As electronic systems are pervading our lives, MPSoC (multiprocessor system-on-chip) security is becoming an important requirement. MPSoCs are able to support multiple applications on the same chip. The challenge is to provide MPSoC security that makes possible a trustworthy system that meets the performance and security requirements of all the applications. The network-on-chip (NoC) can be used to efficiently incorporate security. Our work proposes the implementation of QoSS (quality of security service) to overcome present MPSoC vulnerabilities. QoSS is a novel concept for data protection that introduces security as a dimension of QoS. QoSS takes advantage of the NoC wide system visibility and critical role in enabling system operation, exploiting the NoC components to detect and prevent a wide range of attacks. In this paper, we present the implementation of a layered dynamic security NoC architecture that integrates agile and dynamic security firewalls in order to detect attacks based on different security rules. We evaluate the effectiveness of our approach over several MPSoCs scenarios and estimate their impact on the overall performance. We show that our architecture can perform a fast detection of a wide range of attacks and a fast configuration of different security policies for several MPSoC applications. 1. Introduction SoC designers have to face up tight development times as well as the rapid evolution of current applications [1]. To be cost effective, SoCs are often programmable and integrate different applications on the same chip (i.e., cell-phone, personal digital assistant) [1]. Although sharing many of the hardware components on the SoC, different applications executed on a single chip may present very different requirements and design constraints. Such type of system is called multiapplication [2]. MPSoCs have been proposed as a promising architecture choice to overcome the new challenging application requirements. A MPSoC integrates multiple programmable processor cores, specialized memories, and other intellectual property (IP) components into a single chip [1]. MPSoC platforms allow simultaneous execution of several applications in the same structure.Current ubiquitous computing and flexibility in SoC design trends promote the resource sharing and upgrading capabilities. As MPSoCs are pervading our lives, security is emerging as an extremely important design requirement. Many of the current electronic systems embedded into an MPSoC are used to capture, store, manipulate and access sensitive data, and perform several critical
References
[1]
M. Loghi, F. Angiolini, D. Bertozzi, L. Benini, and R. Zafalon, “Analyzing on-chip communication in a MPSoC environment,” in Proceedings of the Design, Automation and Test in Europe Conference and Exhibition (DATE '04), pp. 752–757, February 2004.
[2]
L. Benini, “Application specific NoC design,” in Proceedings of the Design, Automation and Test in Europe (DATE '06), vol. 1, pp. 1–5, March 2006.
[3]
P. Kocher, R. Lee, G. McGraw, A. Raghunathan, and S. Ravi, “Security as a new dimension in embedded system design,” in Proceedings of the 41st Design Automation Conference (DAC '04), pp. 753–760, June 2004.
J. Sepulveda, G. Gogniat, J. C. Wang, and M. Strum, “Dynamic NoC-Based architecture for MPSoC security implementation,” in Proceedings of the 24th Symposium on Integrated Circuits and Systems (SBCCI '11), pp. 197–202, 2011.
[6]
C. Gebotys and Y. Zhang, “Security wrappers and power analysisforSoC technologies,” in Proceedings of the 1st IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis (CODES '03), pp. 162–167, 2003.
[7]
U. Y. Ogras, J. Hu, and R. Marculescu, “Communication-centric SoC design for nanoscale domain,” in Proceedings of the IEEE 16th International Conference on Application-Specific Systems, Architectures, and Processors (ASAP '05), pp. 73–78, July 2005.
[8]
L. Fiorin, C. Silvano, and M. Sami, “Security aspects in networks-on-chips: Overview and proposals for secure implementations,” in Proceedings of the 10th Euromicro Conference on Digital System Design Architectures, Methods and Tools (DSD '07), pp. 539–542, August 2007.
[9]
S. Evain and J. Diguet, “From NoC security analysis to designsolutions,” in Proceedings of the Design, Automation and Test in Europe Conference and Exhibition (DATE '06), 2006.
[10]
L. Fiorin, S. Lukovic, and G. Palermo, “Implementation of a reconfigurable data protection module for NoC-based MPSoCs,” in Proceedings od the 22nd IEEE International Parallel and Distributed Processing Symposium (IPDPS '08), April 2008.
[11]
L. Fiorin, G. Palermo, S. Lukovic, V. Catalano, and C. Silvano, “Secure memory accesses on networks-on-chip,” IEEE Transactions on Computers, vol. 57, no. 9, pp. 1216–1229, 2008.
[12]
S. Lukovic and N. Christianos, “Enhancing network-on-chip components to support security of processing elements,” in Proceedings of the 5th Workshop on Embedded Systems Security, (WESS '10), October 2010.
[13]
C. Irvine and T. Levin, “Security as a dimension of quality of service in active service environments,” in Proceedings of the 3rd Annual International Workshop on Active Middleware Services, 2001.
[14]
J. Sepulveda, G. Gogniat, R. Pires, C. Pedraza, W. Chau, and M. Strum, “Multi-objective artificial immune algorithm for security-constrained multi-application NoC mapping,” in Proceedings of the Genetic and Evolutionary Computation Conference, 2012.
[15]
B. Grot, J. Hestness, S. Keckler, and O. Multu, “Kilo-NoC: a heterogeneous network-on-chip architecture for scalability and service guarantees,” in Proceedings of the 38th International Symposium on Computer Architecture, 2012.
[16]
M. Winter, S. Prusseit, and G. P. Fettweis, “Hierarchical routing architectures in clustered 2D-mesh networks-on-chip,” in Proceedings of the International SoC Design Conference (ISOCC '10), pp. 388–391, kor, November 2010.
[17]
MiBench Version 1.0., http://www.eecs.umich.edu/mibench/.
