaces that are going to change.
St d
7/31/2019 Cryptoarchi 2012 SEPULVEDA
32/41
Study case
Functions of the 3 applications
3 applications of the MiBench benchmark.
Automotive.
Consumer electronics.
Telecommunication.
3 different security policies.
All possible combinations.
Predefined mapping cases.
I l t ti
7/31/2019 Cryptoarchi 2012 SEPULVEDA
33/41
Implementation
Automotive
Consumerelectronics
Telecomm.
Sec. policy
Sec. policy
Sec. policy
Implementation
7/31/2019 Cryptoarchi 2012 SEPULVEDA
34/41
ImplementationNoC parameters
Evaluation
7/31/2019 Cryptoarchi 2012 SEPULVEDA
35/41
SystemC-TLM
Traffic/attacks
generators
Monitors
Analysis tools
Evaluation
Simulation
7/31/2019 Cryptoarchi 2012 SEPULVEDA
36/41
5 flits Payload.
600.000 simulated cycles.
Poisson traffic, LRD (Long Range Dependence).
3 Types of attacks:
Simulation Conditions
Extraction.
Modification.
Denial-of-Service (DoS).
30% are critical data
Simulation
Results
7/31/2019 Cryptoarchi 2012 SEPULVEDA
37/41
ResultsSecurity efficacy
Security efficiency:
Latency Power
Security policy should change in order to achieve 100%.
Results
7/31/2019 Cryptoarchi 2012 SEPULVEDA
38/41
Results
The hierarchical
approach alwaysperforms better than
the simple dynamic.
Layeredapproach:
Doesnt interrupt othersecurity zones.
Performance penality
Conclusions and future work
7/31/2019 Cryptoarchi 2012 SEPULVEDA
39/41
We proposed a layered dynamic NoC-based security
implementation for MPSoCs (security zones).
Our approach provides an effective way to handle
security policy changes and improves the overall system
performance.
We adopt the QoSS concept that allows the designer to
customize the MPSoC protection in order to satisfy both,
security and performance requirements.
Results show that the inclusion of security issues in the
hierarchic NoC performs better that the simple
dynamical NoC architecture.
Conclusions and future work
Conclusions and future work
7/31/2019 Cryptoarchi 2012 SEPULVEDA
40/41
Conclusions and future work As a future work, we will study different techniques that
allow an improvement in the implementation of the
proposed security mechanisms.
We will explore different security services (confidentiality
and integrity).
7/31/2019 Cryptoarchi 2012 SEPULVEDA
41/41