Biblio

With the development of computer technology and information security technology, computer networks will increasingly become an important means of information exchange, permeating all areas of social life. Therefore, recognizing the vulnerabilities and potential threats of computer networks as well as various security problems that exist in reality, designing and researching computer quality architecture, and ensuring the security of network information are issues that need to be resolved urgently. The purpose of this article is to study the design and realization of information security technology and computer quality system structure. This article first summarizes the basic theory of information security technology, and then extends the core technology of information security. Combining the current status of computer quality system structure, analyzing the existing problems and deficiencies, and using information security technology to design and research the computer quality system structure on this basis. This article systematically expounds the function module data, interconnection structure and routing selection of the computer quality system structure. And use comparative method, observation method and other research methods to design and research the information security technology and computer quality system structure. Experimental research shows that when the load of the computer quality system structure studied this time is 0 or 100, the data loss rate of different lengths is 0, and the correct rate is 100, which shows extremely high feasibility.

Model checking is one of the most commonly used technique in formal verification. However, the exponential scale state space renders exhaustive state enumeration inefficient even for a moderate System on Chip (SoC) design. In this paper, we propose a method that leverages symbolic execution to accelerate state space search and pinpoint security vulnerabilities. We automatically convert the hardware design to functionally equivalent C++ code and utilize the KLEE symbolic execution engine to perform state exploration through heuristic search. To reduce the search space, we symbolically represent essential input signals while making non-critical inputs concrete. Experiment results have demonstrated that our method can precisely identify security vulnerabilities at significantly lower computation cost.

Chaos is an interesting phenomenon for nonlinear systems that emerges due to its complex and unpredictable behavior. With the escalated use of low-powered edge-compute devices, data security at the edge develops the need for security in communication. The characteristic that Chaos synchronizes over time for two different chaotic systems with their own unique initial conditions, is the base for chaos implementation in communication. This paper proposes an encryption architecture suitable for communication of on-chip sensors to provide a POC (proof of concept) with security encrypted on the same chip using different chaotic equations. In communication, encryption is achieved with the help of microcontrollers or software implementations that use more power and have complex hardware implementation. The small IoT devices are expected to be operated on low power and constrained with size. At the same time, these devices are highly vulnerable to security threats, which elevates the need to have low power/size hardware-based security. Since the discovery of chaotic equations, they have been used in various encryption applications. The goal of this research is to take the chaotic implementation to the CMOS level with the sensors on the same chip. The hardware co-simulation is demonstrated on an FPGA board for Chua encryption/decryption architecture. The hardware utilization for Lorenz, SprottD, and Chua on FPGA is achieved with Xilinx System Generation (XSG) toolbox which reveals that Lorenz’s utilization is 9% lesser than Chua’s.

Embedded memory are important components in system-on-chip, which may be crippled by aging and wear faults or Hardware Trojan attacks to compromise run-time security. The current built-in self-test and pre-silicon verification lack efficiency and flexibility to solve this problem. To this end, we address such vulnerabilities by proposing a run-time memory security detecting framework in this paper. The solution builds mainly upon a centralized security detection controller for partially reconfigurable inspection content, and a static memory wrapper to handle access conflicts and buffering testing cells. We show that a field programmable gate array prototype of the proposed framework can pursue 16 memory faults and 3 types Hardware Trojans detection with one reconfigurable partition, whereas saves 12.7% area and 2.9% power overhead compared to a static implementation. This architecture has more scalable capability with little impact on the memory accessing throughput of the original chip system in run-time detection.

This paper presents a definition of a secure system and design principles, which help govern security policies within an embedded system. By understanding a secure system, a common system on chip (SoC) architecture is evaluated and their vulnerabilities explored. This effort helped define requirements for a framework for a secure and isolated SoC architecture for users to develop in. Throughout this paper, a SoC architecture framework for isolated domains has been proposed and its robustness verified against different attack scenarios. To support different levels of criticality and complexity in developing user applications, three computing domains were proposed: security and safety critical (SSC) domain, high performance (HP) domain, and sandbox domain. These domains allow for complex applications to be realized with varying levels of security. Isolation between different computing domains is established using consumer off the shelf (COTS) techniques and architectural components provided by the Zynq Ultrascale+ (ZU+) multiprocessor SoC (MPSoC). To the best of our knowledge, this is the first work that implements a secure system design on the ZU+ platform. There have been many other implementations in hardware security to mitigate certain attack scenarios such as side channel attacks, temporal attacks, hardware trojans, etc. However, our work is different than others, as it establishes the framework for isolated computing domains for secure applications and also verifies system security by attacking one domain from the others.

