Abstract
The growing number of applications and processing units in modern Multiprocessor Systems-on-Chips (MPSoCs) come along with reduced time to market. Different IP cores can come from different vendors, and their trust levels are also different, but typically they use Network-on-Chip (NoC) as their communication infrastructure. An MPSoC can have multiple Trusted Execution Environments (TEEs). Apart from performance, power, and area research in the field of MPSoC, robust and secure system design is also gaining importance in the research community. To build a secure system, the designer must know beforehand all kinds of attack possibilities for the respective system (MPSoC). In this paper we survey the possible attack scenarios on present-day MPSoCs and investigate a new attack scenario, i.e., router attack targeted toward NoC architecture. We show the validity of this attack by analyzing different present-day NoC architectures and show that they are all vulnerable to this type of attack. By launching a router attack, an attacker can control the whole chip very easily, which makes it a very serious issue. Both routing tables and routing logic-based routers are vulnerable to such attacks. In this paper, we address attacks on routing tables. We propose different monitoring-based countermeasures against routing table-based router attack in an MPSoC having multiple TEEs. Synthesis results show that proposed countermeasures, viz. Runtime-monitor, Restart-monitor, Intermediate manager, and Auditor, occupy areas that are 26.6, 22, 0.2, and 12.2 % of a routing table-based router area. Apart from these, we propose Ejection address checker and Local monitoring module inside a router that cause 3.4 and 10.6 % increase of a router area, respectively. Simulation results are also given, which shows effectiveness of proposed monitoring-based countermeasures.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
M. Alle, K. Varadarajan, A. Fell, C. R. Reddy, N. Joseph, S. Das, P. Biswas, J. Chetia, A. Rao, S.K. Nandy, R. Narayan, Redefine: runtime reconfigurable polymorphic asic. ACM Trans. Embed. Comput. Syst. 9(2), 11:1–11:48 (2009). doi:10.1145/1596543.1596545
ARM, ARM Security Technology Building a Secure System Using TrustZone Technology (white paper) (ARM Limited, 2009)
S. Bell, B. Edwards, J. Amann, R. Conlin, K. Joyce, V. Leung, J. MacKay, M. Reif, L. Bao, J. Brown, M. Mattina, C.C. Miao, C. Ramey, D. Wentzlaff, W. Anderson, E. Berger, N. Fairbanks, D. Khan, F. Montenegro, J. Stickney, J. Zook, TILE64—Processor: a 64-Core SoC with mesh interconnect. In Solid-State Circuits Conference, 2008. ISSCC 2008. Digest of Technical Papers. (IEEE International, San Francisco, CA, 2008), pp. 88–598
A.K. Biswas, Wide voltage input receiver with hysteresis characteristic to reduce input signal noise effect. ETRI J. 35(5), 797–807 (2013)
T. Bjerregaard, S. Mahadevan, A survey of research and practices of Network-on-chip. ACM Comput. Surv. 38(1), 1–51 (2006)
Bluespec (2013). http://www.bluespec.com
CCSDS Secretariat: Authentication/Integrity Algorithm Issues Survey (Informational Report). NASA Headquarters (2008)
A. Chakrabarti, G. Manimaran, Internet infrastructure security: a taxonomy. IEEE Netw. 16(6), 13–21 (2002)
A. Chakrabarti, G. Manimaran, A scalable method for router attack detection and location in link state routing. In Proceedings of 28th Annual IEEE International Conference on Local Computer Networks, 2003. LCN ’03 (Bonn/Konigswinter, 2003), pp. 293–294
M. Dall”Osso, G. Biccari, L. Giovannini, D. Bertozzi, L. Benini, Xpipes: a latency insensitive parameterized network-on-chip architecture for multiprocessor SoCs. In Proceedings of 21st International Conference on Computer Design, 2003 (San Jose, CA, 2003), pp. 536–539
W. Dally, B. Towles, Principles and Practices of Interconnection Networks (Morgan Kaufmann Publishers, Los Altos, 2004)
