18 research outputs found
Test Scheduling of SoC by using Dynamic Voltage Frequency Scaling (DVFS) Technique
High temperature gradients in System on Chip (SoC) lowered the performances, reliability and leakage power. In addition, temperature during testing gain more compared to normal operation. Therefore, the investigation of the impact dynamic voltage frequency scaling (DVFS) on the thermal aware test scheduling performance will be the main contribution of this work. The test scheduling algorithm which embeds frequency scaling effect with dynamic voltage supply is tested on ITC’02 benchmark. The formulation of ILP is to minimize the group of the test session in SoC and continued with DVFS formulation. Compared to the conventional thermal-aware scheduling approach based purely on a frequency scaling, this technique provides shorter overall test times and greatly improved flexibility to satisfy strict thermal constraints. The proposed DVFS with thermal aware task scheduling allows to minimize test time more than 46%
Physical Fault Injection and Side-Channel Attacks on Mobile Devices:A Comprehensive Analysis
Today's mobile devices contain densely packaged system-on-chips (SoCs) with
multi-core, high-frequency CPUs and complex pipelines. In parallel,
sophisticated SoC-assisted security mechanisms have become commonplace for
protecting device data, such as trusted execution environments, full-disk and
file-based encryption. Both advancements have dramatically complicated the use
of conventional physical attacks, requiring the development of specialised
attacks. In this survey, we consolidate recent developments in physical fault
injections and side-channel attacks on modern mobile devices. In total, we
comprehensively survey over 50 fault injection and side-channel attack papers
published between 2009-2021. We evaluate the prevailing methods, compare
existing attacks using a common set of criteria, identify several challenges
and shortcomings, and suggest future directions of research
A survey on the (in)security of trusted execution environments
As the number of security and privacy attacks continue to grow around the world, there is an ever increasing need to protect our personal devices. As a matter of fact, more and more manufactures are relying on Trusted Execution Environments (TEEs) to shield their devices. In particular, ARM TrustZone (TZ) is being widely used in numerous embedded devices, especially smartphones, and this technology is the basis for secure solutions both in industry and academia. However, as shown in this paper, TEE is not bullet-proof and it has been successfully attacked numerous times and in very different ways. To raise awareness among potential stakeholders interested in this technology, this paper provides an extensive analysis and categorization of existing vulnerabilities in TEEs and highlights the design flaws that led to them. The presented vulnerabilities, which are not only extracted from existing literature but also from publicly available exploits and databases, are accompanied by some effective countermeasures to reduce the likelihood of new attacks. The paper ends with some appealing challenges and open issues.Funding for open access charge: Universidad de Málaga / CBUA
This work has been partially supported by the Spanish Ministry of Science and Innovation through the SecureEDGE project
(PID2019-110565RB-I00), and by the by the Andalusian FEDER 2014–2020 Program through the SAVE project (PY18-3724)
Intelligent systems for efficiency and security
As computing becomes ubiquitous and personalized, resources like energy, storage and time are becoming increasingly scarce and, at the same time, computing systems must deliver in multiple dimensions, such as high performance, quality of service, reliability, security and low power. Building such computers is hard, particularly when the operating environment is becoming more dynamic, and systems are becoming heterogeneous and distributed.
Unfortunately, computers today manage resources with many ad hoc heuristics that are suboptimal, unsafe, and cannot be composed across the computer’s subsystems. Continuing this approach has severe consequences: underperforming systems, resource waste, information loss, and even life endangerment.
This dissertation research develops computing systems which, through intelligent adaptation, deliver efficiency along multiple dimensions. The key idea is to manage computers with principled methods from formal control. It is with these methods that the multiple subsystems of a computer sense their environment and configure themselves to meet system-wide goals.
To achieve the goal of intelligent systems, this dissertation makes a series of contributions, each building on the previous. First, it introduces the use of formal MIMO (Multiple Input Multiple Output) control for processors, to simultaneously optimize many goals like performance, power, and temperature. Second, it develops the Yukta control system, which uses coordinated formal controllers in different layers of the stack (hardware and operating system). Third, it uses robust control to develop a fast, globally coordinated and decentralized control framework called Tangram, for heterogeneous computers. Finally, it presents Maya, a defense against power side-channel attacks that uses formal control to reshape the power dissipated by a computer, confusing the attacker. The ideas in the dissertation have been demonstrated successfully with several prototypes, including one built along with AMD (Advanced Micro Devices, Inc.) engineers. These designs significantly outperformed the state of the art.