The security of manycore systems has become increasingly critical. In system-on-chips (SoCs), Hardware Trojans (HTs) manipulate the functionalities of the routing components to saturate the on-chip network, degrade performance, and result in the leakage of sensitive data. Existing HT detection techniques, including runtime monitoring and state-of-the-art learning-based methods, are unable to timely and accurately identify the implanted HTs, due to the increasingly dynamic and complex nature of on-chip communication behaviors. We propose AGAPE, a novel Generative Adversarial Network (GAN)-based anomaly detection and mitigation method against HTs for secured on-chip communication. AGAPE learns the distribution of the multivariate time series of a number of NoC attributes captured by on-chip sensors under both HT-free and HT-infected working conditions. The proposed GAN can learn the potential latent interactions among different runtime attributes concurrently, accurately distinguish abnormal attacked situations from normal SoC behaviors, and identify the type and location of the implanted HTs. Using the detection results, we apply the most suitable protection techniques to each type of detected HTs instead of simply isolating the entire HT-infected router, with the aim to mitigate security threats as well as reducing performance loss. Simulation results show that AGAPE enhances the HT detection accuracy by 19%, reduces network latency and power consumption by 39% and 30%, respectively, as compared to state-of-the-art security designs.

This paper presents a scalable single-input-multiple-output DC/DC converter targeting load transient response and security improvement for low-power System-on-Chips (SoCs). A two-stage modular architecture is introduced to enable scalability. The shared switched-capacitor pre-charging circuits are implemented to improve load transient response and decouple correlations between inputs and outputs. The demo version of the converter has three identical outputs, each supporting 0.3V to 0.9V with a maximum load current of 150mA. Based on post-layout simulation results in 32nm CMOS process, the converter output provides 19.3V/μs reference tracking speed and 27mA/ns workload transitions with negligible voltage droops or spikes. No cross regulation is observed at any outputs with a worst-case voltage ripple of 68mV. Peak efficiency reaches 85.5% for each output. With variable delays added externally, the input-output correlations can change 10 times and for steady-state operation, such correlation factors are always kept below 0.05. The converter is also scaled to support 6 outputs with only 0.56mm2 more area and maintains same load transient response performance.

In this paper we propose a novel integrated DC/DC converter featuring a single-input-multiple-output architecture for emerging System-on-Chip applications to improve load transient response and power side-channel security. The converter is able to provide multiple outputs ranging from 0.3V to 0.92V using a global 1V input. By using modularized circuit blocks, the converter can be extended to provide higher power or more outputs with minimal design complexity. Performance metrics including power efficiency and load transient response can be well maintained as well. Implemented in 32nm technology, single output efficiency can reach to 88% for the post layout models. By enabling delay blocks and circuits sharing, the Pearson correlation coefficient of input and output can be reduced to 0.1 under rekeying test. The reference voltage tracking speed is up to 31.95 V/μs and peak load step response is 53 mA/ns. Without capacitors, the converter consumes 2.85 mm2 for high power version and only 1.4 mm2 for the low power case.

This demonstration presents an internet of things device (thermostat), whose security is enforced by a secure element (smartcard) running TLS server, and using Virtual Input/Ouput technology. The board comprises a Wi-Fi system on chip (SoC), a micro-controller managing sensor (temperature probe) and actuator (relay), and a javacard. All device messages are sent/received over TLS, and processed by the secure element. Some of them are exported to micro-controller in clear form, which returns a response, sent over TLS by the smartcard.

An ultra-low-power gesture and gait classification SoC is presented for rehabilitation application featuring (1) mixed-signal feature extraction and integrated low-noise amplifier eliminating expensive ADC and digital feature extraction, (2) an integrated distributed deep neural network (DNN) ASIC supporting a scalable multi-chip neural network for sensor fusion with distortion resiliency for low-cost front end modules, (3) onchip learning of DNN engine allowing in-situ training of user specific operations. A 12-channel 65nm CMOS test chip was fabricated with 1μW power per channel, less than 3ms computation latency, on-chip training for user-specific DNN model and multi-chip networking capability.

