News and events archive

From the faculty

  • Title image

    Securing Multiprocessor Systems-on-Chip, Lecture by Dr. Biswas, National University of Singapore

    Public lecture by Dr. Arnab Kumar Biswas will be hosted in D2 (up to 50 people
    allowed; online streaming as well as lecture recording will be arranged - yet
    for the chance to engage in the discussion after the lecture a physical presence
    is required). Dr. Biswas applied for a position (Assistant Prof. or Lecturer)
    with FI.

    The lecture will take place 24/9 9:30am in D2, and a link for the streamed
    version will be provided several days ahead.

    Now-a-days Multiprocessor System-on-Chips (MP-SoCs) integrate
    multiple processing elements into a single chip. As MP-SoCs are
    pervading our lives, security issues are emerging as a serious problem
    and attacks against these systems are becoming more critical and
    sophisticated. New cost effective solutions have to be proposed in order
    to defend against these attacks. We have designed and implemented
    different hardware based solutions considering Network-on-Chip (NoC) as
    the communication medium in the MP-SoC. In the presentation, I will
    mainly talk about four projects that propose security solutions in
    MP-SoC. In the first project, we consider a new type of attack in NoC
    and propose different security solutions. NoC based high performance
    MP-SoCs can have multiple secure regions or Trusted Execution
    Environments (TEEs). These TEEs can be separated by non-secure regions
    or Rich Execution Environments (REEs) in the same MP-SoC. In this work,
    we address attacks on routing tables and propose two countermeasures -
    Run-time monitor and Restart monitor. In the second project, we consider
    hybrid NoCs and propose new router architectures to protect from timing
    channel attacks in NoC. A hybrid NoC containing both packet and circuit
    switching, can provide services to different applications. But these
    different applications can be of different security levels and one
    application can interfere with another application’s timing
    characteristics during network transmission. Using this interference, a
    malicious application can extract secret information from higher
    security level flows (timing side channel) or two applications can
    communicate covertly violating the system’s security policy (covert
    timing channel). We propose different mechanisms to protect hybrid
    routers from timing channel attacks. In the third project, we consider
    timing side-channel attacks which poses a major threat to embedded
    systems due to their ease of accessibility. We propose CIDPro, a
    framework that relies on dynamic program diversification to mitigate
    timing side-channel leakage. The proposed framework integrates the
    widely used LLVM compiler infrastructure and the increasingly popular
    RISC-V FPGA soft processor. In the last project, we revisit the problem
    of router attack resulting from malicious configuration of
    Network-on-Chip routers. A source authentication mechanism for router
    configuration packets can prevent such vulnerability. This ensures that
    a router is configured by the configuration packets sent only by a
    trusted configuration source. Conventional methods like Secure Hash
    Algorithm-3 (SHA-3) can provide required source authentication in a
    router but with a huge router area overhead compared to a normal router
    area. We propose eight source authentication mechanisms that can achieve
    a similar level of security as SHA-3 for a router configuration
    perspective without causing significant area and power increase. Most of
    our proposed techniques use different timing channel watermarking
    methods to transfer source authentication data to the receiver router.