The research in this dissertation brought formal control closer to computer architecture and has been well-received in both domains. It has the first application of full-fledged MIMO control for processors, the first use of robust control in computer systems, and the first application of formal control for side-channel defense. It makes a significant stride towards intelligent systems that are efficient, secure and reliable
Multi-core devices for safety-critical systems: a survey
Multi-core devices are envisioned to support the development of next-generation safety-critical systems, enabling the on-chip integration of functions of different criticality. This integration provides multiple system-level potential benefits such as cost, size, power, and weight reduction. However, safety certification becomes a challenge and several fundamental safety technical requirements must be addressed, such as temporal and spatial independence, reliability, and diagnostic coverage. This survey provides a categorization and overview at different device abstraction levels (nanoscale, component, and device) of selected key research contributions that support the compliance with these fundamental safety requirements.This work has been partially supported by the Spanish Ministry of Economy and Competitiveness under grant TIN2015-65316-P, Basque Government under grant KK-2019-00035 and the HiPEAC Network of Excellence. The Spanish Ministry of Economy and Competitiveness has also partially supported Jaume Abella under Ramon y Cajal postdoctoral fellowship (RYC-2013-14717).Peer ReviewedPostprint (author's final draft
Selective Noise Based Power-Efficient and Effective Countermeasure against Thermal Covert Channel Attacks in Multi-Core Systems
With increasing interest in multi-core systems, such as any communication systems, infra-structures can become targets for information leakages via covert channel communication. Covert channel attacks lead to leaking secret information and data. To design countermeasures against these threats, we need to have good knowledge about classes of covert channel attacks along with their properties. Temperature–based covert communication channel, known as Thermal Covert Channel (TCC), can pose a threat to the security of critical information and data. In this paper, we present a novel scheme against such TCC attacks. The scheme adds selective noise to the thermal signal so that any possible TCC attack can be wiped out. The noise addition only happens at instances when there are chances of correct information exchange to increase the bit error rate (BER) and keep the power consumption low. Our experiments have illustrated that the BER of a TCC attack can increase to 94% while having similar power consumption as that of state-of-the-art
High-level services for networks-on-chip
Future technology trends envision that next-generation Multiprocessors Systems-on- Chip (MPSoCs) will be composed of a combination of a large number of processing and storage elements interconnected by complex communication architectures. Communication and interconnection between these basic blocks play a role of crucial importance when the number of these elements increases. Enabling reliable communication channels between cores becomes therefore a challenge for system designers. Networks-on-Chip (NoCs) appeared as a strategy for connecting and managing the communication between several design elements and IP blocks, as required in complex Systems-on-Chip (SoCs). The topic can be considered as a multidisciplinary synthesis of multiprocessing, parallel computing, networking, and on- chip communication domains. Networks-on-Chip, in addition to standard communication services, can be employed for providing support for the implementation of system-level services. This dissertation will demonstrate how high-level services can be added to an MPSoC platform by embedding appropriate hardware/software support in the network interfaces (NIs) of the NoC. In this dissertation, the implementation of innovative modules acting in parallel with protocol translation and data transmission in NIs is proposed and evaluated. The modules can support the execution of the high-level services in the NoC at a relatively low cost in terms of area and energy consumption. Three types of services will be addressed and discussed: security, monitoring, and fault tolerance. With respect to the security aspect, this dissertation will discuss the implementation of an innovative data protection mechanism for detecting and preventing illegal accesses to protected memory blocks and/or memory mapped peripherals. The second aspect will be addressed by proposing the implementation of a monitoring system based on programmable multipurpose monitoring probes aimed at detecting NoC internal events and run-time characteristics. As last topic, new architectural solutions for the design of fault tolerant network interfaces will be presented and discussed
Deploying RIOT operating system on a reconfigurable Internet of Things end-device
Dissertação de mestrado integrado em Engenharia Eletrónica Industrial e ComputadoresThe Internet of Everything (IoE) is enabling the connection of an infinity of
physical objects to the Internet, and has the potential to connect every single
existing object in the world. This empowers a market with endless opportunities
where the big players are forecasting, by 2020, more than 50 billion connected
devices, representing an 8 trillion USD market.