In the context of the Industry 4.0 initiative, Cyber-Physical Production Systems (CPPS) or Cyber Manufacturing Systems (CMS) can be characterized as advanced networked mechatronic production systems gaining their added value by interaction with different systems using advanced communication technologies. Appropriate wired and wireless communication technologies and standards need to add timing in combination with security concepts to realize the potential improvements in the production process. One of these standards is IO-Link Wireless, which is used for sensor/actuator network operation. In this paper cryptographic performance and energy efficiency of an IO-Link Wireless Device are analyzed. The power consumption and the influence of the cryptographic operations on the trans-mission timing of the IO-Link Wireless protocol are exemplary measured employing a Phytec module based on a CC2650 system-on-chip (SoC) radio transceiver [2]. Confidentiality is considered in combination with the cryptographic performance as well as the energy efficiency. Different cryptographic algorithms are evaluated using the on chip hardware accelerator compared to a cryptographic software implementation.

Modern SoC applications include a variety of sensitive modules in which data must be protected against malicious access. Security vulnerabilities, when exercised during the SoC operation, lead to denial of service or disclosure of protected data. Hence, it is essential to undertake security validation before and after SoC fabrication and make provisions for continuous security assessment during operation. This paper presents a methodology for optimized post-deployment monitoring of SoC's security properties by migrating pre-fab design security assertions to post-fab run-time security monitors. We show that the method is scalable for large systems and complex properties by optimizing the hardware monitors and applying it to a large SoC design based on a OpenRISC-1200 SoC. About 40 security assertions were specified in System Verilog Assertions (SVA). Following formal verification, the assertions were synthesized into finite state machines and cross optimized. Following code generation in Verilog, commercial logic and layout synthesis tools were used to generate hardware monitors which were then integrated with the SoC design ready for fabrication.

To measure machinery vibration, a sensor system consisting of a 3-axis accelerometer, ADXL345, attached to a self-contained system-on-a-chip with integrated Wi-Fi capabilities, ESP8266, is a low-cost solution. In this work, we first show that in such a system, the widely used direct-read-and-send method which samples and sends individually acquired vibration data points to the server is not effective, especially using Wi-Fi connection. We show that the micro delays in each individual data transmission will limit the sensor sampling rate and will also affect the time of the acquired data points not evenly spaced. Then, we propose that vibration should be sampled in batches before sending the acquired data out from the sensor node. The vibration for each batch should be acquired continuously without any form of interruption in between the sampling process to ensure the data points are evenly spaced. To fill the data gaps between the batches, we propose the use of compressive sampling technique. Our experimental results show that the maximum sampling rate of the direct-read-and-send method is 350Hz with a standard uncertainty of 12.4, and the method loses more information compared to our proposed solution that can measure the vibration wirelessly and continuously up to 633Hz. The gaps filled using compressive sampling can achieve an accuracy in terms of mean absolute error (MAE) of up to 0.06 with a standard uncertainty of 0.002, making the low-cost vibration sensor node a cost-effective solution.

To develop the next generation of Internet of Things, Edge devices and systems which leverage progress in enabling technologies such as 5G, distributed computing and artificial intelligence (AI), several requirements need to be developed and put in place to make the devices smarter. A major requirement for all the above applications is the long-term security and trust computing infrastructure. Trusted Computing requires the introduction inside of the platform of a Trusted Platform Module (TPM). Traditionally, a TPM was a discrete and dedicated module plugged into the platform to give TPM capabilities. Recently, processors manufacturers started integrating trusted computing features into their processors. A significant drawback of this approach is the need for a permanent modification of the processor microarchitecture. In this context, we suggest an analysis and a design of a software-only TPM for RISC-V processors based on seL4 microkernel and OP-TEE.