S. Evain, J.P. Diguet, From NoC security analysis to design solutions. In IEEE Workshop on Signal Processing Systems Design and Implementation, 2005 (Athens, 2005), pp. 166–171
Faraday Memaker (2014). http://freelibrary.faraday-tech.com/ips/65library.html
L. Fiorin, G. Palermo, C. Silvano, A security monitoring service for NoCs. In Proceedings of the 6th IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis, CODES+ISSS ’08 (ACM, Atlanta, GA, 2008), pp. 197–202
GlobalPlatform, GlobalPlatform Device Technology TEE System Architecture Version 1.0 (white paper) (GlobalPlatform Inc., 2011)
GlobalPlatform, The Trusted Execution Environment: Delivering Enhanced Security at a Lower Cost to the Mobile Market (white paper) (GlobalPlatform Inc., 2011)
K. Goossens, J. Dielissen, A. Radulescu, Æthereal network on chip: concepts, architectures, and implementations. IEEE Des. Test Comput. 22(5), 414–421 (2005)
H. Kapoor, G. Rao, S. Arshi, G. Trivedi, A security framework for noc using authenticated encryption and session keys. Circuits Syst. Signal Process. 32(6), 2605–2622 (2013). doi:10.1007/s00034-013-9568-5
A. Kirshon, D. Gonikman, G. Nakibly, Owning the routing table—new OSPF attacks. In BlackHat Briefings and Trainings USA + 2011 (BlackHat, Las Vegas, NV, 2011), pp. 1–18
P. Kocher, R. Lee, G. McGraw, A. Raghunathan, Security as a new dimension in embedded system design. In Proceedings of the 41st Annual Design Automation Conference, DAC ’04 (ACM, San Diego, CA, 2004), pp. 753–760. Moderator-Ravi, Srivaths
Y.E. Krasteva, E. de la Torre, T. Riesgo, Reconfigurable networks on chip: DRNoC architecture. J. Syst. Archit. 56(7), 293–302 (2010)
I. Loi, F. Angiolini, L. Benini, Synthesis of low-overhead configurable source routing tables for network interfaces. In Design, Automation Test in Europe Conference Exhibition, 2009, DATE ’09, (Nice, 2009), pp. 262–267
T. Mak, P. Cheung, K.P. Lam, W. Luk, Adaptive routing in network-on-chips using a dynamic-programming network. IEEE Trans. Indus. Electr. 58(8), 3701–3716 (2011)
morphingmachines (2014). http://www.morphingmachines.com/
G. Nakibly, E. Menahem, A. Waizel, Y. Elovici, Owning the routing table part II. In BlackHat Briefings and Trainings 2013 (BlackHat, Las Vegas, NV, 2013), pp. 1–19
M. Palesi, R. Holsmark, S. Kumar, V. Catania, Application specific routing algorithms for networks on chip. IEEE Trans. Parallel Distrib. Syst. 20(3), 316–330 (2009)
S. Parameswaran, T. Wolf, Embedded systems security: an overview. Des. Autom. Embed. Syst. 12, 173–183 (2008)
B. Schneier, Secrets and Lies: Digital security in a networked world (Wiley, New York, 2004)
J. Sepulveda, R. Pires, G. Gogniat, W. Jiang Chau, M. Strum, QoSS hierarchical NoC-based architecture for MPSoC dynamic protection. Int. J. Reconfig. Comput. 2012, 10 (2012)
A. Shahabi, N. Honarmand, Z. Navabi, Programmable routing tables for degradable torus-based networks on chips. In IEEE International Symposium on Circuits and Systems, 2007, ISCAS 2007 (New Orleans, Louisiana, 2007), pp. 1065–1068
M. Tehranipoor, F. Koushanfar, A survey of hardware trojan taxonomy and detection. IEEE Des. Test PP(99), 1 (2013). doi:10.1109/MDT.2009.159
S. Vangal, J. Howard, G. Ruhl, S. Dighe, H. Wilson, J. Tschanz, D. Finan, A. Singh, T. Jacob, S. Jain, V. Erraguntla, C. Roberts, Y. Hoskote, N. Borkar, S. Borkar, An 80-Tile Sub-100-W TeraFLOPS Processor in 65-nm CMOS. IEEE J. Solid-State Circuits 43(1), 29–41 (2008)
L. Wang, H. Song, Y. Jiang, L. Zhang, A routing-table-based adaptive and minimal routing scheme on network-on-chip architectures. Comput. Electr. Eng. 35(6), 846–855 (2009)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Biswas, A.K., Nandy, S.K. & Narayan, R. Router Attack toward NoC-enabled MPSoC and Monitoring Countermeasures against such Threat. Circuits Syst Signal Process 34, 3241–3290 (2015). https://doi.org/10.1007/s00034-015-9980-0
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00034-015-9980-0