Abstract
As SoCs have become more complex, on-chip interconnect has transformed into the point of integration for a variety of system level functions, including security. Integrators have begun to rely on distributed access control hardware to protect resources that are shared between IP cores executing both trusted and untrusted software. Existing solutions cover enforcement of on-chip access control policies but they don’t secure the programming interface nor the hardware against possible attacks. As the embedded content increases in theft value, the on-chip access enforcement will need to consider both software and hardware directed attacks. We introduce a secure on-chip access device that enables secure and programmable allocation of resources in an SoC by offering cryptographically signed programming, fault detection and key integrity. Synthesis results are shown in both ASIC and FPGA implementations.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
ARM. TZC-400 trustzone address space controller technical reference manual
Arteris. Flex NoC interconnect IP
Cotret, P., Crenne, J., Gogniat, G., Diguet, J.-P.: Bus-based mpsoc security through communication protection: A latency-efficient alternative. In: 2012 IEEE 20th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM), pp. 200–207, April 2012
Diguet, J.-P., Evain, S., Vaslin, R., Gogniat, G., Juin, E.: NOC-centric security of reconfigurable SoC. In: First International Symposium on Networks-on-Chip (NOCS 2007), pp. 223–232, France, May 2007
Dworkin, M.J.: Sp 800–38c. recommendation for block cipher modes of operation: The ccm mode for authentication and confidentiality. Technical report, Gaithersburg, MD, United States (2004)
Ege, B., Kavun, E.B., Yalçın, T.: Memory encryption for smart cards. In: Prouff, E. (ed.) CARDIS 2011. LNCS, vol. 7079, pp. 199–216. Springer, Heidelberg (2011)
Kocher, P., Lee, R., McGraw, G., Raghunathan, A., Ravi, S.: Security as a new dimension in embedded system design. In: Proceedings of the 41st Design Automation Conference 2004, pp. 753–760, July 2004
National Institute of Standards and Technology. FIPS 198–1, The Keyed-Hash Message Authentication Code, Federal Information Processing Standard (FIPS). Technical report (2008)
Sepulveda, J., Gogniat, G., Pedraza, C., Pires, R., Chau, W.J., Strum, M.: Hierarchical noc-based security for MP-SoC dynamic protection. In: 2012 IEEE Third Latin American Symposium on Circuits and Systems (LASCAS), pp. 1–4, February 2012
Suh, G.E., Clarke, D., Gassend, B., van Dijk, M., Devadas, S.: Efficient memory integrity verification and encryption for secure processors. In: Proceedings of the 36th Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 36, pp. 339–350. IEEE Computer Society, Washington, DC (2003)
TI. OMAP543x Technical Reference Manual
Xilinx. Zynq-7000 All Programmable SoC
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Cioranesco, JM., Hampel, C., de Almeida, G.O., do Canto, R.P. (2015). Cryptographically Secure On-Chip Firewalling. In: Qiu, M., Xu, S., Yung, M., Zhang, H. (eds) Network and System Security. NSS 2015. Lecture Notes in Computer Science(), vol 9408. Springer, Cham. https://doi.org/10.1007/978-3-319-25645-0_31
Download citation
DOI: https://doi.org/10.1007/978-3-319-25645-0_31
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-25644-3
Online ISBN: 978-3-319-25645-0
eBook Packages: Computer ScienceComputer Science (R0)