The ever-increasing cost and complexity of cutting-edge manufacturing and test processes have migrated the semiconductor industry towards a globalized business model. With many untrusted entities involved in the supply chain located across the globe, original intellectual property (IP) owners face threats such as IP theft/piracy, tampering, counterfeiting, reverse engineering, and overproduction. Logic locking has emerged as a promising solution to protect integrated circuits (ICs) against supply chain vulnerabilities. It inserts key gates to corrupt circuit functionality for incorrect key inputs. A logic-locked chip test can be performed either before or after chip activation (becoming unlocked) by loading the unlocking key into the on-chip tamperproof memory. However, both pre-activation and post-activation tests suffer from lower test coverage, higher test cost, and critical security vulnerabilities. To address the shortcomings, we propose LL-ATPG, a logic-locking aware test method that applies a set of valet (dummy) keys based on a target test coverage to perform manufacturing test in an untrusted environment. LL-ATPG achieves high test coverage and minimizes test time overhead when testing the logic-locked chip before activation without sharing the unlocking key. We perform security analysis of LL-ATPG and experimentally demonstrate that sharing the valet keys with the untrusted foundry does not create additional vulnerability for the underlying locking method.

Always-On Denial of Service (DoS) Trojans with power drain payload can be disastrous in systems where on-chip power resources are limited. These Trojans are designed so that they have no impact on system behavior and hence, harder to detect. A formal verification method is presented to detect sequential always-on DoS Trojans in pipelined circuits and pipelined microprocessors. Since the method is proof-based, it provides a 100% accurate classification of sequential Trojan components. Another benefit of the approach is that it does not require a reference model, which is one of the requirements of many Trojan detection techniques (often a bottleneck to practical application). The efficiency and scalability of the proposed method have been evaluated on 36 benchmark circuits. The most complex of these benchmarks has as many as 135,898 gates. Detection times are very efficient with a 100% rate of detection, i.e., all Trojan sequential elements were detected and all non-trojan sequential elements were classified as such.

This paper introduces a scheme for achieving trustworthy computing on SoCs that use an outsourced AXI interconnect for on-chip communication. This is achieved through component guarding, data tagging, event verification, and consequently responding dynamically to an attack. Experimental results confirm the ability of the proposed scheme to detect HT attacks and respond to them at run-time. The proposed scheme extends the state-of-art in trustworthy computing on untrustworthy components by focusing on the issue of an untrusted on-chip interconnect for the first time, and by developing a scheme that is independent of untrusted third-party IP.

Network-on-Chip (NoC) fulfills the communication requirements of modern System-on-Chip (SoC) architectures. Due to the resource-constrained nature of NoC-based SoCs, it is a major challenge to secure on-chip communication against eavesdropping attacks using traditional encryption methods. In this paper, we propose a lightweight encryption technique using chaffing and winnowing (C&W) with all-or-nothing transform (AONT) that benefits from the unique NoC traffic characteristics. Our experimental results demonstrate that our proposed encryption technique provides the required security with significantly less area and energy overhead compared to the state-of-the-art approaches.

In this paper, we propose a methodology for post-silicon validation through the evaluation of security assertions for systems-on-chip (SoC). The methodology is centered around a security architecture in which a "security capsule" is attached to each IP core in the SoC. The security capsule consists of a set of on-line and off-line assertion monitors, a dynamic trace-buffer to trace selected groups of signals, and a dynamic trace controller. The architecture is supported by a trace signal selection and grouping algorithm and a dynamic signal tracing method to evaluate the off-chip monitors. This paper presents the security capsule architecture, the signal selection and grouping algorithm, and the run-time signal tracing method. Results of using the methodology on two SoC architectures based on the OpenRISC-1200 and RISC-V processors are presented.

As a general interface for chip system testing and on-chip debugging, JTAG is facing serious security threats. By analyzing the typical JTAG attack model and security protection measures, this paper designs a secure JTAG debugging model based on Schnorr identity authentication protocol, and takes RISCV as an example to build a set of SoC prototype system to complete functional verification. Experiments show that this secure JTAG debugging model has high security, flexible implementation, and good portability. It can meet the JTAG security protection requirements in various application scenarios. The maximum clock frequency can reach 833MHZ, while the hardware overhead is only 47.93KGate.

Nowadays, the Network on Chip (NoC) is widely adopted by multi-core System on Chip (SoC) to meet its communication needs. With the gradual popularization of the Internet of Things (IoT), the application of NoC is increasing. Due to its distribution characteristics on the chip, NoC has gradually become the focus of potential security attacks. Denial of service (DoS) is a typical attack and it is caused by malicious intellectual property (IP) core with unnecessary data packets causing communication congestion and performance degradation. In this article, we propose a novel approach to detect DoS attacks on-line based on random forest algorithm, and detect the router where the attack enters the sensitive communication path. This method targets malicious third-party vendors to implant a DoS Hardware Trojan into the NoC. The data set is generated based on the behavior of multi-core routers triggered by normal and Hardware Trojans. The detection accuracy of the proposed scheme is in the range of 93% to 94%.

