Gossip NoC -- Avoiding Timing Side-Channel Attacks through Traffic Management

International audience—The wide use of Multi-processing systems-on-chip (MPSoCs) in embedded systems and the trend to increase the integration between devices have turned these systems vulnerable to attacks. Malicious software executed on compromised IP may become a serious security problem. By snooping the traffic exchanged through the Network-on-chip (NoC), it is possible to infer sensitive information such as secrets keys. NoCs are vulnerable to side channel attacks that exploit traffic interference as timing channels. When multiple IP cores are infected, they can work coordinately to implement a distributed timing attack (DTA). In this work we present for the first time the execution of a DTA and a secure enhanced NoC architecture able to avoid the timing attacks. Results show that our NoC proposal can avoid the DTA with an increase of only 1% in area and 0.8% in power regarding the whole chip design

Side-Channel Protected MPSoC through Secure Real-Time Networks-on-Chip

The integration of Multi-Processors System-on-Chip (MPSoCs) into the Internet -of -Things (IoT) context brings new opportunities, but also represent risks. Tight real-time constraints and security requirements should be considered simultaneously when designing MPSoCs. Network-on-Chip (NoCs) are specially critical when meeting these two conflicting characteristics. For instance the NoC design has a huge influence in the security of the system. A vital threat to system security are so-called side-channel attacks based on the NoC communication observations. To this end, we propose a NoC security mechanism suitable for hard real-time systems, in which schedulability is a vital design requirement. We present three contributions. First, we show the impact of the NoC routing in the security of the system. Second, we propose a packet route randomisation mechanism to increase NoC resilience against side-channel attacks. Third, using an evolutionary optimisation approach, we effectively apply route randomisation while controlling its impact on hard real-time performance guarantees. Extensive experimental evidence based on analytical and simulation models supports our findings

Ataques de Canal Arquitetural em MPSoCs baseados em NoCs e suas Contramedidas

Multi-Processors Systems-on-Chips (MPSoC) became the established hardware platform for a wide variety of applications and devices. Even more devices and systems will be interconnected by the Internet. The Internet link already brings several security concerns because all sensitive information stored on these devices can be reachable by external agents, and this prognostics will only increase the security issues. One of the most dangerous attacks is the Side Channel Attack (SCA). This type of attack explores features of the target system that reveals some secret or valuable data. This threat can be implemented physically through specialized instrumentation coupled directly to the device, or logical from architectural behavior accessed remotely through the network. The present thesis defines this particular logical SCA as a sub category called Architectural Channel Attack (ACA). This research project revised the bibliography to identify, analyze and explore the potential vulnerabilities of MPSoCs. The most vulnerable parts recognized were the shared cache and the Network-on-Chip (NoC). Within this knowledge, this thesis developed four new attacks aiming MPSoCs - Hourglass, Firecracker, Arrow, and Earthquake. Besides, the proposition that the hardware can provide security being transparent to applications resulted in a proposal of a hardware countermeasure, the Gossip NoC. The proposed attacks executed in a real MPSoC environment in an FPGA, breaking the Advanced Encryption Standard (AES). These evaluations were the first practical demonstration of an ACA performed in a NoC-based MPSoC entirely. The efficiency of different countermeasures, the Gossip NoC and three other ones from the literature, was evaluated under these attacks. Results showed that i) the shared cache and the NoC are critical vulnerabilities of complex MPSoCs; ii) the proposed attacks optimize the traditional cache ACAs found in literature making possible to attack even in limited environments; iii) the Earthquake makes the differential collision strategy feasible; iv) the NoC is a suitable candidate to implement security mechanisms, since it can access all elements in the system; v) the Gossip NoC avoids only one type of attack, but a protection mechanism for such complex systems demands multiple countermeasure strategies integrated to be a complete solution.Sistemas em Chip Multi-Processados (do inglês, MPSoCs) tornaram-se a plataforma de hardware estabelecida para uma ampla variedade de aplicações e dispositivos. Cada vez mais dispositivos e sistemas serão interligados pela Internet. A conexão com a Internet já traz várias preocupações de segurança, porque todas as informações confidenciais armazenadas nesses dispositivos podem ser acessadas por agentes externos, e esse prognóstico só aumentará as questões relacionadas à segurança. Um dos ataques mais perigosos é o Ataque de Canal Lateral (do inglês, SCA). Este tipo de ataque explora características do sistema de destino (informação indireta) que revela alguns dados secretos ou valiosos. Esta ameaça pode ser implementada fisicamente através de instrumentação especializada acoplada diretamente ao dispositivo, ou lógica pelo comportamento arquitetural que é acessado remotamente através da rede. Esta tese define este SCA lógico em particular como uma subcategoria chamada Ataque de Canal Arquitetural (do inglês, ACA). Este projeto de pesquisa revisou a bibliografia para identificar, analisar e explorar as potenciais vulnerabilidades dos MPSoCs. As partes mais vulneráveis reconhecidas foram as Caches compartilhadas e a Rede-em-Chip (do inglês, NoC). Uma vez adquirido este conhecimento, esta tese desenvolveu quatro novos ataques para MPSoCs - Hourglass, Firecracker, Arrow, e Earthquake. Além disso, a proposição de que o hardware pode fornecer segurança sendo transparente para aplicações culminou em uma proposta de uma contramedida de hardware, o Gossip NoC. Os ataques propostos foram executados em um ambiente real de MPSoC em um FPGA, quebrando a criptografia AES. Estes experimentos práticos foram a primeira demonstração de um ACA realizado em um MPSoC baseado em NoC. A eficiência de diferentes contra-medidas foi avaliada sob estes ataques. Os resultados mostraram que i) a Cache compartilhada e a NoC são vulnerabilidades críticas em MPSoCs; ii) os ataques propostos otimizam os ACAs tradicionais de Cache encontrados na literatura; iii) o Earthquake torna viável a estratégia de colisão diferencial; iv) a NoC é uma candidata adequada para implementar mecanismos de segurança; v) a Gossip NoC evita apenas um tipo de ataque

