Multi-Processors Systems-on-Chip (MPSoCs), as a key technology enabler of the new computation paradigm Internet-of-Things (IoT), are currently exposed to attacks. Malicious applications can be downloaded at runtime to the MPSoC, infecting IP cores connected through a Network-on-Chip (NoC). Malwares executed on the infected IP cores can be used to extract sensitive information, to modify the system behavior, or to deny the MPSoC operation. The integration of cryptographic cores and virtualization mechanisms in MPSoC promises the enhancement of the MPSoC security. However, in order to increase the performance of the system, the computation, storage and communication resources of the MPSoC are shared dynamically. Such shared hardware can be exploited to leak information among applications.
Considering the different vectors of attack, the timing attack is one of the most dangerous. Any hardware resource shared among different security domains can be threatened. These attacks take advantage of the interference produced by the resources competition among applications. The behavior of the system during symmetric and public key encryption leaks information regarding the secret key. Timing attacks can be performed remotely, without any special equipment and are very difficult to detect. These enable the extraction of sensitive information by measuring the time it takes to the system to complete the tasks demanded by an attacker. It includes data processing, read or write of a memory or the data communication.
Few previous works have shown processor, memory and NoC timing attacks in the MPSoCs. All these works repeated the attack approaches for single core SoCs. They use a single IP core attacker whose aim is to track the transformation involved in the targeted algorithm. However, complexity of MPSoC can lead to new threats and opportunities to perform more effective and efficient attacks.
In this work we explore for the first time the execution of distributed timing attacks on MPSoCs. In order to execute an attack, several IP cores are infected along the MPSoC. These IPs are able to act coordinately such that they can monitor the sensitive data exchange by exploiting the NoC micro-architectural links and buffer leakage and then trigger the data fetch from cache. By using our approach we are able to reduce the number of observed traces to retrieve sensitive information. To protect the MPSoC against the distributed timing attacks, we propose the Time-Protected NoC (TPNoC) that uses dynamic random allocation of resources (buffer, arbitration and routing) in order to encapsulate and isolate the sensitive traffic from the remainder MPSoC traffic. Our architecture was modelled in VHDL-RTL. We evaluate the security, performance and cost of our approach. We show that our architecture is able to avoid distributed timing attacks while incurring in a penalty of less than 8% of area, 10% in power and 18% of performance penalties compared to the original MPSoC.
______________________
«
Multi-Processors Systems-on-Chip (MPSoCs), as a key technology enabler of the new computation paradigm Internet-of-Things (IoT), are currently exposed to attacks. Malicious applications can be downloaded at runtime to the MPSoC, infecting IP cores connected through a Network-on-Chip (NoC). Malwares executed on the infected IP cores can be used to extract sensitive information, to modify the system behavior, or to deny the MPSoC operation. The integration of cryptographic cores and virtualization...
»
Login
BibTeX