Network-on-chip (NoC) has become the standard communication fabric for on-chip components in modern System-on-chip (SoC) designs. Since NoC has visibility to all communications in the SoC, it has been one of the primary targets for security attacks. While packet encryption can provide secure communication, it can introduce unacceptable energy and performance overhead due to the resource-constrained nature of SoC designs. In this paper, we propose a lightweight encryption scheme that is implemented on the network interface. Our approach improves the performance of encryption without compromising security using incremental cryptography, which exploits the unique NoC traffic characteristics. Experimental results demonstrate that our proposed approach significantly (up to 57%, 30% on average) reduces the encryption time compared to traditional approaches with negligible (less than 2%) impact on area overhead.

Modern System-on-Chip (SoC) designs integrate a number of third party IPs (3PIPs) that coordinate and communicate through a Network-on-Chip (NoC) fabric to realize system functionality. An important class of SoC security attack involves a rogue IP tampering with the inter-IP communication. These attacks include message snoop, message mutation, message misdirection, IP masquerade, and message flooding. Static IP-level trust verification cannot protect against these SoC-level attacks. In this paper, we analyze the vulnerabilities of system level communication among IPs and develop a novel SoC security architecture that provides system resilience against exploitation by untrusted 3PIPs integrated over an NoC fabric. We show how to address the problem through a collection of fine-grained SoC security policies that enable on-the-fly monitoring and control of appropriate security-relevant events. Our approach, for the first time to our knowledge, provides an architecture-level solution for trusted SoC communication through run-time resilience in the presence of untrusted IPs. We demonstrate viability of our approach on a realistic SoC design through a series of attack models and show that our architecture incurs minimal to modest overhead in area, power, and system latency.

Dynamic Random Access Memory (DRAM) is widely used for data storage and, when a computer system is in operation, the DRAM can contain sensitive information such as passwords and cryptographic keys. Therefore, the DRAM is a prime target for hardware-based cryptanalytic attacks. These attacks can be performed in the supply chain to capture default key mechanisms enabling a later cyber attack or predisposition the system to remote effects. Two prominent attack classes against memory are the Cold Boot attack which recovers the data from the DRAM even after a supposed power-down and Rowhammer attack which violates memory integrity by influencing the stored bits to flip. In this paper, we propose an on-chip technique that obfuscates the memory addresses and data and provides a fast detect-response to defend against these hardware-based security attacks on DRAM. We advance the prior hardware security research by making two contributions. First, the key material is detected and erased before the Cold Boot attacker can extract the memory data. Second, our solution is on-chip and does not require nor depend on additional hardware or software which are open to additional supply chain attack vectors. We analyze the efficacy of our scheme through circuit simulation and compare the results to the previous mitigation approaches based on DRAM write operations. Our simulation and analysis results show that purging key information used for address and data randomization can be achieved much faster and with lower power than with typical DRAM write techniques used for sanitizing memory content. We demonstrate through circuit simulation of the key register design a technique that clears key information within 2.4ns which is faster by more than two orders magnitude compared to typical DRAM write operations for 180nm technology, and with a power consumption of 0.15 picoWatts.

Modern embedded systems include on-chip FPGA along with processors to meet the high computation demand by providing flexibility to users to add custom hardware accelerators. Any confidential or sensitive information may be processed by those custom accelerators or hardware Intellectual Properties (IPs). Existing accelerator usage models in embedded systems do not prevent illegal access to the IPs, which can be a severe security breach. In this paper, we present a hardware-software co-design approach for secured FPGA accelerated embedded system design. Our proposed security framework inherits Mandatory Access Control (MAC) based authentication policies running at software down to hardware accelerators in FPGA. It ensures secured processing of confidential data in the hardware to prevent software originated attacks at hardware IPs and information leaks. We have implemented a prototype of our proposed framework, which shows that it can be easily integrated while designing an embedded system with custom accelerator IPs. The experimental results show that the proposed framework establishes secured hardware execution with a negligible amount of area and performance overhead.