El Luchador : diario republicano: Año 24º Número 8419 - 1936 Enero 08

Com o advento dos processos submicrônicos, a capacidade de integração de transistores numa mesma pastilha de silício atingiu níveis que possibilitaram a construção dos sistemas com múltiplos processadores num chip (MPSoCs, do inglês MultiProcessor System-on-Chip). Essa possibilidade de integração permite inserir dezenas de Elementos de Processamento (EPs) nos circuitos integrados atuais, e já se projeta centenas de EPs para os sistemas da próxima década (ITRS, 2011). Nesse cenário, um dos principais desafios se refere ao serviço de interconexão dos EPs, que deve apresentar um desempenho de comunicação necessário para as aplicações em execução sem comprometer as limitações de consumo de área e energia do circuito. Nos primeiros sistemas multiprocessados, com poucos nodos, arquiteturas baseadas em barramento foram suficientes para cumprir esses requisitos. Porém, o número de elementos nos sistemas recentes aumentou rapidamente, tornando as redes-em-chip a solução mais apropriada, por aliar escalabilidade e reuso na mesma estrutura. Contudo, diante da previsão de que essa tendência de aumento se manterá retorna a discussão se as redes-em-chip atuais continuarão adequadas para os futuros sistemas. De fato, o custo das redes-em-chip convencionais pode se tornar proibitivo para as escalas dos circuitos em um futuro próximo. Novas propostas têm sido apresentadas na literatura científica onde se podem destacar duas principais estratégias de projeto às redes de interconexão: reconfiguração arquitetural e organização hierárquica da topologia. A reconfiguração arquitetural permite obter uma grande eficiência, independente do tipo de aplicação em execução, pois uma das alternativas é projetar o circuito para que ele se auto adapte conforme os requisitos de desempenho para cada aplicação. Por outro lado, arquiteturas organizadas em topologias hierárquicas são desenvolvidas para uma estrutura computacional definida em tempo de projeto, sendo mais eficazes para uma classe de aplicações. O presente trabalho explora a sinergia da combinação das potencialidades das duas soluções e propõe uma nova estrutura que oferece melhor desempenho para uma classe maior de aplicações apropriada para os futuros sistemas. Como resultado foi implementada uma arquitetura adaptativa chamada MINoC (Multiple Interconnections Networks-on-Chip), uma arquitetura organizada em hierarquia, chamada HiCIT (Hierarchical Crossbar-based Interconnection Topology) e uma simbiose de ambas culminando na arquitetura hierárquica adaptativa HASIN (Hierarchical Adaptive Switching Interconnection Network). São apresentados resultados que mostram a eficiência desses conceitos validando a proposta hierárquica adaptativa.With the advent of submicron processes, the number of transistors integrated on a single chip has reached levels that allowed the design of Multiprocessor Systems-on-Chip (MPSoCs). This capability allows the integration of several processing elements (PEs) in integrated circuits designed nowadays. In the next decade it is expected that hundreds of PEs will be integrated on a single chip. In this scenario, a key challenge is the interconnection network between PEs, which must provide the communication service required to run applications without compromising the limitations of area and energy consumption. In the first multiprocessor systems, with few nodes, bus-based approaches have been sufficient to meet these requirements. However, current systems increased quickly the number of elements, making the Networks-on-Chip (NoCs) the most appropriate solution, because it handles scalability and reusability in the same structure. Nevertheless, ITRS roadmap predicts that this increase will continue (ITRS, 2011), which resumes the discussion if present NoC architectures will be the most adequate for future systems, since its costs could be prohibitive. Therefore, new proposals have been presented in the literature with two main design strategies: architectural reconfiguration and hierarchical organization of the topology. With the architectural reconfiguration it is possible to obtain an application independent high efficiency structure, because the circuit is designed to adapt itself to satisfy performance requirements. On the other hand, architectural organizations in hierarchical topologies are defined at design time to have the most appropriate features for a class of applications, being very effective. The current work identified the synergy of both approaches and proposes a new symbiotic structure suitable for a broader class of applications. As a result, it was implemented an adaptive architecture called MINoC (Multiple Interconexions Networks-on-chip), an architecture organized in hierarchy called HiCIT (Hierarchical Crossbar-based Interconnection Topology) and a mix of both ending up with the hierarchical adaptive architecture HASIN (Hierarchical Interconnection Network Adaptive Switching). Results show the efficiency of these concepts validating the proposed hierarchical adaptive architecture

