Abstract
Mobile devices are in roles where the integrity and confidentiality of their apps and data are of paramount importance. They usually contain a System-on-Chip (SoC), which integrates microprocessors and peripheral Intellectual Property (IP) connected by a Network-on-Chip (NoC). Malicious IP or software could compromise critical data. Some types of attacks can be blocked by controlling data transfers on the NoC using Memory Management Units (MMUs) and other access control mechanisms. However, commodity processors do not provide strong assurances regarding the correctness of such mechanisms, and it is challenging to verify that all access control mechanisms in the system are correctly configured. We propose a NoC Firewall (NoCF) that provides a single locus of control and is amenable to formal analysis. We demonstrate an initial analysis of its ability to resist malformed NoC commands, which we believe is the first effort to detect vulnerabilities that arise from NoC protocol violations perpetrated by erroneous or malicious IP.
M. LeMay was with the University of Illinois at Urbana-Champaign while performing the work described herein, but he was employed by Intel Corporation at the time of submission. The views expressed are those of the authors only.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Bluespec SystemVerilog overview. Technical report, Bluespec, Inc. (2006). http://www.bluespec.com/products/documents/BluespecSystemVerilogOverview.pdf
Arbaugh, W.A., Farber, D.J., Smith, J.M.: A secure and reliable bootstrap architecture. In: 18th IEEE Symposium on Security and Privacy, Oakland, CA, USA, pp. 65–71, May 1997
Arditi, L.: Formal verification: so many applications. In: Design Automation Conference on Electronic Chips & Systems Design Initiative 2010 Presentation, Anaheim, CA, USA, June 2010
Beaumont, M., Hopkins, B., Newby, T.: Hardware trojans - prevention, detection, countermeasures (A literature review). Technical report DSTO-TN-1012, DSTO Defence Science and Technology Organisation, Edinburgh, South Australia, July 2011. http://www.eetimes.com/author.asp?section_id=36&doc_id=1266011
Butler, S.: Managing IP quality in the SoC era. Electronic Engineering Times Europe p. 5, October 2011. http://www.wsj.com/articles/SB10001424052748704641604576255223445021138
Cheng, R.: So you want to use your iPhone for work? Uh-oh. Wall Street J., April 2011
Clavel, M., Durán, F., Eker, S., Lincoln, P., MartÃ-Oliet, N., Meseguer, J., Talcott, C.: Maude manual (version 2.6). Technical report, January 2011
Dalinger, I.: Formal Verification of a Processor with Memory Management Units. Saarland University, Saarbrücken (2006)
Goering, R.: Panelists discuss solutions to SoC IP integration challenges. Industry Insights - Cadence Community, May 2011
Gotze, K.: A survey of frequently identified vulnerabilities in commercial computing semiconductors. In: 4th IEEE International Symposium on Hardware-Oriented Security and Trust, pp. 122–126. HOST, San Diego (2011)
Huffmire, T., Brotherton, B., Wang, G., Sherwood, T., Kastner, R., Levin, T., Nguyen, T., Irvine, C.: Moats and drawbridges: an isolation primitive for reconfigurable hardware based systems. In: 28th IEEE Symposium on Security and Privacy, Oakland, CA, USA, pp. 281–295, May 2007
Huffmire, T., Irvine, C., Nguyen, T.D., Levin, T., Kastner, R., Sherwood, T.: Handbook of FPGA Design Security. Springer, The Netherlands (2010)
Klein, G., Elphinstone, K., Heiser, G., Andronick, J., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., Sewell, T., Tuch, H., Winwood, S.: seL4: formal verification of an OS kernel. In: 22nd ACM Symposium on Operating Systems Principles, SOSP, Big Sky, MT, USA, pp. 207–220, October 2009
LeMay, M., Gunter, C.A.: Network-on-chip firewall: countering defective and malicious system-on-chip hardware, April 2014. http://arxiv.org/abs/1404.3465
