Security of Electrical, Optical and Wireless On-Chip Interconnects: A Survey

The advancement of manufacturing technologies has enabled the integration of more intellectual property (IP) cores on the same system-on-chip (SoC). Scalable and high throughput on-chip communication architecture has become a vital component in today's SoCs. Diverse technologies such as electrical, wireless, optical, and hybrid are available for on-chip communication with different architectures supporting them. Security of the on-chip communication is crucial because exploiting any vulnerability would be a goldmine for an attacker. In this survey, we provide a comprehensive review of threat models, attacks, and countermeasures over diverse on-chip communication technologies as well as sophisticated architectures.Comment: 41 pages, 24 figures, 4 table

Security of Systems on Chip

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.In recent years, technology has started to evolve to become more power efficient, powerful in terms of processors and smaller in size. This evolution of electronics has led microprocessors and other components to be merged to form a circuit called System-on-Chip. If we are to make a vast and cursory comparison between SoC and microcontrollers, microprocessors, and CPUs; we would come to the conclusion of SoCs being a single chip, doing all the things the other components can do yet without needing any external parts. So SoCs are computers just by themselves. Furthermore, SoCs have more memory than microcontrollers in general. Being a computer just by themselves allows them also to become servers. Nowadays, an SoC may be regarded also as a Server-on-Chi

Security Operations Centers: A Holistic View on Problems and Solutions

Since Security Operations Centers (SOCs) were first implemented, they have strived to protect the organization and constituency they serve from all manner of Information Technology (IT) security threats. As SOCs have evolved over time to become as effective and efficient at this as possible, they have struggled with changes and upgrades to their foundational elements of people, processes, and technology in pursuit of this mission. While most relevant literature focuses on one challenge a SOC faces, or one aspect of one problem, the authors of this paper performed a literature review to identify and discuss the top current and future challenges that SOCs face in addition to the top current and future solutions to these problems

Clock Distribution Network Building Algorithm For Multiple Ips In System On A Chip

In this project, an algorithm is proposed and developed to build the global CDN that is used to distribute the clocks to all partitions in the SoC using the channels available between partitions. The conventional method of building the global CDN involves manual interventions which decrease the global CDN building efficiency and increase the overall SoC design cycle. To solve this issue, an algorithm is proposed to automate the global CDN building process and at the same time obtain a balanced overall CDN not achieved by the conventional method. Other researches have proposed different CDN structures to simplify the design process but the proposals often sacrifice placement resources to achieve this. The algorithm first collects the partition clock latency numbers and other constraints needed as setup. When the setup is done, the global CDN is build and routed. The algorithm checks for clock skew and scenic routing issues before proceeding to shield the global CDN to prevent cross-talk issues. The algorithm is done when a final checking on the clock skew is done. The algorithm is tested on two different floorplans with varying size and available channels using three different clocks for each floorplan to ensure the accuracy of the algorithm. Finally, the global CDN build using the algorithm is evaluated based on the time needed to build the global CDN and the clock buffer numbers and areas used. The algorithm is shown to be able to reduce 50% of the global CDN design cycle and save 5% of clock buffer numbers and areas. The improvement achieved by the algorithm in this project shows the efficiency in designing the global CDN improved tremendously compared to conventional method

When a Patch is Not Enough - HardFails: Software-Exploitable Hardware Bugs

In this paper, we take a deep dive into microarchitectural security from a hardware designer's perspective by reviewing the existing approaches to detect hardware vulnerabilities during the design phase. We show that a protection gap currently exists in practice that leaves chip designs vulnerable to software-based attacks. In particular, existing verification approaches fail to detect specific classes of vulnerabilities, which we call HardFails: these bugs evade detection by current verification techniques while being exploitable from software. We demonstrate such vulnerabilities in real-world SoCs using RISC-V to showcase and analyze concrete instantiations of HardFails. Patching these hardware bugs may not always be possible and can potentially result in a product recall. We base our findings on two extensive case studies: the recent Hack@DAC 2018 hardware security competition, where 54 independent teams of researchers competed world-wide over a period of 12 weeks to catch inserted security bugs in SoC RTL designs, and an in-depth systematic evaluation of state-of-the-art verification approaches. Our findings indicate that even combinations of techniques will miss high-impact bugs due to the large number of modules with complex interdependencies and fundamental limitations of current detection approaches. We also craft a real-world software attack that exploits one of the RTL bugs from Hack@DAC that evaded detection and discuss novel approaches to mitigate the growing problem of cross-layer bugs at design time

A Survey on Security Threats and Countermeasures in IEEE Test Standards

International audienceEditor's note: Test infrastructure has been shown to be a portal for hackers. This article reviews the threats and countermeasures for IEEE test infrastructure standards

The ownership and control architecture of South Africa's state-owned companies and its impact on corporate governance

The thesis examines the ownership model and various control arrangements of state-owned companies (SOCs) to establish how the division of corporate power between the boards of directors and shareholder-representatives and the exercise of corporate power by these organs impact corporate governance. The thesis makes several claims. First, it argues that the architecture of ownership and control is not underpinned by a sound theoretical base and lacks a clear and consistent economic and political logic. Second, the motivations for state ownership are vague and contradictory, resulting in an irrationally amorphous ownership model. Third, shareholder control powers are excessive, often abused, and lead to shareholder proximity to the locus of governance, which engenders interference and erodes boards' autonomy and authority to govern effectively. Fourth, the legal and regulatory regime governing SOCs is plural, complex, fragmented, and contradictory. Collectively, these and other conceptual flaws have an adverse impact on governance. To address the flaws, the true nature and role of SOCs as entities of a special kind designed to fulfil an overarching public interest mandate need to be reimagined. To realise the public interest mandate, SOCs must be governed in the public interest. This has several aspects. The first is the truncation of excessive shareholder powers and the elimination of interference by removing SOCs from direct political control and placing them under an independent and professional shareholder entity akin to Singapore's state holding company, Temasek. The second aspect is a rethink and expansion of the duties of SOCs' directors by introducing a novel duty to act in the public interest, in addition to their traditional duties. The third aspect is that the legal and regulatory framework must be de-layered, responsive, and complementary to accommodate and give impetus to the public interest approach to corporate governance. Ultimately, these changes must culminate in a nuanced and bespoke architecture of ownership and control that is minimalist and structured and that can, arguably, address the idiosyncratic governance challenges that confront South African SOCs