Siavoosh Payandeh Azad, G. Jervan, Michael Tempelmeier, Martha Johanna Sepúlveda
{"title":"CAESAR-MPSoC:动态和高效的MPSoC安全区域","authors":"Siavoosh Payandeh Azad, G. Jervan, Michael Tempelmeier, Martha Johanna Sepúlveda","doi":"10.1109/ISVLSI.2019.00092","DOIUrl":null,"url":null,"abstract":"Dynamic security zones in Multiprocessor System-on-Chip (MP-SoC) has been used to isolate sensitive applications from possible attackers. These physical wrappers are usually configured through programmable hardware firewalls. Previous works have shown the efficiency of this security mechanism against a wide variety of attacks. However, the security zone configuration is performed in an unprotected way, exposing the system to attacks caused by rogue firewall update. In this work we propose CAESAR-MPSoC, an enhanced MPSoC able to ensure the protected configuration of the firewalls through encrypted and authenticated reconfiguration packets. To this end, we present two contributions. First, we integrate two CAESAR (Competition for Authenticated Encryption: Security, Applicability, and Robustness) hardware IP cores, ASCON and AEGIS, into MPSoCs. Second, we developed a light-weight interface that allows to plug-in the different CAESAR cores into MPSoC environment. Third, we show the protected configuration of security zones. Fourth, we evaluate the security, area and cost of CAESAR-MPSoC. The results show that our solution is feasible and effective to allow the protected and efficient security zone configuration.","PeriodicalId":6703,"journal":{"name":"2019 IEEE Computer Society Annual Symposium on VLSI (ISVLSI)","volume":"27 1","pages":"477-482"},"PeriodicalIF":0.0000,"publicationDate":"2019-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"CAESAR-MPSoC: Dynamic and Efficient MPSoC Security Zones\",\"authors\":\"Siavoosh Payandeh Azad, G. Jervan, Michael Tempelmeier, Martha Johanna Sepúlveda\",\"doi\":\"10.1109/ISVLSI.2019.00092\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Dynamic security zones in Multiprocessor System-on-Chip (MP-SoC) has been used to isolate sensitive applications from possible attackers. These physical wrappers are usually configured through programmable hardware firewalls. Previous works have shown the efficiency of this security mechanism against a wide variety of attacks. However, the security zone configuration is performed in an unprotected way, exposing the system to attacks caused by rogue firewall update. In this work we propose CAESAR-MPSoC, an enhanced MPSoC able to ensure the protected configuration of the firewalls through encrypted and authenticated reconfiguration packets. To this end, we present two contributions. First, we integrate two CAESAR (Competition for Authenticated Encryption: Security, Applicability, and Robustness) hardware IP cores, ASCON and AEGIS, into MPSoCs. Second, we developed a light-weight interface that allows to plug-in the different CAESAR cores into MPSoC environment. Third, we show the protected configuration of security zones. Fourth, we evaluate the security, area and cost of CAESAR-MPSoC. The results show that our solution is feasible and effective to allow the protected and efficient security zone configuration.\",\"PeriodicalId\":6703,\"journal\":{\"name\":\"2019 IEEE Computer Society Annual Symposium on VLSI (ISVLSI)\",\"volume\":\"27 1\",\"pages\":\"477-482\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-07-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE Computer Society Annual Symposium on VLSI (ISVLSI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISVLSI.2019.00092\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE Computer Society Annual Symposium on VLSI (ISVLSI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISVLSI.2019.00092","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
CAESAR-MPSoC: Dynamic and Efficient MPSoC Security Zones
Dynamic security zones in Multiprocessor System-on-Chip (MP-SoC) has been used to isolate sensitive applications from possible attackers. These physical wrappers are usually configured through programmable hardware firewalls. Previous works have shown the efficiency of this security mechanism against a wide variety of attacks. However, the security zone configuration is performed in an unprotected way, exposing the system to attacks caused by rogue firewall update. In this work we propose CAESAR-MPSoC, an enhanced MPSoC able to ensure the protected configuration of the firewalls through encrypted and authenticated reconfiguration packets. To this end, we present two contributions. First, we integrate two CAESAR (Competition for Authenticated Encryption: Security, Applicability, and Robustness) hardware IP cores, ASCON and AEGIS, into MPSoCs. Second, we developed a light-weight interface that allows to plug-in the different CAESAR cores into MPSoC environment. Third, we show the protected configuration of security zones. Fourth, we evaluate the security, area and cost of CAESAR-MPSoC. The results show that our solution is feasible and effective to allow the protected and efficient security zone configuration.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
