Designing Secure Heterogeneous Multicore Systems from Untrusted Components
AbstractIn current systems-on-chip (SoCs) designs, processing elements, i.e., intellectual property (IP) cores, may come from different providers, and executable code may have varying levels of trust, all executing on the same compute platform and sharing resources. This creates a very fertile attack ground and represents the Achilles’ heel of heterogeneous SoC architectures and distributed connected devices. The general consensus today is that conventional approaches and software-only add-on schemes fail to provide sufficient security protections and trustworthiness. In this paper, we develop a secure heterogeneous SoC architecture named Hermes. It represents a new architectural model that integrates multiple processing elements (called tenants) of secure and non-secure cores into the same chip design while: (a) maintaining individual tenant security; (b) preventing data leakage and corruption; (c) promoting collaboration among the tenants; and (d) tolerating untrusted tenants with potentially malicious purposes. The Hermes architecture is based on a programmable secure router interface and a trust-aware routing algorithm. Depending on the trust levels of computing nodes, it is able to virtually isolate them in different access modes to the memory blocks. With secure key management and join protocols, Hermes is also able to function properly when nodes request for, or allow, memory access in a dishonest manner. With 17% hardware overhead, it enables the implementation of processing-element-oblivious secure multicore systems with a programmable distributed group key management scheme. The Hermes architecture is meant to emblematize the design of secure heterogeneous multicore computing systems out of unsecured or untrusted components using user-defined security policies to create at the hardware-level virtual zones to enforce these security and trust policies. View Full-Text
Share & Cite This Article
Kinsy, M.A.; Bu, L.; Isakov, M.; Mark, M. Designing Secure Heterogeneous Multicore Systems from Untrusted Components. Cryptography 2018, 2, 12.
Kinsy MA, Bu L, Isakov M, Mark M. Designing Secure Heterogeneous Multicore Systems from Untrusted Components. Cryptography. 2018; 2(3):12.Chicago/Turabian Style
Kinsy, Michel A.; Bu, Lake; Isakov, Mihailo; Mark, Miguel. 2018. "Designing Secure Heterogeneous Multicore Systems from Untrusted Components." Cryptography 2, no. 3: 12.
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.