Li, X., Tiwari, M., Oberg, J.K., Kashyap, V., Chong, F.T., Sherwood, T., Hardekopf, B.: Caisson: a hardware description language for secure information flow. In: 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI, San Jose, CA, USA, pp. 109–120, June 2011
MartÃ-Oliet, N., Meseguer, J., Verdejo, A.: A rewriting semantics for Maude strategies. In: 7th International Workshop on Rewriting Logic and its Applications, WRLA, pp. 227–247. Elsevier, Budapest (2008)
Meredith, P., Katelman, M., Meseguer, J., Rosu, G.: A formal executable semantics of Verilog. In: 8th ACM/IEEE International Conference on Formal Methods and Models for Codesign, MemoCODE, Grenoble, France, pp. 179–188, July 2010
Katelman, M.K.: A Meta-Language for Functional Verification. Ph.D. Dissertation, University of Illinois at Urbana-Champaign, Urbana, Illinois (2011)
Mukherjee, S.S., Emer, J., Reinhardt, S.K.: The soft error problem: an architectural perspective. In: 11th International Symposium on High-Performance Computer Architecture, HPCA, pp. 243–247. IEEE, San Francisco (2005)
Nachenberg, C.: A window into mobile device security: examining the security approaches employed in Apple’s iOS and Google’s Android. Technical report, Symantec Security Response, June 2011
Richards, D., Lester, D.: A monadic approach to automated reasoning for Bluespec SystemVerilog. Innovations Syst. Softw. Eng. 7(2), 85–95 (2011). Springer
Schubert, E.T., Levitt, K., Cohen, G.C.: Formal verification of a set of memory management units. Contractor Report 189566, National Aeronautics and Space Administration, Hampton, VA, USA, March 1992
Seshadri, A., Luk, M., Qu, N., Perrig, A.: SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes. In: 21st ACM Symposium on Operating Systems Principles, SOSP, Stevenson, WA, USA, pp. 335–350, October 2007
Shimpi, A.L.: NVIDIA to acquire Icera, adds software baseband to its portfolio, May 2011. AnandTech.com
Szefer, J., Keller, E., Lee, R.B., Rexford, J.: Eliminating the hypervisor attack surface for a more secure cloud. In: 18th ACM Conference on Computer and Communications Security, CCS, Chicago, IL, USA, October 2011
Tiwari, M., Oberg, J.K., Li, X., Valamehr, J., Levin, T., Hardekopf, B., Kastner, R., Chong, F.T., Sherwood, T.: Crafting a usable microkernel, processor, and I/O system with strict and provable information flow security. In: 38th International Symposium on Computer Architecture, ISCA, pp. 189–200. ACM, San Jose (2011)
Villasenor, J.: Ensuring hardware cybersecurity. The Brookings Institution, May 2011
Volpano, D.: Towards provable security for multilevel reconfigurable hardware. Technical report, Naval Postgraduate School (2008)
Wassel, H.M.G., Gao, Y., Oberg, J.K., Huffmire, T., Kastner, R., Chong, F.T., Sherwood, T.: SurfNoC: a low latency and provably non-interfering approach to secure networks-on-chip. In: 40th International Symposium on Computer Architecture, ISCA, pp. 583–594. ACM, Tel-Aviv (2013)
Acknowledgments
This paper is dedicated to José Meseguer, whose work has inspired and formed the basis of so many studies like it.
The work was partially supported by HHS 90TR0003-01 (SHARPS) and NSF CNS 13-30491 (THaW). The views expressed are those of the authors only. We measured lines of code using David A. Wheeler’s ‘SLOCCount’.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
LeMay, M., Gunter, C.A. (2015). Network-on-Chip Firewall: Countering Defective and Malicious System-on-Chip Hardware. In: MartÃ-Oliet, N., Ölveczky, P., Talcott, C. (eds) Logic, Rewriting, and Concurrency. Lecture Notes in Computer Science(), vol 9200. Springer, Cham. https://doi.org/10.1007/978-3-319-23165-5_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-23165-5_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23164-8
Online ISBN: 978-3-319-23165-5
eBook Packages: Computer ScienceComputer Science (R0)