[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ Skip to main content
Springer Nature Link
Log in

Network-on-Chip Trust Validation Using Security Assertions

  • Published:
Journal of Hardware and Systems Security Aims and scope Submit manuscript

Abstract

Recent technological advancements enabled integration of a wide variety of Intellectual Property (IP) cores in a single chip, popularly known as System-on-a-Chip (SoC). Network-on-Chip (NoC) is a scalable solution that enables communication between a large number of IP cores in modern SoC designs. A typical SoC design methodology relies on third-party IPs to reduce cost and meet time-to-market constraints, leading to serious security concerns. NoC becomes an ideal target for attackers due to its distributed nature across the chip as well as its inherent ability in monitoring communications between the individual IP cores. This paper presents a comprehensive NoC trust validation framework using security assertions. It makes three important contributions. (1) We define a set of security vulnerabilities for NoC architectures, and propose security assertions to monitor these pre-silicon vulnerabilities. (2) In order to ensure that the generated assertions are valid, we utilize efficient test generation techniques to activate these security assertions. (3) We develop on-chip triggers based on synthesized security assertions as well as efficient security-aware signal selection techniques for effective post-silicon debug. Experimental results show that our proposed framework is scalable and effective in capturing security vulnerabilities as well as functional bugs with minor hardware overhead.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (United Kingdom)

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Notes

  1. Most NoC architectures facilitate flits, which is a further breakdown of a packet used for flow control purposes. We stick to the level of packets for the ease of explanation as our method remains the same at the flit level as well.

References

  1. Parikh R, Bertacco V (2014) Forever: A complementary formal and runtime verification approach to correct noc functionality. ACM Trans Embed Comput Syst 13(3s):104:1–104:30. https://doi.org/10.1145/2514871

  2. Abdel-Khalek R, Parikh R, DeOrio A, Bertacco V (2011) Functional correctness for cmp interconnects. In: ICCD, pp 352–359. http://doi.org/10.1109/ICCD.2011.6081423

  3. Arteris (2009) Flexnoc resilience package. http://arteris.com/flexnoc-resilience-package-functional-safety, [Online]

  4. Foster H, Lacey D, Krolnik A (2003) Assertion-Based Design, 2nd edn. Kluwer Academic Publishers, USA

    Book  Google Scholar 

  5. Tehranipoor M, Koushanfar F (2010) A survey of hardware trojan taxonomy and detection. IEEE Des Test Comput 27(1):10–25

    Article  Google Scholar 

  6. Bhunia S, Tehranipoor M (2018) The Hardware Trojan War. Springer’18

  7. Lyu Y, Mishra P (2020b) System-on-chip security assertions. https://arxiv.org/pdf/2001.06719.pdf

  8. Mishra P, Farahmandi F (2019) Post-Silicon Validation and Debug. Springer

    Book  Google Scholar 

  9. Mishra P, Morad R, Ziv A, Ray S (2017) Post-silicon validation in the soc era: A tutorial introduction. IEEE Design & Test 34(3):68–92

    Article  Google Scholar 

  10. Love E, Jin Y, Makris Y (2011) Proof-carrying hardware intellectual property: A pathway to trusted module acquisition. IEEE TIFS 7(1):25–40

    Google Scholar 

  11. Guo X, Dutta RG, Mishra P, Jin Y (2016) Scalable soc trust verification using integrated theorem proving and model checking. In: HOST

  12. Sepulveda J, Aboul-Hassan D, Sigl G, Becker B, Sauer M (2018) Towards the formal verification of security properties of a network-on-chip router. In: ETS

  13. Witharana H, Lyu Y, Charles S, Mishra P (2022) A survey on assertion-based hardware verification. ACM Computing Surveys (CSUR)

  14. Boule M, Zilic Z (2008) Automata-based assertion-checker synthesis of psl properties. TODAES 13(1):1–21

    Article  Google Scholar 

  15. Gupta A (2002) Assertion-based verification turns the corner. IEEE Des Test Comput 19(4):131–132

    Google Scholar 

  16. Vasudevan S, Sheridan D, Patel S, Tcheng D, Tuohy B, Johnson D (2010) Goldmine: Automatic assertion generation using data mining and static analysis. In: DATE, pp 626–629

  17. Bombieri N, Busato F, Danese A, Piccolboni L, Pravadelli G (2019) Mangrove: An inference-based dynamic invariant mining for gpu architectures. IEEE Trans on Comp 69(4):606–620

    Article  MATH  Google Scholar 

  18. Danese A, Bertacco V, Pravadelli G (2018) Symbolic assertion mining for security validation. In: DATE, pp 1550–1555

  19. Dubrova E, Näslund M, Carlsson G, Smeets B (2014) Keyed logic bist for trojan detection in soc. In: SoC

  20. Boraten T, DiTomaso D, Kodi AK (2016) Secure model checkers for network-on-chip (noc) architectures. In: GLSVLSI

  21. Charles S, Mishra P (2020) Lightweight and trust-aware routing in noc-based socs. In: 2020 ISVLSI, IEEE, pp 160–167

  22. Charles S, Lyu Y, Mishra P (2019) Real-time detection and localization of dos attacks in noc based socs. In: DATE

  23. Prodromou A, Panteli A, Nicopoulos C, Sazeides Y (2012) Nocalert: An on-line and real-time fault detection mechanism for network-on-chip architectures. In: MICRO

