Lightweight Authentication for Secure IO Communication in NoC-based Many-cores

Faccenda, Rafael Follmann; Comarú, Gustavo; Caimi, Luciano L.; Moraes, Fernando

doi:10.1109/iscas46773.2023.10181962

Cited by 1 publication

(1 citation statement)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…All links have an LC module, including the local port, that blocks the traffic when activated. The AP verifies the authenticity of the packets using a lightweight authentication protocol [24], detects suspicious traffic, and notifies such events to the MPE through the control NoC. The SNIP (Secure Network Interface with Peripherals), placed between the NoC and a peripheral (Figure 1), executes the functions related to a network interface and is responsible for authenticating the communication between App secs and IO devices.…”

Section: A Security Mechanismsmentioning

confidence: 99%

A Comprehensive Framework for Systemic Security Management in NoC-Based Many-Cores

Faccenda,

Comarú,

Caimi

et al. 2023

IEEE Access

Self Cite

View full text Add to dashboard Cite

Many-core Systems-on-Chip (MCSoC) are increasingly used in various applications domains such as high-performance computing, embedded systems, and Internet of Things devices. As MCSoCs permeate various industries and applications, the potential consequences of security issues are becoming increasingly severe. Therefore, security is a fundamental design constraint, addressing vulnerabilities and protecting valuable data from threats. This requires the development of robust security mechanisms and countermeasures against potential threats. The reviewed works on security for MCSoCs addressed frameworks and mechanisms to treat different security threats. Despite these proposals, the integration of security mechanisms still needs to be improved, enabling a security manager to make decisions using monitoring data for mitigating threats more effectively. This integration is the primary goal of our work, aiming to create a comprehensive framework for security management. The framework adopts a Monitoring-Detection-Countermeasure loop. A distributed monitoring infrastructure detects suspicious behaviors, generating warnings to different system actors. These actors decide the warning severity, firing security countermeasures. Countermeasures may be local (e.g., discarding a packet) or taken at the system level (e.g., aborting a malicious application). The results use an MCSoC modeled at the RTL level, providing accuracy at the clock cycle (cc) level. Five different attack scenarios are evaluated, showing that the gap between attack detection and countermeasure takes less than one millisecond (15,000 cc at 100 MHz). The area overhead in the communication infrastructure corresponds to 48.8%. These results show that the framework can effectively manage the system's security while maintaining the performance of the applications.INDEX TERMS Countermeasures, Monitoring, NoC-based Many-cores, Security Framework.

show abstract

Section: A Security Mechanismsmentioning

confidence: 99%