ASAP 2017 - The 28th Annual IEEE International Conference on Application-specific Systems, Architectures and Processors July 10th-12th 2017, Seattle, WA,

Slides:



Advertisements
Similar presentations
Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.
Advertisements

Tamper Evident Microprocessors Adam Waksman Simha Sethumadhavan Computer Architecture & Security Technologies Lab (CASTL) Department of Computer Science.
Critical Software Security Through Replication and Virtualization A Research Proposal Dennis Edwards Sharon Simmons Arangamanikkannan Manickam.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Chapter 4: The Building Blocks: Binary Numbers, Boolean Logic, and Gates Invitation to Computer Science, Java Version, Third Edition.
Feng-Xiang Huang A Low-Cost SOC Debug Platform Based on On-Chip Test Architectures.
ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.
An Integrated Framework for Dependable Revivable Architectures Using Multi-core Processors Weiding Shi, Hsien-Hsin S. Lee, Laura Falk, and Mrinmoy Ghosh.
A Flexible Parallel Architecture Adapted to Block-Matching Motion-Estimation Algorithms Santanu Dutta, and Wayne Wolf IEEE Trans. On CSVT, vol. 6, NO.
Min-Sheng Lee Efficient use of memory bandwidth to improve network processor throughput Jahangir Hasan 、 Satish ChandraPurdue University T. N. VijaykumarIBM.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
Introduction SYSC5603 (ELG6163) Digital Signal Processing Microprocessors, Software and Applications Miodrag Bolic.
University of Michigan Electrical Engineering and Computer Science 1 Streamroller: Automatic Synthesis of Prescribed Throughput Accelerator Pipelines Manjunath.
Chapter 4: The Building Blocks: Binary Numbers, Boolean Logic, and Gates Invitation to Computer Science, C++ Version, Fourth Edition.
1 Secure Cooperative MIMO Communications Under Active Compromised Nodes Liang Hong, McKenzie McNeal III, Wei Chen College of Engineering, Technology, and.
Hardware Design of High Speed Switch Fabric IC. Overall Architecture.
WHAT IS VIRUS? NAE GRAND CHALLENGE SECURE CYBERSPACE.
Securing the core root of trust (research in secure hardware design and test) Ramesh Karri ECE Department.
Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.
Sogang University Advanced Computing System Chap 1. Computer Architecture Hyuk-Jun Lee, PhD Dept. of Computer Science and Engineering Sogang University.
Flow of presentation:  Kind of attacks on embedded systems.  Most relevant security threats faced by NOC.  Solutions/ways suggested so far to deal.
SiLab presentation on Reliable Computing Combinational Logic Soft Error Analysis and Protection Ali Ahmadi May 2008.
{ Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Cristiano Giuffrida, Anton Kuijsten & Andrew S.Tanenbaum.
ELEC692/04 course_des 1 ELEC 692 Special Topic VLSI Signal Processing Architecture Fall 2004 Chi-ying Tsui Department of Electrical and Electronic Engineering.
Radix-2 2 Based Low Power Reconfigurable FFT Processor Presented by Cheng-Chien Wu, Master Student of CSIE,CCU 1 Author: Gin-Der Wu and Yi-Ming Liu Department.
1 ITGD 2202 Supervision:- Assistant Professor Dr. Sana’a Wafa Al-Sayegh Dr. Sana’a Wafa Al-SayeghStudent: Anwaar Ahmed Abu-AlQumboz.
Title of Selected Paper: IMPRES: Integrated Monitoring for Processor Reliability and Security Authors: Roshan G. Ragel and Sri Parameswaran Presented by:
Hardware Image Signal Processing and Integration into Architectural Simulator for SoC Platform Hao Wang University of Wisconsin, Madison.
Computer Concepts 2014 Chapter 10 Information Systems Analysis and Design.
A Configurable High-Throughput Linear Sorter System Jorge Ortiz Information and Telecommunication Technology Center 2335 Irving Hill Road Lawrence, KS.
Chapter 1 Computer Abstractions and Technology. Chapter 1 — Computer Abstractions and Technology — 2 The Computer Revolution Progress in computer technology.
ACCESS IC LAB Graduate Institute of Electronics Engineering, NTU Under-Graduate Project Improving Timing, Area, and Power Speaker: 黃乃珊 Adviser: Prof.
Workpackage 3 New security algorithm design ICS-FORTH Ipswich 19 th December 2007.
Improving Xen Security through Disaggregation Derek MurrayGrzegorz MilosSteven Hand.
Processor Architecture
Unix Security Assessing vulnerabilities. Classifying vulnerability types Several models have been proposed to classify vulnerabilities in UNIX-type Oses.
Hardware Trojan (HT) Detection in 3-D IC Wafi Danesh Instructor: Dr. Christopher Allen EECS 713 High-Speed Digital Circuit Design Final Project Presentation.
Mixed Criticality Systems: Beyond Transient Faults Abhilash Thekkilakattil, Alan Burns, Radu Dobrin and Sasikumar Punnekkat.
Memory-Efficient and Scalable Virtual Routers Using FPGA Department of Computer Science and Information Engineering, National Cheng Kung University, Tainan,
DR. SIMING LIU SPRING 2016 COMPUTER SCIENCE AND ENGINEERING UNIVERSITY OF NEVADA, RENO CS 219 Computer Organization.
Detecting Hardware Trojans in Unspecified Functionality Using Mutation Testing Nicole Fern K.-T. Tim Cheng UC Santa Barbara 1.
Implementing Tile-based Chip Multiprocessors with GALS Clocking Styles Zhiyi Yu, Bevan Baas VLSI Computation Lab, ECE Department University of California,
Static Translation of Stream Program to a Parallel System S. M. Farhad The University of Sydney.
RTL Hardware Design by P. Chu Chapter 9 – ECE420 (CSUN) Mirzaei 1 Sequential Circuit Design: Practice Shahnam Mirzaei, PhD Spring 2016 California State.
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
July 10, th VLSI Design and Test Symposium1 BIST / Test-Decompressor Design using Combinational Test Spectrum Nitin Yogi Vishwani D. Agrawal Auburn.
MAPLD 2005/213Kakarla & Katkoori Partial Evaluation Based Redundancy for SEU Mitigation in Combinational Circuits MAPLD 2005 Sujana Kakarla Srinivas Katkoori.
DAC50, Designer Track, 156-VB543 Parallel Design Methodology for Video Codec LSI with High-level Synthesis and FPGA-based Platform Kazuya YOKOHARI, Koyo.
Invitation to Computer Science, C++ Version, Fourth Edition
CSCE 548 Secure Software Development Risk-Based Security Testing
Overview on Hardware Security
ELEC 7770 Advanced VLSI Design Spring 2016 Introduction
Software Security ITGD 2202 Supervision:- Assistant Professor
SOFTWARE DESIGN AND ARCHITECTURE
SECTIONS 1-7 By Astha Chawla
EE 1001 Digital Topics Introduction to Electrical Engineering
CSCI-100 Introduction to Computing
Invitation to Computer Science, Java Version, Third Edition
ELEC 7770 Advanced VLSI Design Spring 2014 Introduction
Introduction to cosynthesis Rabi Mahapatra CSCE617
ELEC 7770 Advanced VLSI Design Spring 2012 Introduction
ELEC 7770 Advanced VLSI Design Spring 2010 Introduction
ICIEV 2014 Dhaka, Bangladesh
Discretized Streams: A Fault-Tolerant Model for Scalable Stream Processing Zaharia, et al (2012)
Chapter 1 Introduction.
Knowing When to Stop: An Examination of Methods to Minimize the False Negative Risk of Automated Abort Triggers RAM XI Training Summit October 2018 Patrick.
Kejia Li, Yang Fu University of Virginia
Introduction SYSC5603 (ELG6163) Digital Signal Processing Microprocessors, Software and Applications Miodrag Bolic.
Introduction SYSC5603 (ELG6163) Digital Signal Processing Microprocessors, Software and Applications Miodrag Bolic.
Seminar on Enterprise Software
Presentation transcript:

ASAP 2017 - The 28th Annual IEEE International Conference on Application-specific Systems, Architectures and Processors July 10th-12th 2017, Seattle, WA, USA DoSGuard: Protecting Pipelined MPSoCs Against Hardware Trojan Based DoS Attacks Amin Malekpour, Roshan Ragel, Aleksandar Ignjatovic, and Sri Parameswaran School of Computer Science and Engineering University of New South Wales, Sydney, Australia

Outline Introduction Related Work Proposed Architecture Comparison with State of the Art

Introduction Hardware Trojans (HTs) - malicious modifications to ICs ICs vulnerabilities to HT: Economic pressure Design outsourcing Reliance on IPs Unverified design automation tools HT free components - arduous task #efforts to reduce time to market##Ensuring components are free #even the best detection techniques are not able to detect all the malicious modifications

Functional/Data Modification Denial of Service (DOS) Introduction Table 1: hardware Trojan Taxonomy Logic Type Physical Layout Location Abstraction Insertion Triggering Mechanism Payload Sequential Large Processor System Specification Always on Information Leakage Combinational Small Memory RTL Design Internally Functional/Data Modification Hybrid Augmented I/O Logic Fabrication Externally Denial of Service (DOS) Clustered Power Supply Transistor Testing Distributed Clock Grid Physical Assembly #efforts to reduce time to market##Ensuring components are free #even the best detection techniques are not able to detect all the malicious modifications