  24. Wassel H, Gao Y, Jason K, Huffmire T, Kastner R, Chong F, Sherwood T (2013) Surfnoc: A low latency and provably non-interfering approach to secure networks-on-chip. In: ISCA

  25. Charles S, Logan M, Mishra P (2020) Lightweight Anonymous Routing in NoC based SoCs. In: DATE

  26. Intel (2016) Using tinycrypt library, intel developer zone. http://software.intel.com/en-us/node/734330

  27. Rout S, Basu K, Deb S (2019a) Efficient post-silicon validation of network-on-chip using wireless links. In: VLSID, pp 371–376

  28. Rout S, Patil SB, Chaudhari VI, Deb S (2019b) Efficient router architecture for trace reduction during noc post-silicon validation. In: SOCC, pp 230–235

  29. Rout S, Badri M, Deb S (2020) Reutilization of trace buffers for performance enhancement of noc based mpsocs. In: ASP-DAC, pp 97–102

  30. Sepúlveda J, Zankl A, Flórez D, Sigl G (2017) Towards protected mpsoc communication for information protection against a malicious noc. Procedia Computer Science 108:1103–1112

    Article  Google Scholar 

  31. Ancajas DM, Chakraborty K, Roy S (2014) Fort-nocs: Mitigating the threat of a compromised noc. In: DAC

  32. Hussain M, Malekpour A, Guo H, Parameswaran S (2018) Eetd: An energy efficient design for runtime hardware trojan detection in untrusted network-on-chip. In: ISVLSI

  33. Pasricha S, Dutt N (2010) On-chip communication architectures: system on chip interconnect. Morgan Kaufmann

    Google Scholar 

  34. JYV MK, Swain AK, Kumar S, Sahoo SR, Mahapatra K (2018) Run time mitigation of performance degradation hardware trojan attacks in network on chip. In: ISVLSI

  35. Biswas AK, Nandy S, Narayan R (2015) Router attack toward noc-enabled mpsoc and monitoring countermeasures against such threat. Circuits Systems Signal Process 34(10):3241–3290

    Article  Google Scholar 

  36. Mukherjee R, Kroening D, Melham T (2015) Hardware verification using software analyzers. In: ISVLSI

  37. Lyu Y, Mishra P (2020a) Automated test generation for activation of assertions in rtl models. In: ASP-DAC

  38. Boule M, Zilic Z (2005) Incorporating efficient assertion checkers into hardware emulation. In: ICCD, pp 221–228. http://doi.org/10.1109/ICCD.2005.66

  39. Kumar B, Basu K, Fujita M, Singh V (2020) Post-silicon gate-level error localization with effective and combined trace signal selection. IEEE Trans Comput-Aided Des Integr Circuits Syst 39(1):248–261. https://doi.org/10.1109/TCAD.2018.2883899

    Article  Google Scholar 

  40. Monemi A, Tang JW, Palesi M, Marsono MN (2017) Pronoc: A low latency network-on-chip based many-core system-on-chip prototyping platform. MICPRO 54:60–74

    Google Scholar 

  41. Amin O, Ramzy Y, Ibrahem O, Fouad A, Mohamed K, Abdelsalam M (2016) System verilog assertions synthesis based compiler. In: MTV

  42. Clifford W (2013) Yosys open synthesis suite. http://www.clifford.at/yosys/

Download references

Author information

Authors and Affiliations

  1. University of Florida, Gainesville, USA

    Aruna Jayasena, Hasini Witharana & Prabhat Mishra

  2. Indian Institute of Technology, Jodhpur, India

    Binod Kumar

  3. University of Moratuwa, Moratuwa, Sri Lanka

    Subodha Charles

Authors
  1. Aruna Jayasena
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Binod Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Subodha Charles
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hasini Witharana
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Prabhat Mishra
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Aruna Jayasena.

Ethics declarations

Funding

This work was partially supported by grants from National Science Foundation (CCF-1908131) and Semiconductor Research Corporation (2020-CT-2934).

Competing Interests

The authors have no relevant financial or non-financial interests to disclose.

Author Contributions

All authors contributed to the study conception and design. Manuscript preparation, experimental setup, and analysis were performed by Aruna Jayasena and Binod Kumar. The assertion validation part was performed by Hasini Witharana. The first draft of the manuscript was written by Subodha Charles and Prabhat Mishra and all authors commented on previous versions of the manuscript. All authors read and approved the final manuscript.

Data Availability

All the data and the analysis results that were generated during the experiments are available in the manuscript.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Jayasena, A., Kumar, B., Charles, S. et al. Network-on-Chip Trust Validation Using Security Assertions. J Hardw Syst Secur 6, 79–94 (2022). https://doi.org/10.1007/s41635-022-00129-5

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41635-022-00129-5

Keywords

Search

Navigation