The IoE is a broad concept that comprises several technological areas and will
certainly, include more in the future. Some of those already existing fields are the
Internet of Energy related with the connectivity of electrical power grids, Internet
of Medical Things (IoMT), for instance, enables patient monitoring, Internet of
Industrial Things (IoIT), which is dedicated to industrial plants, and the Internet
of Things (IoT) that focus on the connection of everyday objects (e.g. home
appliances, wearables, transports, buildings, etc.) to the Internet.
The diversity of scenarios where IoT can be deployed, and consequently the
different constraints associated to each device, leads to a heterogeneous network
composed by several communication technologies and protocols co-existing on the
same physical space. Therefore, the key requirements of an IoT network are
the connectivity and the interoperability between devices. Such requirement is
achieved by the adoption of standard protocols and a well-defined lightweight network
stack. Due to the adoption of a standard network stack, the data processed
and transmitted between devices tends to increase. Because most of the devices
connected are resource constrained, i.e., low memory, low processing capabilities,
available energy, the communication can severally decrease the device’s performance.
Hereupon, to tackle such issues without sacrificing other important requirements,
this dissertation aims to deploy an operating system (OS) for IoT, the
RIOT-OS, while providing a study on how network-related tasks can benefit from
hardware accelerators (deployed on reconfigurable technology), specially designed
to process and filter packets received by an IoT device.O conceito Internet of Everything (IoE) permite a conexão de uma infinidade
de objetos à Internet e tem o potencial de conectar todos os objetos existentes no
mundo. Favorecendo assim o aparecimento de novos mercados e infinitas possibilidades,
em que os grandes intervenientes destes mercados preveem até 2020 a
conexão de mais de 50 mil milhões de dispositivos, representando um mercado de
8 mil milhões de dólares.
IoE é um amplo conceito que inclui várias áreas tecnológicas e irá certamente
incluir mais no futuro. Algumas das áreas já existentes são: a Internet of Energy
relacionada com a conexão de redes de transporte e distribuição de energia à
Internet; Internet of Medical Things (IoMT), que possibilita a monotorização de
pacientes; Internet of Industrial Things (IoIT), dedicada a instalações industriais
e a Internet of Things (IoT), que foca na conexão de objetos do dia-a-dia (e.g.
eletrodomésticos, wearables, transportes, edifícios, etc.) à Internet.
A diversidade de cenários à qual IoT pode ser aplicado, e consequentemente,
as diferentes restrições aplicadas a cada dispositivo, levam à criação de uma rede
heterogénea composto por diversas tecnologias de comunicação e protocolos a coexistir
no mesmo espaço físico. Desta forma, os requisitos chave aplicados às redes
IoT são a conectividade e interoperabilidade entre dispositivos. Estes requisitos
são atingidos com a adoção de protocolos standard e pilhas de comunicação bem
definidas. Com a adoção de pilhas de comunicação standard, a informação processada
e transmitida entre dispostos tende a aumentar. Visto que a maioria dos
dispositivos conectados possuem escaços recursos, i.e., memória reduzida, baixa
capacidade de processamento, pouca energia disponível, o aumento da capacidade
de comunicação pode degradar o desempenho destes dispositivos.
Posto isto, para lidar com estes problemas e sem sacrificar outros requisitos importantes,
esta dissertação pretende fazer o porting de um sistema operativo IoT,
o RIOT, para uma solução reconfigurável, o CUTE mote. O principal objetivo
consiste na realização de um estudo sobre os benefícios que as tarefas relacionadas
com as camadas de rede podem ter ao serem executadas em hardware via aceleradores
dedicados. Estes aceleradores são especialmente projetados para processar
e filtrar pacotes de dados provenientes de uma interface radio em redes IoT periféricas