Introduction Most researches - detecting an HT or preventing its activation No guarantee - detection or prevention Solution - methods for safely operating in HT presence DoSGuard contributions: DoS attack detection Identification and isolation Fast recovery Therefore We must pursue methods for safely operating in Trojan presence assuming they will be active within our system #A simple system-level #A mechanism to limit data leakage and make the leaked data less usable by an adversary is proposed#

Related Work Most of the techniques presented here…. Table 2: Effectiveness of the Different Techniques Technique Detection Identification Recovery Bloom09 [6] ✓ ✕ Beaumont12 [4] Cui14 [8] Rajendaran16 [16] Most of the techniques presented here…. Data leakage is the chalenging part

Architecture Stream programming - parallelism of many-core architectures Applications – Network processing, Multimedia, and DSP Processor Pipelines – Improve throughput and performance Pipelined MPSoC Architecture paradigm for exploiting the parallelism of many-core architectures Processor pipelines are used to improve throughput and performance of streaming applications

Architecture - PMPSoC Color Conversion Motion Estimation Motion Compensation TQE Inverse TQ Write Back # an PMPSoC with 6 stages running H.264 application is presented here. Each stage of the pipeline is responsible for a particular task. For instance the first stage is responsible for …TQE: Transform Quantize Encode Pipelined MPSoC Architecture Running H.264 Application

#cores in the sleeping pool are clock gated. Architecture – DoSGuard V1 V3 V2 V1 V2 V3 V1 V3 V1 V3 V2 Sleeping Pool Untrusted Pool V3 V2 V1 Monitor Cores TMR V3 V2 V1 #cores in the sleeping pool are clock gated. # We use the read/write delay of the pipeline buffers to detect DoS attacks caused by hardware Trojans # delays in the buffers immediately preceding and succeeding the processor # When a core is under DoS attack, its input buffer would be full, and/or its output buffer would be empty as the affected core will not be reading from, or/and writing to its buffers. V3 V2 V1 V3 V2 V1

Architecture – RwD Sleeping Pool Untrusted Pool Monitor Cores TMR

Architecture – RaD Sleeping Pool Untrusted Pool Testing Monitor Cores TMR # an PMPSoC with 6 stages running H.264 application is presented here. Each stage of the pipeline is responsible for a particular task. For instance the first stage is responsible for …TQE: Transform Quantize Encode

Results Throughput vs. # of Attacks and Monitoring Interval for H.264 Failed Failed Failed Throughput vs. # of Attacks and Monitoring Interval for H.264 Throughput for Different Benchmarks

Comparison - Related Work Table 3: Effectiveness of the Different Techniques Technique Detection Identification Recovery Bloom09 [6] ✓ ✕ Beaumont12 [4] Cui14 [8] Rajendaran16 [16] DoSGuard - RaD DoSGuard - RwD

Comparison with State of the Art J. Rajendran, O. Sinanoglu, and R. Karri. “Building trustworthy systems using untrusted components: A high-level synthesis approach”, IEEE Transactions on VLSI Systems, 2016. Base System – M cores, 2 cores per each stage Table 5: Hardware Trojan Infected Cores Identification Table 4: Hardware Trojan Attacks Detection Technique # of Cores Dyn. Power Sta. Power State of the Art 3M PD*(3M) PS*(3M) DoSGuard - RaD 1.5M + 3 PD*(M+3) PS*(1.5M+3) Technique # of Cores Dyn. Power Sta. Power State of the Art 2M PD*(2M) PS*(2M) DoSGuard M + 3 PD*(M+3) PS*(M+3) Using duplication and diversity techniques to detect hardware Trojan that affect the output of the system or deny service For identification of the Trojan infected cores, proposed to triplicate the number of cores (TMR) PMPSoC with state of the art will have …… PMPSoC with Trojan guard will have …..

Attack Scenarios - DoS attacks PMPSoC - failure of one stage - failure of the entire system Monitoring System - TMR !!!! Input - True/False Signals + Buffer Delays Time bomb Trojans – Resetting the Cores TMR TMR TMR TMR Therefore we argue that it is unlikely for Ht to get triggered in …. Monitors are scheduler TMR

Summary DoSGuard: Detect, Identify, and Recover – DoS attacks Fewer number of cores, Less power, No throughput reduction In comparison to the other thechniques trojanguard will do these by fewer

Thank You! I would be glad to see you at poster presentation for more discussion on Trojanguard

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.