Side channel attack on NoC-based MPSoCs are practical: NoC Prime+Probe attack

International audienc

Timing Attack on NoC-based Systems: Prime+Probe Attack and NoC-based Protection

International audienceMany authors have shown how to break the AES cryptographic algorithm with side channel attacks; specially the timing attacks oriented to caches, like Prime+Probe. In this paper, we present two practical timing attacks on NoC that improve Prime+Probe technique, the P+P Firecracker, and P+P Arrow. Our attacks target the communication between an ARM Cortex-A9 core and a shared cache memory. Furthermore, we evaluate a secure enhanced NoC as a countermeasure against the timing attack. Finally, we demonstrate that attacks on MPSoCs through the NoC are a real threat and need to be further explored

RNN-Based Detection of Fault Attacks on RSA

Physical fault injection attacks are becoming an important threat to computer systems, as fault injection equipment becomes more and more accessible. In this work, we propose a new strategy to detect fault attacks in cryptosystems. We use a recurrent neural network (RNN) to detect problems in the program flow caused by injected faults. Our neural network is trained using the instructions of non-faulty operations and therefore, it can protect against both current and future attacks. As a case study, we use two implementations of software RSA. To test the effectiveness of our detector, we propose a collection of fault injection models, where each model represents different types of faults in the instructions. Evaluation results show that we obtain a high detection accuracy in case injected faults lead to changes in the instruction flow and hence, making it difficult to steal secrete keys. Finally, we propose an efficient hardware implementation with only a 6% area overhead compared to a RISC-V processor.Accepted author manuscriptComputer EngineeringQuantum & Computer Engineerin

LightRoAD: Lightweight Rowhammer Attack Detector

Dynamic Random Access Memory (DRAM)-based systems are widely used in mobile and portable applications where low-cost and high-storage memory capability are required. However, such systems are prone to attacks. A latent threat to DRAM-based system security is the so-called Rowhammer attacks. By repeatedly accessing memory, an attacker is able to perform unauthorized data modifications into physically adjacent memory locations. As a consequence, powerful privilege-escalation attacks can be achieved. Although most of the known countermeasures are based on refresh strategies or intensive address monitoring, their efficient and low-cost realization is still a challenge. In this work, we present LightRoad, a lightweight and flexible hardware detector for Rowhammer attacks. Additionally, we propose two variants that further extend the LightRoad security, namely LightRoAD+Sec and LightRoAD+PARA. Our experiments show that LightRoad and its variants are very efficient and effective to detect attacks while having an affordable cost that varies according to the desired security level.Accepted author manuscriptComputer EngineeringQuantum & Computer Engineerin

Deterministic and Statistical Strategies to Protect ANNs against Fault Injection Attacks

Artificial neural networks are currently used for many tasks, including safety critical ones such as automated driving. Hence, it is very important to protect them against faults and fault attacks. In this work, we propose two fault injection attack detection mechanisms: one based on using output labels for a reference input, and the other on the activations of neurons. First, we calibrate our detectors during normal conditions. Thereafter, we verify them to maximize fault detection performance. To prove the effectiveness of our solution, we consider highly employed neural networks (AlexNet, GoogleNet, and VGG) with their associated dataset ImageNet. Our results show that for both detectors we are able to obtain a high rate of coverage against faults, typically above 96%. Moreover, the hardware and software implementations of our detector indicate an extremely low area and time overhead.Computer EngineeringQuantum & Computer Engineerin

Hierarchical and Multiple Switching NoC with Floorplan Based AdaptabilityReconfigurable Computing: Architectures, Tools and Applications

The Networks-on-Chip paradigm has been seen as an interconnect architecture solution for complex systems. However, performance and energy issues still represent limiting factors for Multi-Processors System-on-Chip. Moreover, the execution of different applications requires flexible and transparent interconnection solutions, and this feature is best provided by a selfadaptable system. In this paper we propose HASIN, an architecture that explores the suitable switching architecture according to the traffic in each region of the system, in a hierarchical manner. The proposed interconnection allows adapting the network at runtime using three switching possibilities to reconfigure itself according to the floorplan information. HASIN allows increasing the throughput up to 77% and reducing the power consumption up to 76% when compared to a packet-switched mesh network-on-chip